367fb7c42265bcbaa7b7c1624c534775_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

367fb7c42265bcbaa7b7c1624c534775_JaffaCakes118
Size

177KB
MD5

367fb7c42265bcbaa7b7c1624c534775
SHA1

1577ca4fae97a4784c9c7854055984d6c126c0e5
SHA256

b76fc3f1298b01c47da57251d11e2bfc5b5679cf5278a4b7119b284197bec440
SHA512

833fa22bbf380a1958b1931327f2116868de704454f62d456db283d96b9bbe80833bd338e845b1e885f7769366b7880d546240cf0ed88cbc6d6387df85235ab1
SSDEEP

3072:ltXe0v7oFE7a/HnOs/fttLHGBs5+HdUFxGgJz80ePzYezHdmAovQ/G8IfFFuK7:lNv7oFcS3mq5+H2780erHh0Nf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
367fb7c42265bcbaa7b7c1624c534775_JaffaCakes118

Files

367fb7c42265bcbaa7b7c1624c534775_JaffaCakes118
.exe windows:4 windows x86 arch:x86

42175e619299b06ff6f4e7b0854cf011

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathCombineW

ole32

CoUninitialize
CLSIDFromProgID
CoCreateInstance
CoTaskMemRealloc
StgOpenStorage
StgIsStorageFile
OleInitialize
OleLockRunning
StringFromGUID2
BindMoniker
CoTaskMemFree
GetRunningObjectTable
CreateStreamOnHGlobal
CoInitialize
OleUninitialize
CoInitializeSecurity
StgCreateDocfile
CoGetClassObject
CoTaskMemAlloc
CoSetProxyBlanket
CreateItemMoniker
CreateBindCtx
CLSIDFromString

kernel32

GetShortPathNameW
DisableThreadLibraryCalls
GetFileSize
SetFilePointer
ReadFile
GetProcessAffinityMask
CreateFileW
WriteFile
GlobalSize
MapViewOfFile
CreateFileA
GlobalAlloc
EnumResourceTypesA
WideCharToMultiByte
GetTickCount
CreateFileMappingA
UnmapViewOfFile
GetFileAttributesA
GlobalFree
LocalFree
Sleep
LocalAlloc
CloseHandle

winmm

timeGetTime
timeSetEvent

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

gdi32

BitBlt
RealizePalette
GetDeviceCaps
GetStockObject
CreateFontA
DeleteObject
CreateCompatibleDC
SelectPalette
CreateDIBSection
SelectObject
CreateSolidBrush
ExtEscape
GetObjectA
CreateCompatibleBitmap
SetStretchBltMode
DeleteDC
CreateDIBitmap
GetDIBits
StretchDIBits
SetBkMode

gdiplus

GdipAlloc
GdipGetImagePixelFormat
GdipDisposeImage
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipFree
GdipCloneImage

advapi32

CryptImportKey
RegCreateKeyExA
CryptReleaseContext
RegOpenKeyExA
CryptCreateHash
CryptHashData
RegQueryInfoKeyA
CryptDestroyHash
CryptAcquireContextA
CryptDestroyKey
RegEnumValueA
RegSetValueExA
RegEnumKeyExA
RegDeleteValueA
RegCloseKey
CryptEncrypt
RegQueryValueExA
CryptGetHashParam
RegDeleteKeyA

user32

MsgWaitForMultipleObjects
CreateWindowExA
GetWindowLongA
SetParent
FindWindowA
GetWindowRect
InvalidateRect
SendNotifyMessageA
SetCapture
SetRect
RegisterWindowMessageA
GetQueueStatus
IsChild
SetWindowLongA
EqualRect
GetDesktopWindow
CharNextA
EnumDisplayDevicesA
GetDlgItem
FillRect
GetSysColor
ReleaseDC
DestroyAcceleratorTable
LoadCursorA
GetActiveWindow
SendMessageA
BeginPaint
CreateDialogParamA
DestroyWindow
DispatchMessageA
PeekMessageA
ReleaseCapture
RedrawWindow
SetTimer
IsWindow
CopyRect
CreateAcceleratorTableA
SetWindowTextA
PostThreadMessageA
PostMessageA
GetWindowTextA
UnregisterClassA
GetDC
GetClassNameA
DefWindowProcA
SetFocus
MoveWindow
ShowWindow
GetClassInfoExA
InvalidateRgn
DrawTextA
GetFocus
KillTimer
GetWindow
SendMessageTimeoutA
wvsprintfA
GetWindowTextLengthA
EndPaint
wsprintfA
RegisterClassExA
CallWindowProcA
GetParent
GetClientRect
SetWindowPos

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeA
VerQueryValueA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42175e619299b06ff6f4e7b0854cf011

Headers

File Characteristics

Imports

shlwapi

ole32

kernel32

winmm

wininet

gdi32

gdiplus

advapi32

user32

setupapi

version

shell32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 68KB - Virtual size: 68KB

.tls Size: 1024B - Virtual size: 88KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 68KB - Virtual size: 68KB

.tls
Size: 1024B - Virtual size: 88KB