ff56b9d51829fd933cb9e55617bebb28_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ff56b9d51829fd933cb9e55617bebb28_JaffaCakes118
Size

193KB
MD5

ff56b9d51829fd933cb9e55617bebb28
SHA1

0ed03074fb00cf2103fce9217b80e9ff88775188
SHA256

bcfaae978a9bf55798bede10ba7851277f38fd7660f2acb6d89f201ab62fa058
SHA512

025eba343abfba9cdf7545f5303d25a72804eb06a5473f3758e8d27c981fa4e97d920742e2327056a887976444b15153498bfb4e1cd99ff85b8f6db52bc99b09
SSDEEP

6144:IP/SZjPMMy1PdI5kyGil/dd972ZnzolY:I2jzga5GGvY8lY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff56b9d51829fd933cb9e55617bebb28_JaffaCakes118

Files

ff56b9d51829fd933cb9e55617bebb28_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e1ff81b29ff15431820bbf50dc56c13e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

ole32

CreateStreamOnHGlobal
CoInitialize
CoTaskMemAlloc
StringFromGUID2
CoSetProxyBlanket
OleLockRunning
StgCreateDocfile
StgIsStorageFile
StgOpenStorage
CoGetClassObject
CoTaskMemRealloc
CoUninitialize
OleUninitialize
CoTaskMemFree
CoCreateInstance
GetRunningObjectTable
CoInitializeSecurity
OleInitialize
CLSIDFromProgID
CreateItemMoniker
BindMoniker
CreateBindCtx
CLSIDFromString

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

gdiplus

GdipDisposeImage
GdipCreateBitmapFromFile
GdipFree
GdipAlloc
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipCloneImage

advapi32

RegOpenKeyExA
RegEnumKeyExA
CryptReleaseContext
CryptDestroyKey
CryptAcquireContextA
CryptHashData
CryptDestroyHash
CryptEncrypt
RegSetValueExA
RegCreateKeyExA
CryptImportKey
RegEnumValueA
RegDeleteValueA
RegCloseKey
CryptCreateHash
CryptGetHashParam
RegQueryValueExA
RegQueryInfoKeyA
RegDeleteKeyA

winmm

timeGetTime
timeSetEvent

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueA

kernel32

GetShortPathNameW
LocalFree
UnmapViewOfFile
WideCharToMultiByte
GlobalFree
CreateFileMappingA
GetFileSize
GetProcessId
CreateFileA
MapViewOfFile
Sleep
EnumResourceTypesA
SetFilePointer
GlobalAlloc
ReadFile
GetFileAttributesA
DisableThreadLibraryCalls
LocalAlloc
WriteFile
GlobalSize
CreateFileW
GetTickCount
CloseHandle

user32

wvsprintfA
SetWindowTextA
MoveWindow
FindWindowA
GetWindowTextA
GetQueueStatus
GetSysColor
GetWindow
GetActiveWindow
EnumDisplayDevicesA
SetParent
KillTimer
RegisterWindowMessageA
DestroyWindow
SetCapture
GetWindowTextLengthA
SetWindowLongA
BeginPaint
CopyRect
LoadCursorA
GetWindowRect
EndPaint
CharNextA
SetRect
IsChild
ReleaseCapture
DestroyAcceleratorTable
GetClassInfoExA
FillRect
DefWindowProcA
DispatchMessageA
DrawTextA
CreateAcceleratorTableA
SendMessageA
InvalidateRect
PeekMessageA
GetClientRect
CallWindowProcA
RegisterClassExA
PostMessageA
EqualRect
SetFocus
GetParent
GetWindowLongA
MsgWaitForMultipleObjects
wsprintfA
GetDC
SetTimer
GetFocus
GetDlgItem
GetClassNameA
GetDesktopWindow
RedrawWindow
InvalidateRgn
ReleaseDC
UnregisterClassA
CreateWindowExA
ShowWindow
SendMessageTimeoutA
SendNotifyMessageA
PostThreadMessageA
IsWindow
CreateDialogParamA
SetWindowPos

gdi32

CreateDIBSection
CreateCompatibleBitmap
GetObjectA
SetStretchBltMode
SelectObject
CreateFontA
BitBlt
DeleteDC
CreateDIBitmap
CreateCompatibleDC
CreateSolidBrush
GetDIBits
RealizePalette
DeleteObject
GetDeviceCaps
SelectPalette
ExtEscape
GetStockObject
StretchDIBits
SetBkMode

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

shlwapi

PathFileExistsW
PathCombineW

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1ff81b29ff15431820bbf50dc56c13e

Headers

File Characteristics

Imports

shell32

ole32

wininet

gdiplus

advapi32

winmm

version

kernel32

user32

gdi32

setupapi

shlwapi

Sections

.text Size: 111KB - Virtual size: 111KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 75KB - Virtual size: 74KB

.tls Size: 1024B - Virtual size: 112KB

.text
Size: 111KB - Virtual size: 111KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 75KB - Virtual size: 74KB

.tls
Size: 1024B - Virtual size: 112KB