JaffaCakes118_b8a6eb54edb4571909829761bf053fc0

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_b8a6eb54edb4571909829761bf053fc0
Size

185KB
MD5

b8a6eb54edb4571909829761bf053fc0
SHA1

4d922ae5c964e404915814801965231cabd1fbe2
SHA256

6afd8279cd03cbd5ae3953cba4bcb956361e6cfc0ffde0a536c4ff6648e96dbd
SHA512

e52348c21c0bf38873673b279cafe583c14da20173c691677e094ac9a140455151d67f0c3ba1c2393c31409847fdefa8c9211399818695de9c718f8cc73598d7
SSDEEP

3072:qEP9Y//xDNBb9brg7NOUn5dMm9wFuCSiGbTRMI85+3kKS62CnyB1ZEPY:qs9Y//rBdrg7NL56VN0K50kO2CnyB1Zg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b8a6eb54edb4571909829761bf053fc0

Files

JaffaCakes118_b8a6eb54edb4571909829761bf053fc0
.exe windows:4 windows x86 arch:x86

2767314fbe27486bf221af8be7748ced

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipFree
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipDisposeImage
GdipAlloc
GdipCloneImage

user32

GetWindowLongA
DefWindowProcA
GetWindowTextLengthA
RegisterWindowMessageA
SetRect
GetSysColor
SetCapture
DestroyAcceleratorTable
SetWindowTextA
wvsprintfA
MsgWaitForMultipleObjects
GetWindow
ShowWindow
EndPaint
SetParent
UnregisterClassA
CharNextA
CreateAcceleratorTableA
GetActiveWindow
KillTimer
GetClientRect
RedrawWindow
GetDC
GetWindowTextA
CreateDialogParamA
DestroyWindow
DrawTextA
SetFocus
FillRect
ReleaseCapture
SetTimer
SetWindowLongA
MoveWindow
GetClassInfoExA
GetParent
InvalidateRect
ReleaseDC
CallWindowProcA
EnumDisplayDevicesA
IsChild
PostMessageA
InvalidateRgn
BeginPaint
GetDlgItem
PeekMessageA
CopyRect
GetDesktopWindow
SendNotifyMessageA
FindWindowA
SendMessageTimeoutA
GetFocus
SendMessageA
DispatchMessageA
RegisterClassExA
IsWindow
GetQueueStatus
LoadCursorA
GetWindowRect
wsprintfA
CreateWindowExA
PostThreadMessageA
EqualRect
GetClassNameA
SetWindowPos

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

version

VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

kernel32

SizeofResource
GetCurrentThreadId
GetDriveTypeW
InterlockedIncrement
GetSystemInfo
GlobalUnlock
QueryPerformanceCounter
LoadLibraryExA
LoadLibraryW
OutputDebugStringA
OutputDebugStringW
lstrcpyA
CreateThread
LocalFree
GetShortPathNameW
ExitProcess
OpenFileMappingA
CreateFileMappingA
CreateEventA
IsDBCSLeadByte
TerminateProcess
WideCharToMultiByte
GetACP
InitializeCriticalSection
SetThreadPriority
ReadFile
GetCurrentProcess
GetProcessAffinityMask
_llseek
VirtualProtect
lstrcmpA
MapViewOfFile
ResetEvent
LoadResource
MulDiv
IsBadWritePtr
GetFileAttributesW
SetEnvironmentVariableW
GetCurrentThread
RaiseException
CreateFileA
WaitForMultipleObjects
InterlockedDecrement
Beep
DeviceIoControl
VirtualAlloc
WaitForSingleObject
GetSystemTime
LoadLibraryA
IsDebuggerPresent
GlobalSize
CreateSemaphoreA
DeleteFileA
HeapFree
GetProcessHeap
GetModuleFileNameW
DeleteCriticalSection
EnumResourceTypesW
CloseHandle
WriteProcessMemory
GlobalAlloc
GlobalReAlloc
HeapAlloc
GetCurrentProcessId
VirtualFree
GetTempPathW
GetTempPathA
InterlockedExchange
GetFileAttributesA
GetSystemTimeAsFileTime
GetThreadLocale
GetProcAddress
GetThreadPriority
IsBadReadPtr
GetModuleHandleA
EnterCriticalSection
VirtualQuery
MultiByteToWideChar
GetModuleFileNameA
GlobalFree
SetEvent
GlobalLock
GetTickCount
LeaveCriticalSection
GetLocaleInfoA
lstrcmpiA
CreateDirectoryA
WriteFile
FreeLibrary
GetLastError
GetVersionExA
lstrlenA
CreateDirectoryW
FlushInstructionCache
Sleep
lstrcpynA
FindResourceA
GetVolumeInformationW
lstrlenW

ole32

CLSIDFromProgID
CoTaskMemRealloc
StringFromGUID2
CoTaskMemFree
CoGetClassObject
CoCreateInstance
StgOpenStorage
CoUninitialize
CreateStreamOnHGlobal
StgCreateDocfile
CoSetProxyBlanket
OleUninitialize
GetRunningObjectTable
CoTaskMemAlloc
StgIsStorageFile
OleInitialize
OleLockRunning
CreateBindCtx
CreateItemMoniker
CoInitialize
BindMoniker
CoInitializeSecurity
CLSIDFromString

gdi32

CreateFontA
GetDeviceCaps
DeleteDC
CreateDIBSection
GetStockObject
RealizePalette
BitBlt
DeleteObject
CreateDIBitmap
GetObjectA
SetStretchBltMode
ExtEscape
SelectObject
CreateCompatibleBitmap
StretchDIBits
CreateSolidBrush
SelectPalette
GetDIBits
CreateCompatibleDC
SetBkMode

winmm

timeGetTime
timeSetEvent

advapi32

CryptDestroyHash
RegEnumKeyExA
CryptHashData
CryptEncrypt
CryptCreateHash
RegQueryValueExA
CryptGetHashParam
CryptReleaseContext
RegQueryInfoKeyA
CryptImportKey
CryptAcquireContextA
CryptDestroyKey
RegDeleteValueA
RegEnumValueA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA

shlwapi

PathFileExistsW
PathCombineW

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2767314fbe27486bf221af8be7748ced

Headers

File Characteristics

Imports

gdiplus

user32

wininet

setupapi

version

shell32

kernel32

ole32

gdi32

winmm

advapi32

shlwapi

Sections

.text Size: 107KB - Virtual size: 106KB

.rdata Size: 7KB - Virtual size: 6KB

.bss Size: 69KB - Virtual size: 69KB

.tls Size: 1024B - Virtual size: 120KB

.text
Size: 107KB - Virtual size: 106KB

.rdata
Size: 7KB - Virtual size: 6KB

.bss
Size: 69KB - Virtual size: 69KB

.tls
Size: 1024B - Virtual size: 120KB