JaffaCakes118_6ee43bf19bf95f3ab11b196d341d824e

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6ee43bf19bf95f3ab11b196d341d824e
Size

201KB
MD5

6ee43bf19bf95f3ab11b196d341d824e
SHA1

25517c9d7beebc4be4fdb4f5061c9bb4bb3f0daa
SHA256

4c1c55cdaf838fa132a2e315038c6e5327b7afc6f331ec167e0c8d66ee2292a4
SHA512

eea92b73e108de4e136ad594d04ba8543cbe7742f22c2a7a7b4c7216bb2b48fc61b1b888d9fa9f996e3469c9b86f67ac9716f44faf161b9eda077411ba3b26d0
SSDEEP

3072:+959g9iOTU74GAwAorHDHSFXKY1CGLgRUnwxRYqj+hCoz3rTZlc0cXRfnzg:MgTTU74GAwAWHIaY0SW0hCoz3bRg0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6ee43bf19bf95f3ab11b196d341d824e

Files

JaffaCakes118_6ee43bf19bf95f3ab11b196d341d824e
.exe windows:4 windows x86 arch:x86

957ea2bc9f7c387a0fdb2856dd750654

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathCombineW

winmm

timeGetTime
timeSetEvent

gdiplus

GdipAlloc
GdipDisposeImage
GdipGetImagePixelFormat
GdipCreateBitmapFromFileICM
GdipFree
GdipCreateBitmapFromFile
GdipCloneImage

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

advapi32

CryptGetHashParam
CryptCreateHash
CryptDestroyHash
RegSetValueExA
RegOpenKeyExA
CryptReleaseContext
CryptEncrypt
RegCreateKeyExA
CryptHashData
CryptDestroyKey
RegQueryValueExA
CryptImportKey
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteValueA
RegCloseKey
CryptAcquireContextA
RegEnumValueA
RegDeleteKeyA

user32

GetClientRect
SetTimer
SetWindowLongA
MsgWaitForMultipleObjects
GetWindowTextA
PostMessageA
SendMessageA
PeekMessageA
EndPaint
GetParent
GetDC
LoadCursorA
GetWindowRect
InvalidateRect
PostThreadMessageA
KillTimer
SetFocus
GetClassInfoExA
DefWindowProcA
SetParent
wsprintfA
wvsprintfA
SendNotifyMessageA
RegisterWindowMessageA
SetCapture
EqualRect
CopyRect
DestroyAcceleratorTable
RegisterClassExA
GetWindow
GetSysColor
MoveWindow
GetQueueStatus
InvalidateRgn
SetRect
GetActiveWindow
BeginPaint
SendMessageTimeoutA
EnumDisplayDevicesA
GetFocus
GetWindowLongA
DrawTextA
GetDesktopWindow
CreateAcceleratorTableA
RedrawWindow
IsWindow
DispatchMessageA
FindWindowA
FillRect
DestroyWindow
CreateWindowExA
CreateDialogParamA
CallWindowProcA
ShowWindow
GetClassNameA
ReleaseCapture
UnregisterClassA
IsChild
SetWindowTextA
CharNextA
GetDlgItem
ReleaseDC
GetWindowTextLengthA
SetWindowPos

ole32

CLSIDFromProgID
StgOpenStorage
CoTaskMemAlloc
CoGetClassObject
CreateBindCtx
OleInitialize
CoInitialize
CreateItemMoniker
CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
OleUninitialize
CoTaskMemRealloc
StgIsStorageFile
StgCreateDocfile
OleLockRunning
GetRunningObjectTable
CreateStreamOnHGlobal
CoTaskMemFree
StringFromGUID2
BindMoniker
CoUninitialize
CLSIDFromString

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

kernel32

WriteFile
GetShortPathNameW
GetTickCount
CreateFileW
CreateFileMappingA
GetProcessAffinityMask
MapViewOfFile
WideCharToMultiByte
DisableThreadLibraryCalls
CreateFileA
EnumResourceTypesA
GetFileSize
GlobalSize
UnmapViewOfFile
LocalFree
Sleep
ReadFile
GetFileAttributesA
LocalAlloc
GlobalFree
SetFilePointer
GlobalAlloc
CloseHandle

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

gdi32

CreateCompatibleBitmap
CreateFontA
CreateSolidBrush
GetStockObject
BitBlt
CreateDIBSection
GetDeviceCaps
SetStretchBltMode
GetDIBits
RealizePalette
CreateCompatibleDC
StretchDIBits
GetObjectA
DeleteObject
SelectPalette
CreateDIBitmap
DeleteDC
SelectObject
ExtEscape
SetBkMode

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

957ea2bc9f7c387a0fdb2856dd750654

Headers

File Characteristics

Imports

shlwapi

winmm

gdiplus

wininet

advapi32

user32

ole32

setupapi

shell32

kernel32

version

gdi32

Sections

.text Size: 113KB - Virtual size: 113KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 81KB - Virtual size: 80KB

.tls Size: 1024B - Virtual size: 208KB

.text
Size: 113KB - Virtual size: 113KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 81KB - Virtual size: 80KB

.tls
Size: 1024B - Virtual size: 208KB