JaffaCakes118_11134cf29f26c3c71d9bc8f688917d24

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_11134cf29f26c3c71d9bc8f688917d24
Size

189KB
MD5

11134cf29f26c3c71d9bc8f688917d24
SHA1

bfe37dd025917915193c2a3d04319098961a935c
SHA256

4ef4a6c26e6c56ac837c7fffc665074a7ea4d963fb94faa8b18923196b0d499b
SHA512

72e3be07f792ce66bb6988462be50b3175ecc5ec3cffcfaa92ed4969eb587347e36dbe626e144e4e2c7a2cf2f91e806911a5256f5c8b0597c5f37472c6dcf8d6
SSDEEP

3072:vQ5ZZnsXW8hZkTPlHixwXhFmjOasDnDiDngLPr9aYoIe7ImxYUc5sM6T6QW:vqsmgEPlHQwX3QO68n8x7OUc5s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_11134cf29f26c3c71d9bc8f688917d24

Files

JaffaCakes118_11134cf29f26c3c71d9bc8f688917d24
.exe windows:4 windows x86 arch:x86

53d47fec6bc5ed2d36bfecabeab836f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgCreateDocfile
GetRunningObjectTable
BindMoniker
OleLockRunning
CoCreateInstance
CoTaskMemFree
CoUninitialize
CLSIDFromProgID
CreateBindCtx
StgOpenStorage
CreateStreamOnHGlobal
CoInitialize
CoSetProxyBlanket
CreateItemMoniker
CoInitializeSecurity
CoGetClassObject
OleUninitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
StgIsStorageFile
CLSIDFromString

version

GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueW
VerQueryValueA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

kernel32

GetShortPathNameW
LocalFree
LocalAlloc
GlobalAlloc
WideCharToMultiByte
DisableThreadLibraryCalls
GetProcessAffinityMask
UnmapViewOfFile
GlobalFree
MapViewOfFile
ReadFile
EnumResourceTypesA
Sleep
GetTickCount
GetFileSize
GetFileAttributesA
CreateFileA
WriteFile
GlobalSize
CreateFileW
CreateFileMappingA
SetFilePointer
CloseHandle

shlwapi

PathFileExistsW
PathCombineW

gdi32

StretchDIBits
CreateDIBSection
CreateCompatibleBitmap
CreateDIBitmap
GetStockObject
GetObjectA
DeleteObject
ExtEscape
CreateSolidBrush
CreateFontA
SelectObject
SelectPalette
BitBlt
CreateCompatibleDC
GetDeviceCaps
RealizePalette
DeleteDC
SetStretchBltMode
GetDIBits
SetBkMode

advapi32

RegQueryValueExA
RegCreateKeyExA
CryptEncrypt
CryptDestroyKey
CryptReleaseContext
RegCloseKey
CryptGetHashParam
CryptCreateHash
RegQueryInfoKeyA
RegEnumValueA
RegOpenKeyExA
CryptHashData
RegDeleteValueA
CryptImportKey
CryptDestroyHash
RegSetValueExA
CryptAcquireContextA
RegEnumKeyExA
RegDeleteKeyA

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

winmm

timeGetTime
timeSetEvent

user32

CallWindowProcA
GetSysColor
SetRect
GetQueueStatus
PeekMessageA
IsChild
SetFocus
CreateWindowExA
GetClientRect
InvalidateRect
SendNotifyMessageA
GetDesktopWindow
RedrawWindow
SetParent
PostMessageA
FillRect
PostThreadMessageA
DrawTextA
GetDC
DestroyAcceleratorTable
SendMessageTimeoutA
UnregisterClassA
ReleaseDC
CopyRect
GetDlgItem
DestroyWindow
SetWindowLongA
RegisterWindowMessageA
MsgWaitForMultipleObjects
LoadCursorA
GetClassInfoExA
ShowWindow
GetParent
EqualRect
BeginPaint
ReleaseCapture
EnumDisplayDevicesA
SendMessageA
GetClassNameA
GetActiveWindow
GetWindowTextA
wvsprintfA
CreateDialogParamA
CharNextA
IsWindow
DefWindowProcA
SetWindowTextA
GetWindow
CreateAcceleratorTableA
GetFocus
InvalidateRgn
MoveWindow
EndPaint
GetWindowLongA
wsprintfA
SetTimer
SetCapture
RegisterClassExA
KillTimer
GetWindowTextLengthA
GetWindowRect
FindWindowA
DispatchMessageA
SetWindowPos

gdiplus

GdipGetImagePixelFormat
GdipDisposeImage
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipFree
GdipAlloc
GdipCloneImage

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53d47fec6bc5ed2d36bfecabeab836f2

Headers

File Characteristics

Imports

ole32

version

setupapi

shell32

kernel32

shlwapi

gdi32

advapi32

wininet

winmm

user32

gdiplus

Sections

.text Size: 107KB - Virtual size: 106KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 75KB - Virtual size: 74KB

.tls Size: 1024B - Virtual size: 64KB

.text
Size: 107KB - Virtual size: 106KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 75KB - Virtual size: 74KB

.tls
Size: 1024B - Virtual size: 64KB