f0827f9c5e7e3beb30cf8e551edbf70a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f0827f9c5e7e3beb30cf8e551edbf70a_JaffaCakes118
Size

181KB
MD5

f0827f9c5e7e3beb30cf8e551edbf70a
SHA1

0ec1e2adbb351ac7c15afaaa2b331af810f1d4bb
SHA256

b51d37ce1d7cd6fca90dd426a2b769c05dabf85678b95a13767890df05a45700
SHA512

1711cb537296d21c0adbd0da057f14fc5bc9892b232ff4de555139342f7615ba8c6e532ca3717a5398d8eaff2ee35e3c2316736811bbfb20bd445dee9aef150d
SSDEEP

3072:5vhJBdRbxEXYh3EbWNJtkPh7LnE2K3oGZDGdtFnIJmzCH/pIqLMu:5vhJBdRbxEIF+8QhfE2KYGmJIJKCHxSu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0827f9c5e7e3beb30cf8e551edbf70a_JaffaCakes118

Files

f0827f9c5e7e3beb30cf8e551edbf70a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

62e1bd65d80b23948f0cc51a0b488068

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

ole32

CoSetProxyBlanket
StgOpenStorage
CreateItemMoniker
StgCreateDocfile
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoInitialize
BindMoniker
OleUninitialize
StgIsStorageFile
CoInitializeSecurity
CoUninitialize
GetRunningObjectTable
CLSIDFromProgID
CoGetClassObject
StringFromGUID2
CreateStreamOnHGlobal
CreateBindCtx
OleLockRunning
CoCreateInstance
OleInitialize
CLSIDFromString

user32

CharNextA
DefWindowProcA
GetClassInfoExA
GetWindowLongA
MsgWaitForMultipleObjects
FindWindowA
SendNotifyMessageA
SetCapture
CopyRect
GetClientRect
LoadCursorA
SetWindowLongA
MoveWindow
SendMessageTimeoutA
GetFocus
GetWindowTextA
IsWindow
ReleaseCapture
GetClassNameA
ReleaseDC
ShowWindow
GetDC
GetDlgItem
SetRect
IsChild
UnregisterClassA
GetWindowTextLengthA
GetSysColor
PeekMessageA
CallWindowProcA
GetQueueStatus
RegisterClassExA
InvalidateRect
SetParent
CreateAcceleratorTableA
CreateDialogParamA
GetWindow
CreateWindowExA
BeginPaint
DestroyAcceleratorTable
GetDesktopWindow
EndPaint
GetParent
FillRect
DrawTextA
KillTimer
InvalidateRgn
GetActiveWindow
RedrawWindow
SendMessageA
wvsprintfA
GetWindowRect
PostMessageA
DispatchMessageA
wsprintfA
SetFocus
DestroyWindow
EnumDisplayDevicesA
EqualRect
SetTimer
SetWindowTextA
PostThreadMessageA
RegisterWindowMessageA
SetWindowPos

gdi32

CreateDIBitmap
SelectObject
GetDeviceCaps
DeleteObject
StretchDIBits
CreateCompatibleBitmap
SetStretchBltMode
CreateDIBSection
ExtEscape
GetDIBits
BitBlt
CreateCompatibleDC
GetObjectA
SelectPalette
RealizePalette
CreateSolidBrush
GetStockObject
CreateFontA
DeleteDC
SetBkMode

winmm

timeGetTime
timeSetEvent

gdiplus

GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImagePixelFormat
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipCloneImage

advapi32

CryptDestroyHash
RegQueryValueExA
CryptGetHashParam
RegSetValueExA
RegCreateKeyExA
CryptHashData
RegDeleteValueA
CryptDestroyKey
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
CryptAcquireContextA
RegEnumKeyExA
CryptCreateHash
CryptEncrypt
RegCloseKey
CryptReleaseContext
CryptImportKey
RegDeleteKeyA

shlwapi

PathFileExistsW
PathCombineW

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

kernel32

CloseHandle
GetShortPathNameW
InterlockedDecrement
WideCharToMultiByte
lstrcpyA
GetThreadLocale
DeleteFileA
LoadLibraryW
FlushInstructionCache
LocalFree
GlobalReAlloc
HeapFree
lstrlenA
GetSystemInfo
lstrcmpA
OpenFileMappingA
GetProcessHeap
lstrcpynA
GetCurrentProcessId
TerminateProcess
ExitProcess
GetCurrentProcess
FreeLibrary
CreateDirectoryW
GetProcessAffinityMask
SizeofResource
OutputDebugStringW
EnterCriticalSection
DeviceIoControl
GetModuleHandleA
MulDiv
lstrcmpiA
MapViewOfFile
CreateThread
SetThreadPriority
LoadResource
GetModuleFileNameA
GlobalUnlock
WriteProcessMemory
CreateEventA
GetACP
GlobalFree
GlobalLock
IsBadWritePtr
Beep
VirtualProtect
GetLastError
GetSystemTime
FindResourceA
GetCurrentThread
Sleep
ResetEvent
GlobalAlloc
IsBadReadPtr
IsDBCSLeadByte
GetTickCount
_llseek
EnumResourceTypesW
HeapAlloc
GetLocaleInfoA
SetEvent
MultiByteToWideChar
DeleteCriticalSection
CreateDirectoryA
VirtualAlloc
GetDriveTypeW
GetFileAttributesA
GetVolumeInformationW
GetVersionExA
GetProcAddress
GetThreadPriority
GetCurrentThreadId
InterlockedIncrement
InterlockedExchange
IsDebuggerPresent
GetFileAttributesW
VirtualQuery
CreateSemaphoreA
OutputDebugStringA
QueryPerformanceCounter
ReadFile
GetTempPathA
VirtualFree
RaiseException
GetTempPathW
GetModuleFileNameW
WaitForSingleObject
WriteFile
GlobalSize
GetSystemTimeAsFileTime
LeaveCriticalSection
SetEnvironmentVariableW
CreateFileMappingA
InitializeCriticalSection
CreateFileA
LoadLibraryA
WaitForMultipleObjects
LoadLibraryExA
lstrlenW

version

VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerQueryValueA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62e1bd65d80b23948f0cc51a0b488068

Headers

File Characteristics

Imports

shell32

ole32

user32

gdi32

winmm

gdiplus

advapi32

shlwapi

wininet

kernel32

version

setupapi

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 7KB - Virtual size: 6KB

.bss Size: 72KB - Virtual size: 72KB

.tls Size: 1024B - Virtual size: 244KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 7KB - Virtual size: 6KB

.bss
Size: 72KB - Virtual size: 72KB

.tls
Size: 1024B - Virtual size: 244KB