e12bffa51c4d53eb39dd4c3224b7ed51_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e12bffa51c4d53eb39dd4c3224b7ed51_JaffaCakes118
Size

167KB
MD5

e12bffa51c4d53eb39dd4c3224b7ed51
SHA1

f8db74d1da5533dab5480860fe72f32810c78849
SHA256

be4e523f9d9dbace3b24150a555e0a8ee6ae087c8c61aea063294a89c67e6e90
SHA512

7a223176aa1c088903b98c500f406c5527edd02e6b5aedf484cfcd0412cc713db06dfefbe91b83271363cd8bb1e764852171eef4b5c92af3ca01ea69ebd42f82
SSDEEP

3072:wrWuwL6HhqOTAAz3MmteNwnBkiDMDLL4m+R00VmeRMafU+f+cNK41AVSBaPcF:wWL6HXRtZBkB+R0SEZ+ftNBvB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e12bffa51c4d53eb39dd4c3224b7ed51_JaffaCakes118

Files

e12bffa51c4d53eb39dd4c3224b7ed51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

269f3614d8c88b65342eee50e85dffb7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathCombineW

user32

MoveWindow
CreateWindowExA
SetTimer
SetRect
GetClassInfoExA
ReleaseDC
CallWindowProcA
FindWindowA
DispatchMessageA
SetParent
LoadCursorA
RedrawWindow
InvalidateRgn
GetSysColor
SendNotifyMessageA
EndPaint
GetActiveWindow
RegisterWindowMessageA
GetFocus
RegisterClassExA
CreateDialogParamA
ReleaseCapture
GetClassNameA
SetFocus
SendMessageTimeoutA
GetDesktopWindow
ShowWindow
PostThreadMessageA
wsprintfA
SetWindowLongA
BeginPaint
GetWindowLongA
UnregisterClassA
GetWindowTextLengthA
EqualRect
wvsprintfA
InvalidateRect
CreateAcceleratorTableA
CopyRect
SetCapture
PeekMessageA
GetWindow
IsChild
GetQueueStatus
PostMessageA
DrawTextA
DestroyAcceleratorTable
EnumDisplayDevicesA
MsgWaitForMultipleObjects
GetDlgItem
DestroyWindow
IsWindow
DefWindowProcA
FillRect
GetClientRect
SendMessageA
SetWindowTextA
GetWindowRect
GetWindowTextA
KillTimer
GetParent
CharNextA
GetDC
SetWindowPos

gdiplus

GdipAlloc
GdipFree
GdipDisposeImage
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipCloneImage

ole32

CoGetClassObject
CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity
CoTaskMemRealloc
CoUninitialize
StgCreateDocfile
CreateBindCtx
OleLockRunning
OleUninitialize
CoTaskMemAlloc
CreateStreamOnHGlobal
GetRunningObjectTable
StringFromGUID2
StgIsStorageFile
CLSIDFromProgID
BindMoniker
StgOpenStorage
OleInitialize
CoTaskMemFree
CoInitialize
CreateItemMoniker
CLSIDFromString

advapi32

CryptDestroyKey
RegOpenKeyExA
CryptCreateHash
CryptImportKey
CryptEncrypt
RegQueryValueExA
CryptGetHashParam
CryptHashData
RegCloseKey
RegEnumValueA
CryptAcquireContextA
RegSetValueExA
CryptDestroyHash
RegEnumKeyExA
RegQueryInfoKeyA
CryptReleaseContext
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

gdi32

CreateFontA
SetStretchBltMode
DeleteObject
CreateDIBSection
CreateDIBitmap
CreateCompatibleDC
SelectObject
ExtEscape
GetDeviceCaps
GetObjectA
GetStockObject
CreateSolidBrush
DeleteDC
BitBlt
CreateCompatibleBitmap
GetDIBits
RealizePalette
StretchDIBits
SelectPalette
SetBkMode

winmm

timeGetTime
timeSetEvent

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

version

GetFileVersionInfoSizeA
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

kernel32

LocalFree
GetShortPathNameW
UnmapViewOfFile
WideCharToMultiByte
MapViewOfFile
WriteFile
GetProcessAffinityMask
GlobalSize
CreateFileA
CreateFileMappingA
Sleep
GlobalFree
ReadFile
EnumResourceTypesW
GetFileSize
GetFileAttributesA
CreateFileW
GetTickCount
GlobalAlloc
DisableThreadLibraryCalls
LocalAlloc
SetFilePointer
CloseHandle

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

269f3614d8c88b65342eee50e85dffb7

Headers

File Characteristics

Imports

shlwapi

user32

gdiplus

ole32

advapi32

setupapi

gdi32

winmm

wininet

version

shell32

kernel32

Sections

.text Size: 95KB - Virtual size: 95KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 64KB - Virtual size: 64KB

.tls Size: 1024B - Virtual size: 96KB

.text
Size: 95KB - Virtual size: 95KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 64KB - Virtual size: 64KB

.tls
Size: 1024B - Virtual size: 96KB