JaffaCakes118_6f885b5cf83063796df80de97896f57e

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6f885b5cf83063796df80de97896f57e
Size

178KB
MD5

6f885b5cf83063796df80de97896f57e
SHA1

7530ea982af3ed379ff8edb75d5656a7bd437ab8
SHA256

ab407357d168b1779cb6e2c9c978002c63c2708caba123f5ebc1aba99afe5cda
SHA512

267896d80011eb8499a86f61983e725eb9e025453cb9280e892d19ccf085ce294b5113560fd1da28e90797ab3cf31a62106e1f97bb63f262f2ef0ce7035d7b57
SSDEEP

3072:C2tNXiRKmPgTeVdH0bVr93DKkOwQm72+5/1E0J3MTpVh1zrCdDZxSx/iI:oKm8eV5eilma+5//NM9VTC1ZUB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6f885b5cf83063796df80de97896f57e

Files

JaffaCakes118_6f885b5cf83063796df80de97896f57e
.exe windows:4 windows x86 arch:x86

e70d481080039a9aec9e6af45c32cc75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipFree
GdipDisposeImage
GdipCreateBitmapFromFileICM
GdipAlloc
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipCloneImage

shlwapi

PathFileExistsW
PathCombineW

version

GetFileVersionInfoW
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

gdi32

CreateSolidBrush
CreateCompatibleBitmap
GetDIBits
CreateDIBitmap
GetDeviceCaps
CreateDIBSection
ExtEscape
RealizePalette
DeleteObject
GetObjectA
DeleteDC
GetStockObject
CreateFontA
BitBlt
CreateCompatibleDC
SelectObject
SetStretchBltMode
SelectPalette
StretchDIBits
SetBkMode

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

winmm

timeGetTime
timeSetEvent

user32

SetRect
SetParent
ReleaseDC
FillRect
CreateDialogParamA
PostThreadMessageA
CharNextA
FindWindowA
SetFocus
GetActiveWindow
wvsprintfA
IsChild
GetWindowRect
EndPaint
DispatchMessageA
GetDC
CopyRect
RegisterClassExA
GetDesktopWindow
EqualRect
SetCapture
RegisterWindowMessageA
GetClassInfoExA
GetWindowLongA
UnregisterClassA
SendNotifyMessageA
RedrawWindow
KillTimer
DestroyWindow
CallWindowProcA
GetParent
IsWindow
GetWindow
GetQueueStatus
SetTimer
BeginPaint
GetSysColor
SetWindowLongA
DefWindowProcA
GetClientRect
InvalidateRgn
DrawTextA
CreateAcceleratorTableA
GetWindowTextA
SendMessageTimeoutA
SetWindowTextA
EnumDisplayDevicesA
GetClassNameA
DestroyAcceleratorTable
InvalidateRect
wsprintfA
SendMessageA
MsgWaitForMultipleObjects
GetFocus
ShowWindow
PostMessageA
LoadCursorA
MoveWindow
ReleaseCapture
GetWindowTextLengthA
PeekMessageA
CreateWindowExA
GetDlgItem
SetWindowPos

kernel32

GlobalSize
GetShortPathNameW
GlobalFree
GetFileSize
ReadFile
CreateFileMappingA
SetFilePointer
GetProcessAffinityMask
WideCharToMultiByte
GetTickCount
EnumResourceTypesW
WriteFile
MapViewOfFile
CreateFileA
GlobalAlloc
CreateFileW
GetFileAttributesA
Sleep
LocalFree
UnmapViewOfFile
DisableThreadLibraryCalls
LocalAlloc
CloseHandle

advapi32

CryptAcquireContextA
RegSetValueExA
RegCloseKey
RegEnumValueA
RegOpenKeyExA
CryptDestroyKey
CryptDestroyHash
RegQueryInfoKeyA
CryptEncrypt
RegEnumKeyExA
CryptHashData
CryptImportKey
CryptGetHashParam
CryptCreateHash
RegQueryValueExA
RegCreateKeyExA
CryptReleaseContext
RegDeleteValueA
RegDeleteKeyA

ole32

CoSetProxyBlanket
CoGetClassObject
StgIsStorageFile
CreateItemMoniker
OleLockRunning
StgOpenStorage
GetRunningObjectTable
OleUninitialize
CreateBindCtx
CoInitializeSecurity
BindMoniker
StgCreateDocfile
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CLSIDFromProgID
CreateStreamOnHGlobal
StringFromGUID2
CoInitialize
CoCreateInstance
OleInitialize
CLSIDFromString

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e70d481080039a9aec9e6af45c32cc75

Headers

File Characteristics

Imports

gdiplus

shlwapi

version

setupapi

gdi32

shell32

winmm

user32

kernel32

advapi32

ole32

wininet

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 66KB - Virtual size: 66KB

.tls Size: 1024B - Virtual size: 372KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 66KB - Virtual size: 66KB

.tls
Size: 1024B - Virtual size: 372KB