d22ca23ee2393ca5525f25a5ada12d3e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d22ca23ee2393ca5525f25a5ada12d3e_JaffaCakes118
Size

180KB
MD5

d22ca23ee2393ca5525f25a5ada12d3e
SHA1

c2c994365ce4fe277575cfb0456d4c30d6425fc2
SHA256

f7e85d7dc28aa9eb1aa24ae4a8d2b9a024b1b1e8d1d76c82cdab0df2b330fca6
SHA512

976cc085c3b19ced7d62793421af09a83e1c7a5560790834284d2cd58e9c112dc6e824adca628b53de15d7f9b455c27d5fb4bff86d25ff40b180e4c729b13db9
SSDEEP

3072:btzuG5iiIaY7qQ1tBe5lo5/ozTCrHwKm4nVLAnrkglD7aRHJ+3:BCG5ZIaZAtGo5/g4nVLAnrHF3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d22ca23ee2393ca5525f25a5ada12d3e_JaffaCakes118

Files

d22ca23ee2393ca5525f25a5ada12d3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4dce6c0114a120ecd87d7b7a3d66bc64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
VerQueryValueA

kernel32

CreateFileA
GetShortPathNameW
MapViewOfFile
WideCharToMultiByte
CreateFileW
GlobalFree
DisableThreadLibraryCalls
GetProcessAffinityMask
LocalFree
CreateFileMappingA
GetFileSize
GetTickCount
SetFilePointer
EnumResourceTypesW
WriteFile
GetFileAttributesA
UnmapViewOfFile
Sleep
GlobalSize
GlobalAlloc
LocalAlloc
ReadFile
CloseHandle

user32

UnregisterClassA
PostThreadMessageA
FillRect
GetDC
SetParent
GetWindowTextA
GetParent
SetCapture
LoadCursorA
DrawTextA
DispatchMessageA
CharNextA
SetWindowTextA
DestroyWindow
ShowWindow
SetFocus
GetFocus
CreateWindowExA
GetClassNameA
SetWindowLongA
PostMessageA
RegisterWindowMessageA
IsWindow
wvsprintfA
DefWindowProcA
DestroyAcceleratorTable
SetTimer
MsgWaitForMultipleObjects
GetWindowRect
wsprintfA
CopyRect
InvalidateRgn
GetWindow
MoveWindow
SendNotifyMessageA
CreateDialogParamA
GetQueueStatus
RedrawWindow
GetActiveWindow
GetDesktopWindow
BeginPaint
SetRect
ReleaseCapture
GetDlgItem
PeekMessageA
IsChild
ReleaseDC
GetSysColor
CreateAcceleratorTableA
InvalidateRect
FindWindowA
GetWindowTextLengthA
SendMessageTimeoutA
EndPaint
GetClassInfoExA
GetWindowLongA
CallWindowProcA
RegisterClassExA
GetClientRect
SendMessageA
KillTimer
EqualRect
EnumDisplayDevicesA
SetWindowPos

gdiplus

GdipDisposeImage
GdipGetImagePixelFormat
GdipFree
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipAlloc
GdipCloneImage

ole32

CoSetProxyBlanket
StgCreateDocfile
GetRunningObjectTable
CoGetClassObject
CreateStreamOnHGlobal
StgOpenStorage
CLSIDFromProgID
StgIsStorageFile
CoCreateInstance
CreateBindCtx
CoInitialize
CreateItemMoniker
StringFromGUID2
CoInitializeSecurity
OleInitialize
OleUninitialize
CoTaskMemRealloc
CoTaskMemAlloc
OleLockRunning
CoTaskMemFree
CoUninitialize
BindMoniker
CLSIDFromString

gdi32

ExtEscape
CreateDIBitmap
SelectObject
GetStockObject
GetDeviceCaps
GetObjectA
SelectPalette
CreateCompatibleBitmap
GetDIBits
DeleteObject
StretchDIBits
RealizePalette
CreateFontA
DeleteDC
CreateDIBSection
BitBlt
CreateCompatibleDC
SetStretchBltMode
CreateSolidBrush
SetBkMode

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

winmm

timeGetTime
timeSetEvent

shlwapi

PathFileExistsW
PathCombineW

advapi32

RegCreateKeyExA
RegSetValueExA
CryptCreateHash
RegOpenKeyExA
CryptDestroyHash
RegEnumValueA
CryptHashData
CryptAcquireContextA
RegEnumKeyExA
CryptGetHashParam
RegDeleteValueA
CryptEncrypt
RegQueryInfoKeyA
CryptImportKey
CryptReleaseContext
RegQueryValueExA
RegCloseKey
CryptDestroyKey
RegDeleteKeyA

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4dce6c0114a120ecd87d7b7a3d66bc64

Headers

File Characteristics

Imports

wininet

setupapi

version

kernel32

user32

gdiplus

ole32

gdi32

shell32

winmm

shlwapi

advapi32

Sections

.text Size: 105KB - Virtual size: 105KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 67KB - Virtual size: 67KB

.tls Size: 1024B - Virtual size: 244KB

.text
Size: 105KB - Virtual size: 105KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 67KB - Virtual size: 67KB

.tls
Size: 1024B - Virtual size: 244KB