fb5796499b1c723e3caead8b24b70cbd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fb5796499b1c723e3caead8b24b70cbd_JaffaCakes118
Size

182KB
MD5

fb5796499b1c723e3caead8b24b70cbd
SHA1

09ac2ad13de31671ca76919cf77381081e1c6adb
SHA256

b21d50173ba7168e8d034c92dd318fcef281b9780b7f4413077166a8e68098d2
SHA512

0c91a8f707aaac735773a606569b0b5ab590c21b3404826d6c92aff47679b877a44019da73e23abf1de7be47bbe6e923e1440172d941a532d78e930626836382
SSDEEP

3072:/ZPv0fuWnVXboLY01H/UEznTnezl3UGdOdoAewWBASCTUPG9sF5csMEOvJJ:/9VCkY0J0ladxSqA2sMEI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb5796499b1c723e3caead8b24b70cbd_JaffaCakes118

Files

fb5796499b1c723e3caead8b24b70cbd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dfb1d10d7fd90cb16ef8c80f90e79677

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathCombineW

winmm

timeGetTime
timeSetEvent

user32

ShowWindow
CallWindowProcA
PostMessageA
GetClassNameA
CreateAcceleratorTableA
RedrawWindow
GetWindowTextLengthA
GetWindow
SendNotifyMessageA
SetCapture
GetParent
ReleaseCapture
ReleaseDC
LoadCursorA
GetActiveWindow
DefWindowProcA
EndPaint
DispatchMessageA
MsgWaitForMultipleObjects
GetWindowTextA
IsWindow
FindWindowA
CreateWindowExA
CharNextA
DestroyWindow
EnumDisplayDevicesA
SetFocus
SetParent
RegisterWindowMessageA
DrawTextA
GetDlgItem
GetClientRect
SetWindowLongA
SetTimer
GetSysColor
MoveWindow
IsChild
SetWindowTextA
wvsprintfA
RegisterClassExA
GetWindowLongA
wsprintfA
GetFocus
GetDesktopWindow
UnregisterClassA
InvalidateRect
FillRect
SendMessageA
GetQueueStatus
EqualRect
InvalidateRgn
GetDC
PostThreadMessageA
SendMessageTimeoutA
DestroyAcceleratorTable
CopyRect
CreateDialogParamA
GetWindowRect
KillTimer
GetClassInfoExA
BeginPaint
SetRect
PeekMessageA
SetWindowPos

advapi32

RegCloseKey
RegEnumKeyExA
CryptEncrypt
RegQueryInfoKeyA
RegCreateKeyExA
CryptCreateHash
RegOpenKeyExA
RegDeleteValueA
CryptAcquireContextA
CryptGetHashParam
CryptDestroyKey
RegSetValueExA
RegEnumValueA
CryptHashData
RegQueryValueExA
CryptImportKey
CryptReleaseContext
CryptDestroyHash
RegDeleteKeyA

gdiplus

GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipFree
GdipDisposeImage
GdipGetImagePixelFormat
GdipAlloc
GdipCloneImage

version

GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerQueryValueA

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

ole32

StringFromGUID2
OleLockRunning
StgCreateDocfile
OleInitialize
BindMoniker
CoInitialize
CLSIDFromProgID
CoUninitialize
OleUninitialize
StgIsStorageFile
CreateStreamOnHGlobal
CoTaskMemFree
GetRunningObjectTable
StgOpenStorage
CoCreateInstance
CoSetProxyBlanket
CreateItemMoniker
CoInitializeSecurity
CoTaskMemRealloc
CoGetClassObject
CoTaskMemAlloc
CreateBindCtx
CLSIDFromString

gdi32

GetDIBits
CreateDIBSection
GetObjectA
CreateCompatibleBitmap
CreateDIBitmap
SelectPalette
GetStockObject
SelectObject
CreateFontA
ExtEscape
DeleteObject
RealizePalette
DeleteDC
BitBlt
CreateSolidBrush
CreateCompatibleDC
GetDeviceCaps
SetStretchBltMode
StretchDIBits
SetBkMode

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

kernel32

ReadFile
UnmapViewOfFile
GetShortPathNameW
GlobalFree
CreateFileW
Sleep
LocalFree
GetProcessAffinityMask
LocalAlloc
WideCharToMultiByte
GetTickCount
EnumResourceTypesA
CreateFileMappingA
DisableThreadLibraryCalls
WriteFile
GetFileAttributesA
CreateFileA
GetFileSize
GlobalSize
GlobalAlloc
MapViewOfFile
SetFilePointer
CloseHandle

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfb1d10d7fd90cb16ef8c80f90e79677

Headers

File Characteristics

Imports

shlwapi

winmm

user32

advapi32

gdiplus

version

wininet

ole32

gdi32

setupapi

kernel32

shell32

Sections

.text Size: 105KB - Virtual size: 104KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 70KB - Virtual size: 69KB

.tls Size: 1024B - Virtual size: 236KB

.text
Size: 105KB - Virtual size: 104KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 70KB - Virtual size: 69KB

.tls
Size: 1024B - Virtual size: 236KB