9e2b82bfb34506f2be27dc72e60d1ada_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9e2b82bfb34506f2be27dc72e60d1ada_JaffaCakes118
Size

205KB
MD5

9e2b82bfb34506f2be27dc72e60d1ada
SHA1

2055f19fb876fa65f9afefa1c01a98dde3e6854f
SHA256

b6532ec8c314859c9b4b7b2ebf4cd9574276ab79f6f9b70635f229964727beae
SHA512

ccd51b6a483bc71cd92a5dc31d5c47e0e93e0ba3ed096840da72f34490dc75163992e123bc03e9da54acce4af5d4f47d51434388b3dac5630614a2350ab2abf1
SSDEEP

3072:o+LFiZXOV52w1Q6I+SplvsS+FN4w7x9x9lJ8viHRjzXyY6yhE1xOqjKz9Pj9gEyo:o+LAk72P+SPrU9DXqWxE+qgb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9e2b82bfb34506f2be27dc72e60d1ada_JaffaCakes118

Files

9e2b82bfb34506f2be27dc72e60d1ada_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c1b5c449a9dae5e2f280a3750fab355d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
CryptHashData
RegCloseKey
CryptDestroyHash
CryptImportKey
RegOpenKeyExA
RegEnumValueA
CryptCreateHash
CryptAcquireContextA
CryptGetHashParam
CryptReleaseContext
RegDeleteValueA
RegQueryValueExA
CryptDestroyKey
CryptEncrypt
RegCreateKeyExA
RegDeleteKeyA

gdi32

CreateSolidBrush
RealizePalette
SelectPalette
GetDIBits
StretchDIBits
DeleteDC
DeleteObject
GetStockObject
CreateFontA
GetObjectA
CreateCompatibleDC
GetDeviceCaps
SelectObject
CreateDIBSection
ExtEscape
CreateDIBitmap
BitBlt
SetStretchBltMode
CreateCompatibleBitmap
SetBkMode

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

gdiplus

GdipCreateBitmapFromFile
GdipFree
GdipAlloc
GdipCreateBitmapFromFileICM
GdipDisposeImage
GdipGetImagePixelFormat
GdipCloneImage

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

winmm

timeGetTime
timeSetEvent

kernel32

GetFileSize
GetShortPathNameW
ReadFile
SetFilePointer
GlobalAlloc
GetProcessAffinityMask
GlobalSize
Sleep
LocalFree
WriteFile
EnumResourceTypesA
UnmapViewOfFile
DisableThreadLibraryCalls
GlobalFree
CreateFileW
GetFileAttributesA
WideCharToMultiByte
LocalAlloc
MapViewOfFile
GetTickCount
CreateFileMappingA
CreateFileA
CloseHandle

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueW
VerQueryValueA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

shlwapi

PathFileExistsW
PathCombineW

ole32

OleLockRunning
GetRunningObjectTable
CoUninitialize
StringFromGUID2
CoGetClassObject
CoInitializeSecurity
CoTaskMemFree
CoSetProxyBlanket
CLSIDFromProgID
StgCreateDocfile
StgIsStorageFile
CoCreateInstance
CreateItemMoniker
CoInitialize
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
BindMoniker
CoTaskMemRealloc
StgOpenStorage
CoTaskMemAlloc
CreateBindCtx
CLSIDFromString

user32

ShowWindow
GetParent
IsChild
CopyRect
RegisterWindowMessageA
ReleaseCapture
DestroyAcceleratorTable
GetFocus
InvalidateRect
DrawTextA
GetClientRect
ReleaseDC
LoadCursorA
DispatchMessageA
SendMessageA
GetDC
wsprintfA
GetWindowLongA
MsgWaitForMultipleObjects
CallWindowProcA
CreateWindowExA
InvalidateRgn
GetActiveWindow
SetParent
EnumDisplayDevicesA
GetWindowTextA
SetFocus
DefWindowProcA
SetWindowTextA
GetClassNameA
EqualRect
GetQueueStatus
GetWindowRect
BeginPaint
CreateAcceleratorTableA
SetRect
GetWindowTextLengthA
PostThreadMessageA
GetSysColor
GetWindow
wvsprintfA
IsWindow
KillTimer
CharNextA
SetWindowLongA
CreateDialogParamA
GetDesktopWindow
DestroyWindow
SendNotifyMessageA
RedrawWindow
SendMessageTimeoutA
FindWindowA
PostMessageA
MoveWindow
FillRect
RegisterClassExA
EndPaint
SetTimer
UnregisterClassA
SetCapture
GetClassInfoExA
GetDlgItem
PeekMessageA
SetWindowPos

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1b5c449a9dae5e2f280a3750fab355d

Headers

File Characteristics

Imports

advapi32

gdi32

wininet

gdiplus

shell32

winmm

kernel32

version

setupapi

shlwapi

ole32

user32

Sections

.text Size: 113KB - Virtual size: 112KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 85KB - Virtual size: 84KB

.tls Size: 1024B - Virtual size: 336KB

.text
Size: 113KB - Virtual size: 112KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 85KB - Virtual size: 84KB

.tls
Size: 1024B - Virtual size: 336KB