JaffaCakes118_38ee2f7da145791409a8052e12f8e0cc

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_38ee2f7da145791409a8052e12f8e0cc
Size

185KB
MD5

38ee2f7da145791409a8052e12f8e0cc
SHA1

8dab844d542b9ed93356e7d0b0e41e787147786a
SHA256

a42c0cf23f69f6c17b690dd3f23084880353843bcd0f61d74415e2244a95950a
SHA512

962045f521c6508863ef13a3acfa638e8ca976a612cfc532266629a1f962d3c9f5c97a3cdc18310d28617b7f17b08d0b73e1ba86835322f4da1f19da0e35b849
SSDEEP

3072:nI/WCbUUXR2yKcKXZccIizTjQWxmnpy8HU31tllyp4tNM:nU1/2yKcWZnIi3jQGGMfBtNM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_38ee2f7da145791409a8052e12f8e0cc

Files

JaffaCakes118_38ee2f7da145791409a8052e12f8e0cc
.exe windows:4 windows x86 arch:x86

595d197975958a44c5eaf4fdb12f4b39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateDIBitmap
GetDeviceCaps
SelectPalette
GetStockObject
CreateCompatibleDC
SetStretchBltMode
CreateDIBSection
DeleteObject
CreateFontA
GetObjectA
CreateCompatibleBitmap
ExtEscape
BitBlt
StretchDIBits
SelectObject
GetDIBits
DeleteDC
CreateSolidBrush
RealizePalette
SetBkMode

winmm

timeGetTime
timeSetEvent

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

kernel32

CreateFileA
WriteFile
GetShortPathNameW
CreateFileW
GetTickCount
ReadFile
LocalAlloc
CreateFileMappingA
GetProcessAffinityMask
GlobalAlloc
Sleep
EnumResourceTypesW
GlobalFree
DisableThreadLibraryCalls
GetFileAttributesA
LocalFree
MapViewOfFile
GlobalSize
GetFileSize
UnmapViewOfFile
WideCharToMultiByte
SetFilePointer
CloseHandle

advapi32

CryptHashData
CryptGetHashParam
RegEnumKeyExA
CryptReleaseContext
CryptAcquireContextA
RegQueryInfoKeyA
CryptImportKey
CryptEncrypt
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
CryptDestroyKey
CryptDestroyHash
CryptCreateHash
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegSetValueExA
RegDeleteKeyA

version

VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

user32

GetFocus
SetTimer
BeginPaint
RegisterWindowMessageA
KillTimer
MoveWindow
GetWindowRect
SetWindowTextA
SetFocus
GetDC
ShowWindow
SendMessageA
GetWindowTextA
SendNotifyMessageA
EndPaint
SetRect
GetClassNameA
CreateWindowExA
PostThreadMessageA
CharNextA
UnregisterClassA
wsprintfA
PostMessageA
DrawTextA
CreateDialogParamA
GetClassInfoExA
GetDesktopWindow
GetParent
FindWindowA
FillRect
PeekMessageA
GetQueueStatus
DispatchMessageA
EnumDisplayDevicesA
GetSysColor
GetWindow
SetParent
InvalidateRgn
GetDlgItem
CallWindowProcA
IsWindow
LoadCursorA
GetClientRect
GetWindowTextLengthA
InvalidateRect
ReleaseCapture
CreateAcceleratorTableA
SendMessageTimeoutA
EqualRect
RedrawWindow
wvsprintfA
GetWindowLongA
CopyRect
DestroyAcceleratorTable
IsChild
GetActiveWindow
RegisterClassExA
ReleaseDC
DefWindowProcA
SetCapture
MsgWaitForMultipleObjects
SetWindowLongA
DestroyWindow
SetWindowPos

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

gdiplus

GdipCreateBitmapFromFile
GdipDisposeImage
GdipFree
GdipGetImagePixelFormat
GdipAlloc
GdipCreateBitmapFromFileICM
GdipCloneImage

shlwapi

PathFileExistsW
PathCombineW

ole32

CreateStreamOnHGlobal
CreateBindCtx
StringFromGUID2
OleUninitialize
StgCreateDocfile
CoUninitialize
StgIsStorageFile
CoGetClassObject
CLSIDFromProgID
CoInitializeSecurity
OleLockRunning
GetRunningObjectTable
CoInitialize
CreateItemMoniker
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoSetProxyBlanket
BindMoniker
StgOpenStorage
CoCreateInstance
CLSIDFromString

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

595d197975958a44c5eaf4fdb12f4b39

Headers

File Characteristics

Imports

gdi32

winmm

wininet

kernel32

advapi32

version

shell32

user32

setupapi

gdiplus

shlwapi

ole32

Sections

.text Size: 107KB - Virtual size: 107KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 71KB - Virtual size: 70KB

.tls Size: 1024B - Virtual size: 120KB

.text
Size: 107KB - Virtual size: 107KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 71KB - Virtual size: 70KB

.tls
Size: 1024B - Virtual size: 120KB