0f2d482774d8471e6228c0e31dc9c66f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0f2d482774d8471e6228c0e31dc9c66f_JaffaCakes118
Size

192KB
MD5

0f2d482774d8471e6228c0e31dc9c66f
SHA1

857090fdfc4a69e628a39a56a7e59fd10c32ebdc
SHA256

670b58603b79a687aad63830a4386a0fdd52be4ba101990d6ea4d95ed3dd9e8a
SHA512

cda3a071c4f76ba614b4e72323da2bb398a53eaf168f48696c741460e5abc7f6d7acfa2ce9e4e4d3dc7c188bb7475b316bd7b851356ce670038ddb2a9db4c384
SSDEEP

3072:aLkMrqcasfxEJ+Nmh+SQHOLWdxTHMdLwnisTQwwZlsbTVQ:aLGjsfCGmQHO4+2is0wembT6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f2d482774d8471e6228c0e31dc9c66f_JaffaCakes118

Files

0f2d482774d8471e6228c0e31dc9c66f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

020cd33554da064407d61ff5c069eed4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImagePixelFormat
GdipAlloc
GdipFree
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipDisposeImage
GdipCloneImage

user32

SetWindowLongA
PostMessageA
FindWindowA
GetClassNameA
EnumDisplayDevicesA
EqualRect
GetWindowTextA
GetWindowTextLengthA
wvsprintfA
GetQueueStatus
UnregisterClassA
InvalidateRect
CreateAcceleratorTableA
SetTimer
SetWindowTextA
ShowWindow
GetSysColor
CreateDialogParamA
SendMessageA
PostThreadMessageA
SendNotifyMessageA
FillRect
DestroyWindow
GetActiveWindow
wsprintfA
RedrawWindow
SetParent
GetDlgItem
RegisterClassExA
GetClassInfoExA
SendMessageTimeoutA
ReleaseDC
GetWindow
GetWindowRect
LoadCursorA
SetRect
GetClientRect
GetDC
CreateWindowExA
IsWindow
PeekMessageA
MsgWaitForMultipleObjects
RegisterWindowMessageA
IsChild
InvalidateRgn
BeginPaint
ReleaseCapture
GetDesktopWindow
DrawTextA
GetWindowLongA
KillTimer
SetFocus
MoveWindow
CallWindowProcA
SetCapture
EndPaint
DestroyAcceleratorTable
GetFocus
CopyRect
CharNextA
GetParent
DispatchMessageA
DefWindowProcA
SetWindowPos

kernel32

WriteFile
GetShortPathNameW
DisableThreadLibraryCalls
CreateFileW
WideCharToMultiByte
GetProcessAffinityMask
LocalFree
GlobalSize
GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileA
EnumResourceTypesA
GlobalAlloc
ReadFile
UnmapViewOfFile
GetFileAttributesA
GlobalFree
SetFilePointer
LocalAlloc
GetTickCount
Sleep
CloseHandle

gdi32

RealizePalette
CreateDIBSection
CreateCompatibleDC
CreateDIBitmap
GetObjectA
GetDeviceCaps
GetStockObject
CreateCompatibleBitmap
SelectPalette
SetStretchBltMode
BitBlt
CreateSolidBrush
DeleteObject
StretchDIBits
SelectObject
GetDIBits
ExtEscape
DeleteDC
CreateFontA
SetBkMode

ole32

OleUninitialize
BindMoniker
StgCreateDocfile
StgOpenStorage
CoInitialize
CoCreateInstance
CoTaskMemRealloc
CoGetClassObject
StgIsStorageFile
CreateStreamOnHGlobal
CreateBindCtx
CoSetProxyBlanket
OleInitialize
StringFromGUID2
CoUninitialize
CLSIDFromProgID
CoInitializeSecurity
GetRunningObjectTable
OleLockRunning
CreateItemMoniker
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString

shlwapi

PathFileExistsW
PathCombineW

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

version

GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

advapi32

CryptDestroyKey
RegSetValueExA
RegCloseKey
RegQueryInfoKeyA
CryptEncrypt
RegQueryValueExA
RegDeleteValueA
CryptCreateHash
RegEnumKeyExA
CryptHashData
CryptDestroyHash
RegOpenKeyExA
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA
RegEnumValueA
RegCreateKeyExA
CryptImportKey
RegDeleteKeyA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

winmm

timeGetTime
timeSetEvent

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

020cd33554da064407d61ff5c069eed4

Headers

File Characteristics

Imports

gdiplus

user32

kernel32

gdi32

ole32

shlwapi

wininet

setupapi

version

advapi32

shell32

winmm

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 76KB - Virtual size: 76KB

.tls Size: 1024B - Virtual size: 60KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 76KB - Virtual size: 76KB

.tls
Size: 1024B - Virtual size: 60KB