ddfa4f928766d6d3b9fecb5ff3a45933_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ddfa4f928766d6d3b9fecb5ff3a45933_JaffaCakes118
Size

184KB
MD5

ddfa4f928766d6d3b9fecb5ff3a45933
SHA1

9c6310571d9433ebd6fd1632bedad1afb005197d
SHA256

ee346dd69156098a2b3a4971fc78964b43158a194aaebb51d044083e9613b993
SHA512

44967e29a88d3ccd33383a61350a009754f30824910e65335428e56baee54550233feb1d3b3fee4f00bca2835a19069df60b832869f41b7f4cada84b5b6e4ecc
SSDEEP

3072:skNc8iH98POwCqdPbA/aNLIOvfZfHWSGHwp/jlaSCdCrksQzWkO4FO2Ysi2B:lqZ9SCGFLI4gU/jlanXuIgv2B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddfa4f928766d6d3b9fecb5ff3a45933_JaffaCakes118

Files

ddfa4f928766d6d3b9fecb5ff3a45933_JaffaCakes118
.exe windows:4 windows x86 arch:x86

728c528413d3d45a5f0a6f291ba3cbe5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
timeSetEvent

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

kernel32

GetTickCount
GetShortPathNameW
SetFilePointer
CreateFileA
UnmapViewOfFile
GlobalAlloc
WriteFile
GetProcessAffinityMask
MapViewOfFile
WideCharToMultiByte
EnumResourceTypesA
ReadFile
GlobalSize
LocalAlloc
CreateFileMappingA
GlobalFree
GetFileAttributesA
GetFileSize
DisableThreadLibraryCalls
Sleep
LocalFree
CreateFileW
CloseHandle

gdiplus

GdipGetImagePixelFormat
GdipCreateBitmapFromFileICM
GdipFree
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromFile
GdipCloneImage

version

GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueW
VerQueryValueA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryInfoKeyA
RegQueryValueExA
CryptHashData
CryptImportKey
RegDeleteValueA
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA
RegEnumValueA
CryptCreateHash
RegCreateKeyExA
CryptEncrypt
CryptDestroyKey
CryptDestroyHash
RegEnumKeyExA
RegSetValueExA
RegDeleteKeyA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

ole32

CoTaskMemFree
CLSIDFromProgID
StgIsStorageFile
OleLockRunning
OleInitialize
StgCreateDocfile
CreateStreamOnHGlobal
CreateBindCtx
OleUninitialize
CoTaskMemRealloc
CoInitialize
CoTaskMemAlloc
CoSetProxyBlanket
CoGetClassObject
GetRunningObjectTable
BindMoniker
StgOpenStorage
StringFromGUID2
CreateItemMoniker
CoUninitialize
CoInitializeSecurity
CoCreateInstance
CLSIDFromString

user32

CopyRect
SetParent
PostThreadMessageA
UnregisterClassA
ReleaseDC
ShowWindow
RedrawWindow
EqualRect
GetSysColor
MsgWaitForMultipleObjects
IsChild
SetRect
PeekMessageA
KillTimer
BeginPaint
DefWindowProcA
GetDlgItem
CreateWindowExA
RegisterWindowMessageA
LoadCursorA
ReleaseCapture
MoveWindow
SetWindowLongA
GetWindowTextA
FillRect
EnumDisplayDevicesA
DestroyAcceleratorTable
EndPaint
SetCapture
GetDC
PostMessageA
SetWindowTextA
DrawTextA
SendNotifyMessageA
RegisterClassExA
SendMessageTimeoutA
CallWindowProcA
GetClientRect
GetParent
GetFocus
SendMessageA
SetFocus
GetClassInfoExA
GetWindowLongA
GetWindowTextLengthA
GetQueueStatus
FindWindowA
wvsprintfA
CharNextA
GetWindowRect
GetWindow
CreateDialogParamA
IsWindow
InvalidateRect
DispatchMessageA
GetDesktopWindow
DestroyWindow
SetTimer
CreateAcceleratorTableA
GetActiveWindow
wsprintfA
InvalidateRgn
GetClassNameA
SetWindowPos

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

gdi32

CreateCompatibleDC
CreateSolidBrush
DeleteObject
RealizePalette
GetStockObject
BitBlt
CreateDIBSection
CreateDIBitmap
GetDeviceCaps
CreateCompatibleBitmap
SetStretchBltMode
StretchDIBits
ExtEscape
SelectObject
GetDIBits
CreateFontA
GetObjectA
DeleteDC
SelectPalette
SetBkMode

shlwapi

PathFileExistsW
PathCombineW

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

728c528413d3d45a5f0a6f291ba3cbe5

Headers

File Characteristics

Imports

winmm

setupapi

kernel32

gdiplus

version

advapi32

shell32

ole32

user32

wininet

gdi32

shlwapi

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 77KB - Virtual size: 77KB

.tls Size: 1024B - Virtual size: 368KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 77KB - Virtual size: 77KB

.tls
Size: 1024B - Virtual size: 368KB