2c27463cf59da0ebdaa476cfbfff7c41_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c27463cf59da0ebdaa476cfbfff7c41_JaffaCakes118
Size

170KB
MD5

2c27463cf59da0ebdaa476cfbfff7c41
SHA1

309ad21a1a00cddd41ade5680f63f702ad1cf728
SHA256

a7d437df12271facd6a5104f408077be475e6022cab06b25228f76ae4f4b613f
SHA512

ac9ea6a5144963db110b7f96269134b725a7a141f81acf1b54c33e8db72e143f676175817d8f72404df59d63c20bdd35d2a2eeeb6c2d8ef8b6745bf9bce7291c
SSDEEP

3072:yU0DcbR8TSeqV2DX+JLwya+6F0ETZfZm9HDni7SzMfuW7lKPrQ70HfS:yZn62DOhwxB/TdZmwmT+lKa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c27463cf59da0ebdaa476cfbfff7c41_JaffaCakes118

Files

2c27463cf59da0ebdaa476cfbfff7c41_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ff58e81ae9fe67a16e1fc885cd393e85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegQueryValueExA
CryptDestroyHash
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumValueA
CryptReleaseContext
CryptEncrypt
RegOpenKeyExA
CryptHashData
CryptAcquireContextA
RegCloseKey
CryptCreateHash
RegSetValueExA
RegDeleteValueA
CryptImportKey
CryptDestroyKey
CryptGetHashParam
RegDeleteKeyA

shlwapi

PathFileExistsW
PathCombineW

ole32

StgCreateDocfile
CreateBindCtx
CLSIDFromProgID
GetRunningObjectTable
CoCreateInstance
StgOpenStorage
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
StringFromGUID2
CreateStreamOnHGlobal
CoGetClassObject
CoUninitialize
CreateItemMoniker
CoTaskMemRealloc
CoInitialize
OleLockRunning
StgIsStorageFile
CoSetProxyBlanket
CoInitializeSecurity
OleUninitialize
BindMoniker
CLSIDFromString

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

kernel32

GetShortPathNameW
WideCharToMultiByte
WriteFile
CreateFileW
CreateFileMappingA
GetTickCount
CreateFileA
LocalAlloc
GetProcessAffinityMask
Sleep
SetFilePointer
GetFileSize
GlobalFree
EnumResourceTypesW
GlobalAlloc
UnmapViewOfFile
GetFileAttributesA
GlobalSize
LocalFree
MapViewOfFile
ReadFile
DisableThreadLibraryCalls
CloseHandle

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

user32

wsprintfA
CreateDialogParamA
DispatchMessageA
IsChild
GetSysColor
GetParent
InvalidateRgn
DestroyWindow
ShowWindow
GetWindow
RegisterClassExA
ReleaseDC
GetDlgItem
GetWindowLongA
SetParent
GetWindowTextA
KillTimer
SetFocus
DefWindowProcA
UnregisterClassA
GetClassNameA
DrawTextA
PostMessageA
CreateWindowExA
RegisterWindowMessageA
IsWindow
LoadCursorA
CharNextA
wvsprintfA
CreateAcceleratorTableA
GetDesktopWindow
GetWindowTextLengthA
EnumDisplayDevicesA
GetDC
GetQueueStatus
GetClientRect
SendNotifyMessageA
BeginPaint
EndPaint
FindWindowA
SetCapture
SendMessageA
GetActiveWindow
MoveWindow
GetFocus
SetWindowLongA
SetWindowTextA
CallWindowProcA
GetWindowRect
InvalidateRect
SetTimer
PeekMessageA
EqualRect
PostThreadMessageA
SetRect
SendMessageTimeoutA
ReleaseCapture
MsgWaitForMultipleObjects
CopyRect
GetClassInfoExA
RedrawWindow
DestroyAcceleratorTable
FillRect
SetWindowPos

gdiplus

GdipCreateBitmapFromFile
GdipFree
GdipGetImagePixelFormat
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromFileICM
GdipCloneImage

winmm

timeGetTime
timeSetEvent

gdi32

CreateSolidBrush
RealizePalette
GetDeviceCaps
SetStretchBltMode
DeleteDC
BitBlt
GetStockObject
StretchDIBits
SelectObject
CreateCompatibleDC
CreateDIBSection
DeleteObject
GetObjectA
CreateFontA
SelectPalette
CreateCompatibleBitmap
GetDIBits
ExtEscape
CreateDIBitmap
SetBkMode

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
VerQueryValueA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff58e81ae9fe67a16e1fc885cd393e85

Headers

File Characteristics

Imports

advapi32

shlwapi

ole32

shell32

kernel32

wininet

user32

gdiplus

winmm

gdi32

version

setupapi

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 62KB - Virtual size: 62KB

.tls Size: 1024B - Virtual size: 96KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 62KB - Virtual size: 62KB

.tls
Size: 1024B - Virtual size: 96KB