d077f08bd4e96093e2c69b2b55584cb9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d077f08bd4e96093e2c69b2b55584cb9_JaffaCakes118
Size

181KB
MD5

d077f08bd4e96093e2c69b2b55584cb9
SHA1

56d724cf1896c36737c72eded051367d0f9163be
SHA256

b733bbc4c5832102aa384d2d88f5d28e4bf4d7bbbd5842041e24254886417599
SHA512

9ed62d7228431b2dafbb2fc210750991a7981e461f7c286467945ae1ab22043e53603b235e8c45478350f54fd8b15e24dc6e5bdbf98d20f2315ea2343c0f7635
SSDEEP

3072:pKlhX7F8wY65Bh5OQnxLELVHxmnu14h7E1i2zSSodvElh:UXXCJ8BhSGClluMj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d077f08bd4e96093e2c69b2b55584cb9_JaffaCakes118

Files

d077f08bd4e96093e2c69b2b55584cb9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9244f9e0666263bb2516efde7f2ff348

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

RealizePalette
DeleteObject
GetObjectA
GetStockObject
ExtEscape
CreateDIBitmap
CreateCompatibleBitmap
CreateSolidBrush
CreateDIBSection
StretchDIBits
GetDIBits
BitBlt
SetStretchBltMode
DeleteDC
SelectPalette
CreateCompatibleDC
CreateFontA
SelectObject
GetDeviceCaps
SetBkMode

ole32

GetRunningObjectTable
CreateItemMoniker
OleInitialize
CoTaskMemFree
StgOpenStorage
OleUninitialize
StgCreateDocfile
CoSetProxyBlanket
OleLockRunning
CoTaskMemAlloc
CoInitialize
CoGetClassObject
BindMoniker
StgIsStorageFile
CoCreateInstance
CoInitializeSecurity
CoUninitialize
CreateStreamOnHGlobal
CoTaskMemRealloc
CLSIDFromProgID
CreateBindCtx
StringFromGUID2
CLSIDFromString

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

version

VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA

advapi32

RegDeleteValueA
CryptDestroyHash
CryptEncrypt
CryptImportKey
RegQueryValueExA
RegEnumKeyExA
RegCloseKey
RegEnumValueA
RegOpenKeyExA
CryptReleaseContext
CryptHashData
RegQueryInfoKeyA
RegCreateKeyExA
CryptDestroyKey
RegSetValueExA
CryptGetHashParam
CryptCreateHash
CryptAcquireContextA
RegDeleteKeyA

gdiplus

GdipDisposeImage
GdipFree
GdipCreateBitmapFromFile
GdipAlloc
GdipGetImagePixelFormat
GdipCreateBitmapFromFileICM
GdipCloneImage

kernel32

CreateFileMappingA
GetShortPathNameW
UnmapViewOfFile
ReadFile
GetFileSize
GetProcessAffinityMask
GlobalSize
LocalFree
CreateFileA
GlobalFree
WriteFile
EnumResourceTypesW
WideCharToMultiByte
Sleep
GetFileAttributesA
GetTickCount
MapViewOfFile
SetFilePointer
CreateFileW
LocalAlloc
GlobalAlloc
DisableThreadLibraryCalls
CloseHandle

winmm

timeGetTime
timeSetEvent

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

user32

DestroyAcceleratorTable
RedrawWindow
CreateWindowExA
PeekMessageA
IsChild
GetWindowTextA
CallWindowProcA
ReleaseDC
SetParent
GetWindowTextLengthA
SetFocus
CreateAcceleratorTableA
GetClientRect
EnumDisplayDevicesA
BeginPaint
GetWindowLongA
RegisterClassExA
GetQueueStatus
PostMessageA
wsprintfA
GetSysColor
ShowWindow
wvsprintfA
EndPaint
UnregisterClassA
SetCapture
FillRect
GetParent
GetWindow
LoadCursorA
SetWindowLongA
FindWindowA
GetClassInfoExA
InvalidateRgn
EqualRect
PostThreadMessageA
SendMessageA
GetDlgItem
CopyRect
GetClassNameA
IsWindow
GetDesktopWindow
SetTimer
CreateDialogParamA
InvalidateRect
GetDC
KillTimer
MoveWindow
GetWindowRect
MsgWaitForMultipleObjects
GetActiveWindow
ReleaseCapture
DestroyWindow
DispatchMessageA
CharNextA
SendNotifyMessageA
GetFocus
DrawTextA
SetRect
SendMessageTimeoutA
DefWindowProcA
SetWindowTextA
RegisterWindowMessageA
SetWindowPos

shlwapi

PathFileExistsW
PathCombineW

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9244f9e0666263bb2516efde7f2ff348

Headers

File Characteristics

Imports

gdi32

ole32

wininet

version

advapi32

gdiplus

kernel32

winmm

shell32

user32

shlwapi

setupapi

Sections

.text Size: 103KB - Virtual size: 103KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 71KB - Virtual size: 70KB

.tls Size: 1024B - Virtual size: 72KB

.text
Size: 103KB - Virtual size: 103KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 71KB - Virtual size: 70KB

.tls
Size: 1024B - Virtual size: 72KB