JaffaCakes118_af1eb05955695b7ae48159ebfe7bedcf

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_af1eb05955695b7ae48159ebfe7bedcf
Size

185KB
MD5

af1eb05955695b7ae48159ebfe7bedcf
SHA1

1633c9285340104a15c263d3af421f1234588011
SHA256

a3b65e93c36bce079acc6bee3b8a17a86cf71e12b6dee5eea5c83995f2f67348
SHA512

3da8f8c4bbe833af36fa9b10304cef47eed146901c627b74e16f137e4cc2cf7b234b606ab33985414a2d452309305bdbda60b2e8a8d9a0e99d613f3b4e83563f
SSDEEP

3072:hy0arkKVRRdMp9q7kAtLs3C1BM56I4YAJmMwzhHhx58zorhVpc+2KIET+CIA9B:ja3HdMpA7koLWwBMH47WB30oFVpcAx+i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_af1eb05955695b7ae48159ebfe7bedcf

Files

JaffaCakes118_af1eb05955695b7ae48159ebfe7bedcf
.exe windows:4 windows x86 arch:x86

086a7c0729d3f4b5c9fd56d076c484eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExA
RegCloseKey
RegQueryInfoKeyA
CryptDestroyHash
RegQueryValueExA
CryptReleaseContext
CryptEncrypt
RegCreateKeyExA
CryptDestroyKey
CryptHashData
RegSetValueExA
RegOpenKeyExA
RegEnumValueA
CryptCreateHash
CryptImportKey
CryptAcquireContextA
RegDeleteValueA
CryptGetHashParam
RegDeleteKeyA

version

GetFileVersionInfoA
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueA

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

winmm

timeGetTime
timeSetEvent

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

shlwapi

PathFileExistsW
PathCombineW

gdi32

StretchDIBits
SelectPalette
GetDeviceCaps
RealizePalette
GetStockObject
ExtEscape
GetObjectA
GetDIBits
CreateFontA
DeleteDC
CreateSolidBrush
CreateDIBitmap
DeleteObject
BitBlt
CreateCompatibleBitmap
CreateDIBSection
SelectObject
CreateCompatibleDC
SetStretchBltMode
SetBkMode

ole32

GetRunningObjectTable
CoTaskMemAlloc
OleInitialize
CoSetProxyBlanket
StringFromGUID2
CLSIDFromProgID
CoTaskMemRealloc
StgOpenStorage
CoUninitialize
OleUninitialize
BindMoniker
OleLockRunning
StgIsStorageFile
CreateItemMoniker
CoInitialize
StgCreateDocfile
CreateBindCtx
CoTaskMemFree
CreateStreamOnHGlobal
CoGetClassObject
CoInitializeSecurity
CoCreateInstance
CLSIDFromString

kernel32

GetShortPathNameW
WideCharToMultiByte
Sleep
CreateFileA
DisableThreadLibraryCalls
GlobalAlloc
LocalAlloc
GetProcessAffinityMask
MapViewOfFile
GlobalFree
GetFileSize
EnumResourceTypesA
GlobalSize
LocalFree
CreateFileW
GetFileAttributesA
UnmapViewOfFile
CreateFileMappingA
GetTickCount
WriteFile
ReadFile
SetFilePointer
CloseHandle

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

user32

GetActiveWindow
RegisterClassExA
RegisterWindowMessageA
KillTimer
DrawTextA
GetParent
DispatchMessageA
GetWindow
CallWindowProcA
SendMessageA
CreateDialogParamA
MoveWindow
GetWindowTextA
SetWindowLongA
EndPaint
GetFocus
UnregisterClassA
GetWindowRect
EqualRect
ReleaseDC
SetTimer
GetDC
BeginPaint
SetFocus
ShowWindow
SetWindowTextA
CreateWindowExA
MsgWaitForMultipleObjects
GetClassInfoExA
PostThreadMessageA
ReleaseCapture
FillRect
DefWindowProcA
GetWindowLongA
InvalidateRgn
GetQueueStatus
PeekMessageA
SetParent
PostMessageA
GetClientRect
SendNotifyMessageA
FindWindowA
GetDesktopWindow
GetWindowTextLengthA
wsprintfA
LoadCursorA
SetCapture
DestroyAcceleratorTable
RedrawWindow
CreateAcceleratorTableA
wvsprintfA
GetSysColor
CharNextA
SendMessageTimeoutA
GetDlgItem
IsChild
SetRect
InvalidateRect
IsWindow
EnumDisplayDevicesA
GetClassNameA
CopyRect
DestroyWindow
SetWindowPos

gdiplus

GdipCreateBitmapFromFileICM
GdipFree
GdipDisposeImage
GdipCreateBitmapFromFile
GdipAlloc
GdipGetImagePixelFormat
GdipCloneImage

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

086a7c0729d3f4b5c9fd56d076c484eb

Headers

File Characteristics

Imports

advapi32

version

wininet

winmm

shell32

shlwapi

gdi32

ole32

kernel32

setupapi

user32

gdiplus

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 75KB - Virtual size: 74KB

.tls Size: 1024B - Virtual size: 368KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 75KB - Virtual size: 74KB

.tls
Size: 1024B - Virtual size: 368KB