e1cfabd400713b2926a8217f5c63e830_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e1cfabd400713b2926a8217f5c63e830_JaffaCakes118
Size

174KB
MD5

e1cfabd400713b2926a8217f5c63e830
SHA1

f6e820e18302bd03d019d666ccbebfc047e854de
SHA256

b685112151dac91b905e135bc7013f4f3a0b864bc0ea1f21e40007f749474384
SHA512

cdacf68e5e1c681ddc367c6afec58725ebec5a6158536d16a669192e2aacb17424b1ec0ac2cc26c53416d58a628547fd206cd171e246f2edcfc6351c9908fb00
SSDEEP

3072:V+XGV3JIxczDgznrwD5UTVCmif0J6L3/bhwoyjsdwU1dwG2zFv8BPlaXd:V+WVZIxczDGEDSTpJ6L3+0SxSPl2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1cfabd400713b2926a8217f5c63e830_JaffaCakes118

Files

e1cfabd400713b2926a8217f5c63e830_JaffaCakes118
.exe windows:4 windows x86 arch:x86

109baab1d0306160c918cdb17820b5fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

user32

GetActiveWindow
EqualRect
DefWindowProcA
GetDlgItem
InvalidateRect
SetCapture
SetParent
CopyRect
wvsprintfA
BeginPaint
CreateDialogParamA
GetWindowLongA
RedrawWindow
KillTimer
SetWindowLongA
SendMessageA
DestroyWindow
MoveWindow
GetWindow
EndPaint
SetTimer
GetDC
LoadCursorA
DestroyAcceleratorTable
CreateWindowExA
GetWindowTextA
GetClassInfoExA
PostThreadMessageA
PostMessageA
GetSysColor
GetDesktopWindow
FindWindowA
RegisterClassExA
ReleaseDC
GetWindowTextLengthA
ShowWindow
GetClientRect
PeekMessageA
EnumDisplayDevicesA
GetFocus
InvalidateRgn
SendNotifyMessageA
SetWindowTextA
ReleaseCapture
GetQueueStatus
GetWindowRect
IsChild
UnregisterClassA
SendMessageTimeoutA
CharNextA
CallWindowProcA
SetFocus
wsprintfA
DrawTextA
RegisterWindowMessageA
DispatchMessageA
FillRect
SetRect
CreateAcceleratorTableA
GetClassNameA
MsgWaitForMultipleObjects
IsWindow
GetParent
SetWindowPos

advapi32

CryptAcquireContextA
RegSetValueExA
RegCreateKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey
CryptDestroyKey
RegEnumKeyExA
CryptImportKey
RegOpenKeyExA
RegQueryValueExA
CryptReleaseContext
CryptGetHashParam
RegQueryInfoKeyA
CryptEncrypt
CryptDestroyHash
CryptHashData
CryptCreateHash
RegDeleteKeyA

shlwapi

PathFileExistsW
PathCombineW

winmm

timeGetTime
timeSetEvent

ole32

CoTaskMemFree
CreateBindCtx
OleLockRunning
OleUninitialize
CreateItemMoniker
CoTaskMemAlloc
CoInitializeSecurity
GetRunningObjectTable
CoSetProxyBlanket
CoUninitialize
StgCreateDocfile
BindMoniker
CLSIDFromProgID
CoTaskMemRealloc
CoGetClassObject
OleInitialize
CoCreateInstance
CreateStreamOnHGlobal
StgOpenStorage
StringFromGUID2
StgIsStorageFile
CoInitialize
CLSIDFromString

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

kernel32

WriteFile
GetFileSize
GetLongPathNameW
ReadFile
GlobalSize
GetTickCount
GlobalFree
Sleep
GetProcessId
SetFilePointer
CreateFileW
WideCharToMultiByte
CreateFileA
EnumResourceTypesA
LocalFree
LocalAlloc
DisableThreadLibraryCalls
GetFileAttributesA
MapViewOfFile
GlobalAlloc
UnmapViewOfFile
CreateFileMappingA
CloseHandle

gdi32

StretchDIBits
SelectObject
CreateDIBitmap
SelectPalette
CreateFontA
GetObjectA
CreateCompatibleBitmap
RealizePalette
GetDeviceCaps
CreateSolidBrush
DeleteObject
SetStretchBltMode
GetStockObject
GetDIBits
CreateDIBSection
BitBlt
CreateCompatibleDC
ExtEscape
DeleteDC
SetBkMode

version

GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
VerQueryValueA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

gdiplus

GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromFile
GdipFree
GdipCloneImage

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

109baab1d0306160c918cdb17820b5fd

Headers

File Characteristics

Imports

setupapi

user32

advapi32

shlwapi

winmm

ole32

wininet

kernel32

gdi32

version

shell32

gdiplus

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 66KB - Virtual size: 66KB

.tls Size: 1024B - Virtual size: 88KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 66KB - Virtual size: 66KB

.tls
Size: 1024B - Virtual size: 88KB