JaffaCakes118_7989142c320daaaff9b4ef00393f0c1d

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_7989142c320daaaff9b4ef00393f0c1d
Size

192KB
MD5

7989142c320daaaff9b4ef00393f0c1d
SHA1

8c99d429c2c1d7190adc7c6ecd8184cb307f0b43
SHA256

8c7557664f097c9cdf55ee281f71a17b69204d56fcb0592b82f74340ffe03f6a
SHA512

dd6de3c524e6b78554e46d96ae88db9da855bc13f932d0c64817204cb17a6290c9f2cc2c2ee5be70c11fc6c57ddc4a75414a1051f05d0f485ddda0888aec826c
SSDEEP

3072:o7uHYiIzubg6s2ed48K5vEUnsWYkFq6pQxKx0V5r3oqdNWO7OI3anb/u9n5Z1Mhh:omYsbBK48Y8MYv6p+b3HWIULubXM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7989142c320daaaff9b4ef00393f0c1d

Files

JaffaCakes118_7989142c320daaaff9b4ef00393f0c1d
.exe windows:4 windows x86 arch:x86

892c161ee9fdeff69327585cb1aff5bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipAlloc
GdipGetImagePixelFormat
GdipDisposeImage
GdipFree
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipCloneImage

advapi32

RegEnumKeyExA
RegQueryValueExA
RegSetValueExA
CryptImportKey
CryptEncrypt
CryptDestroyHash
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA
CryptDestroyKey
RegQueryInfoKeyA
RegCloseKey
CryptAcquireContextA
CryptGetHashParam
CryptReleaseContext
CryptHashData
RegEnumValueA
CryptCreateHash
RegDeleteKeyA

winmm

timeGetTime
timeSetEvent

ole32

CoSetProxyBlanket
CoCreateInstance
OleLockRunning
StgOpenStorage
CreateItemMoniker
BindMoniker
StgCreateDocfile
CoTaskMemRealloc
GetRunningObjectTable
StringFromGUID2
StgIsStorageFile
CreateStreamOnHGlobal
OleInitialize
CoTaskMemAlloc
CreateBindCtx
OleUninitialize
CoTaskMemFree
CoGetClassObject
CoUninitialize
CLSIDFromProgID
CoInitializeSecurity
CoInitialize
CLSIDFromString

user32

wvsprintfA
EqualRect
RegisterClassExA
SetWindowLongA
wsprintfA
DestroyWindow
GetClientRect
MsgWaitForMultipleObjects
LoadCursorA
ReleaseCapture
SetTimer
GetWindowTextA
DestroyAcceleratorTable
IsWindow
SendMessageA
ShowWindow
SetParent
PostThreadMessageA
BeginPaint
DrawTextA
GetWindowRect
CopyRect
DispatchMessageA
GetQueueStatus
PeekMessageA
ReleaseDC
GetClassInfoExA
CreateAcceleratorTableA
MoveWindow
DefWindowProcA
EndPaint
GetParent
UnregisterClassA
InvalidateRgn
SetWindowTextA
FillRect
GetWindowLongA
GetDesktopWindow
GetSysColor
GetDC
SendMessageTimeoutA
CreateWindowExA
SetCapture
GetWindow
GetActiveWindow
GetFocus
EnumDisplayDevicesA
GetDlgItem
GetClassNameA
CallWindowProcA
SetFocus
GetWindowTextLengthA
InvalidateRect
RegisterWindowMessageA
SendNotifyMessageA
CreateDialogParamA
PostMessageA
FindWindowA
IsChild
RedrawWindow
KillTimer
SetRect
CharNextA
SetWindowPos

shlwapi

PathFileExistsW
PathCombineW

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

kernel32

GetShortPathNameW
DisableThreadLibraryCalls
GetTickCount
WriteFile
CreateFileMappingA
GetProcessAffinityMask
GetFileSize
SetFilePointer
MapViewOfFile
Sleep
UnmapViewOfFile
LocalFree
WideCharToMultiByte
EnumResourceTypesW
GlobalAlloc
GetFileAttributesA
LocalAlloc
GlobalFree
CreateFileW
CreateFileA
GlobalSize
ReadFile
CloseHandle

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

gdi32

GetObjectA
CreateFontA
CreateSolidBrush
GetStockObject
SelectPalette
SelectObject
GetDeviceCaps
DeleteDC
SetStretchBltMode
CreateCompatibleBitmap
RealizePalette
StretchDIBits
CreateCompatibleDC
ExtEscape
GetDIBits
DeleteObject
CreateDIBitmap
CreateDIBSection
BitBlt
SetBkMode

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

892c161ee9fdeff69327585cb1aff5bf

Headers

File Characteristics

Imports

gdiplus

advapi32

winmm

ole32

user32

shlwapi

shell32

wininet

kernel32

version

setupapi

gdi32

Sections

.text Size: 109KB - Virtual size: 109KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 75KB - Virtual size: 75KB

.tls Size: 1024B - Virtual size: 220KB

.text
Size: 109KB - Virtual size: 109KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 75KB - Virtual size: 75KB

.tls
Size: 1024B - Virtual size: 220KB