f5576812ee23becc3594973b5860564f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5576812ee23becc3594973b5860564f_JaffaCakes118
Size

186KB
MD5

f5576812ee23becc3594973b5860564f
SHA1

5db6b4d18445b675503f6f484496dd6ba0583942
SHA256

da9249945e44bee2a600d14ea5f7568e41380e5aa854e10bde686bb3a28847db
SHA512

cd3fb335c171f8fe843e4409c02958e772e8950692b1ee0f99758d6e5f8f48438e9c23a81d0e8d753c624d9b9aede2528c3b95daebb29a33558fafaed1a3507d
SSDEEP

3072:uyptswwc95MOkBTJ2/RbslU3XFFNRQpuwDpvKIbJmXwI6kTf9FcQZ2sllcGtGg2:ntswwik2/xsGrPQdCIbJaf9deg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5576812ee23becc3594973b5860564f_JaffaCakes118

Files

f5576812ee23becc3594973b5860564f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

23024cb706b12152130736789c5e413b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
GetDC
GetFocus
SetWindowLongA
GetDlgItem
CopyRect
GetQueueStatus
FindWindowA
InvalidateRect
GetWindowTextA
GetWindowTextLengthA
MsgWaitForMultipleObjects
IsChild
ReleaseDC
ShowWindow
RegisterWindowMessageA
FillRect
UnregisterClassA
SetParent
IsWindow
wvsprintfA
RegisterClassExA
SetFocus
BeginPaint
RedrawWindow
PostThreadMessageA
DispatchMessageA
GetWindowLongA
LoadCursorA
GetWindowRect
KillTimer
SetCapture
CallWindowProcA
SendMessageTimeoutA
CreateDialogParamA
CreateWindowExA
MoveWindow
EnumDisplayDevicesA
ReleaseCapture
SetRect
EqualRect
GetClassInfoExA
DrawTextA
SetWindowTextA
CreateAcceleratorTableA
GetClientRect
PostMessageA
InvalidateRgn
DestroyAcceleratorTable
EndPaint
SendMessageA
GetParent
SetTimer
GetClassNameA
DefWindowProcA
wsprintfA
GetSysColor
GetWindow
GetActiveWindow
PeekMessageA
SendNotifyMessageA
GetDesktopWindow
DestroyWindow
SetWindowPos

gdi32

DeleteObject
GetObjectA
BitBlt
CreateCompatibleBitmap
CreateSolidBrush
DeleteDC
SelectPalette
StretchDIBits
CreateCompatibleDC
SetStretchBltMode
RealizePalette
CreateDIBitmap
GetDeviceCaps
CreateFontA
GetDIBits
ExtEscape
GetStockObject
SelectObject
CreateDIBSection
SetBkMode

ole32

StgCreateDocfile
OleLockRunning
OleUninitialize
CreateBindCtx
CoGetClassObject
CoUninitialize
StgOpenStorage
StringFromGUID2
CoInitializeSecurity
CoInitialize
CoSetProxyBlanket
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemRealloc
GetRunningObjectTable
CoTaskMemAlloc
BindMoniker
StgIsStorageFile
CLSIDFromProgID
CreateItemMoniker
OleInitialize
CLSIDFromString

winmm

timeGetTime
timeSetEvent

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

kernel32

Sleep
UnmapViewOfFile
GetLongPathNameW
LocalAlloc
GlobalFree
WideCharToMultiByte
GetProcessId
DisableThreadLibraryCalls
ReadFile
LocalFree
GetTickCount
CreateFileW
GlobalSize
EnumResourceTypesA
GetFileSize
WriteFile
CreateFileA
GetFileAttributesA
SetFilePointer
CreateFileMappingA
MapViewOfFile
GlobalAlloc
CloseHandle

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

shlwapi

PathFileExistsW
PathCombineW

advapi32

RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
CryptReleaseContext
RegCreateKeyExA
CryptEncrypt
RegQueryInfoKeyA
RegEnumValueA
CryptAcquireContextA
RegDeleteValueA
CryptDestroyKey
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
RegQueryValueExA
CryptImportKey
RegSetValueExA
RegDeleteKeyA

gdiplus

GdipAlloc
GdipFree
GdipDisposeImage
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipCloneImage

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23024cb706b12152130736789c5e413b

Headers

File Characteristics

Imports

user32

gdi32

ole32

winmm

setupapi

kernel32

shell32

version

wininet

shlwapi

advapi32

gdiplus

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 76KB - Virtual size: 76KB

.tls Size: 1024B - Virtual size: 236KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 76KB - Virtual size: 76KB

.tls
Size: 1024B - Virtual size: 236KB