JaffaCakes118_6e706049da909ebae3e3ad358384a260

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6e706049da909ebae3e3ad358384a260
Size

173KB
MD5

6e706049da909ebae3e3ad358384a260
SHA1

6fa5aff04f089386ed0c24a45517d510ab223118
SHA256

fb08474a1383c9f17135322c869b3377e21170862105f1c137ffc7510263709a
SHA512

3de7d2eac1b2e6866eceb281f69b0de7e5c8293bbabcf323fcfdf872d88d126e7f6285c4f78c5b3fa80682438439b1ae59c7b93c7b733a5a34d181da24ded791
SSDEEP

3072:uPO4Wj4iN//v/J6W0oQEXQN3d68W0arM9wDoprGEP+63NGaMbtwT:uPO4Wj3N//wHoQEXQN3SZyz+w0aW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6e706049da909ebae3e3ad358384a260

Files

JaffaCakes118_6e706049da909ebae3e3ad358384a260
.exe windows:4 windows x86 arch:x86

43bc3ba90f7c23700bffc21da8357e68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueA
CryptGetHashParam
RegCreateKeyExA
CryptHashData
RegQueryValueExA
RegDeleteValueA
CryptDestroyHash
RegSetValueExA
RegQueryInfoKeyA
CryptDestroyKey
RegCloseKey
CryptEncrypt
CryptReleaseContext
RegOpenKeyExA
CryptImportKey
CryptAcquireContextA
RegEnumKeyExA
CryptCreateHash
RegDeleteKeyA

gdiplus

GdipAlloc
GdipFree
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipDisposeImage
GdipCloneImage

user32

ShowWindow
KillTimer
PeekMessageA
EnumDisplayDevicesA
GetActiveWindow
CreateWindowExA
FillRect
RedrawWindow
CreateDialogParamA
IsChild
wvsprintfA
GetDC
DestroyWindow
GetWindowLongA
GetClassInfoExA
GetParent
GetWindow
GetDlgItem
InvalidateRgn
GetWindowRect
SendMessageA
CreateAcceleratorTableA
GetClassNameA
GetSysColor
PostMessageA
EndPaint
SetRect
SetTimer
EqualRect
RegisterClassExA
GetQueueStatus
InvalidateRect
LoadCursorA
IsWindow
UnregisterClassA
PostThreadMessageA
SetWindowTextA
CharNextA
CallWindowProcA
MoveWindow
FindWindowA
RegisterWindowMessageA
BeginPaint
SendMessageTimeoutA
GetWindowTextLengthA
GetWindowTextA
GetClientRect
SendNotifyMessageA
ReleaseDC
DestroyAcceleratorTable
GetDesktopWindow
DispatchMessageA
SetParent
DefWindowProcA
SetCapture
GetFocus
SetWindowLongA
wsprintfA
SetFocus
MsgWaitForMultipleObjects
ReleaseCapture
CopyRect
DrawTextA
SetWindowPos

kernel32

GetShortPathNameW
WideCharToMultiByte
DisableThreadLibraryCalls
GlobalAlloc
Sleep
CreateFileA
GetTickCount
GetFileSize
GetProcessAffinityMask
GlobalSize
EnumResourceTypesA
GlobalFree
CreateFileMappingA
CreateFileW
ReadFile
GetFileAttributesA
UnmapViewOfFile
WriteFile
LocalFree
MapViewOfFile
SetFilePointer
LocalAlloc
CloseHandle

shlwapi

PathFileExistsW
PathCombineW

winmm

timeGetTime
timeSetEvent

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueA

gdi32

DeleteObject
ExtEscape
CreateDIBSection
GetStockObject
SelectObject
GetDIBits
CreateSolidBrush
SelectPalette
SetStretchBltMode
GetObjectA
GetDeviceCaps
RealizePalette
CreateDIBitmap
StretchDIBits
CreateCompatibleBitmap
BitBlt
DeleteDC
CreateCompatibleDC
CreateFontA
SetBkMode

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

ole32

CoTaskMemRealloc
OleUninitialize
CreateStreamOnHGlobal
CoTaskMemFree
StringFromGUID2
CLSIDFromProgID
CoGetClassObject
GetRunningObjectTable
CoInitialize
CreateItemMoniker
CoUninitialize
StgOpenStorage
CoSetProxyBlanket
OleInitialize
CoCreateInstance
OleLockRunning
CoInitializeSecurity
BindMoniker
StgIsStorageFile
CoTaskMemAlloc
CreateBindCtx
StgCreateDocfile
CLSIDFromString

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43bc3ba90f7c23700bffc21da8357e68

Headers

File Characteristics

Imports

advapi32

gdiplus

user32

kernel32

shlwapi

winmm

version

gdi32

wininet

setupapi

shell32

ole32

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 71KB - Virtual size: 70KB

.tls Size: 1024B - Virtual size: 92KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 71KB - Virtual size: 70KB

.tls
Size: 1024B - Virtual size: 92KB