JaffaCakes118_ca4e3112dcfe4a1676b3e0481373bc3a

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_ca4e3112dcfe4a1676b3e0481373bc3a
Size

186KB
MD5

ca4e3112dcfe4a1676b3e0481373bc3a
SHA1

74fdbb8ac02c95f34eba13836e500ff3d5a22bdf
SHA256

69cccd923fe291d146e1907b8b582fbef9bb815b74a1e8cee8dbfd3faf535e00
SHA512

0659093f48075a8e6f7c67d5db71b71577b5c6fbe7fcb5aefd57701730a6e299208dacc4d7f946686d47f98f19a9e1a171cde700ee784627fd9b8605e0dae6db
SSDEEP

3072:ScFOlegDlRzCJnKOewmoFMyJAlAxUV8zxmXwZW5+9OULXGDTGgDSNRWzgA1ml:ScFOlpr4DeNoFfgViWM8UqGX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_ca4e3112dcfe4a1676b3e0481373bc3a

Files

JaffaCakes118_ca4e3112dcfe4a1676b3e0481373bc3a
.exe windows:4 windows x86 arch:x86

cecc14a3417df5b6f557e76b8cb99637

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetShortPathNameW
GlobalFree
DisableThreadLibraryCalls
GetFileSize
GetProcessAffinityMask
GetTickCount
GlobalSize
CreateFileA
SetFilePointer
ReadFile
EnumResourceTypesA
LocalFree
CreateFileMappingA
CreateFileW
UnmapViewOfFile
GlobalAlloc
GetFileAttributesA
WriteFile
Sleep
MapViewOfFile
LocalAlloc
CloseHandle

advapi32

CryptDestroyHash
CryptEncrypt
RegCloseKey
CryptReleaseContext
RegQueryInfoKeyA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
CryptHashData
RegEnumValueA
RegQueryValueExA
CryptGetHashParam
CryptDestroyKey
CryptCreateHash
CryptAcquireContextA
CryptImportKey
RegDeleteValueA
RegDeleteKeyA

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoW
VerQueryValueA

user32

wvsprintfA
PostThreadMessageA
GetClientRect
CallWindowProcA
IsChild
ReleaseDC
GetDesktopWindow
PostMessageA
UnregisterClassA
InvalidateRgn
SetTimer
GetQueueStatus
MoveWindow
GetActiveWindow
GetWindowTextA
wsprintfA
LoadCursorA
SetWindowTextA
IsWindow
SetWindowLongA
DefWindowProcA
GetDC
GetWindowLongA
GetWindowTextLengthA
SetCapture
RegisterClassExA
SetFocus
RedrawWindow
CreateDialogParamA
GetDlgItem
GetFocus
GetClassInfoExA
CopyRect
PeekMessageA
GetWindow
DestroyAcceleratorTable
RegisterWindowMessageA
EnumDisplayDevicesA
ShowWindow
DestroyWindow
InvalidateRect
SendNotifyMessageA
GetSysColor
CreateWindowExA
SetParent
GetClassNameA
CharNextA
BeginPaint
GetWindowRect
DispatchMessageA
MsgWaitForMultipleObjects
DrawTextA
SendMessageA
KillTimer
EndPaint
CreateAcceleratorTableA
SetRect
GetParent
FillRect
EqualRect
FindWindowA
SendMessageTimeoutA
ReleaseCapture
SetWindowPos

gdiplus

GdipCreateBitmapFromFileICM
GdipAlloc
GdipGetImagePixelFormat
GdipDisposeImage
GdipCreateBitmapFromFile
GdipFree
GdipCloneImage

ole32

CLSIDFromProgID
StgCreateDocfile
CoTaskMemAlloc
StgIsStorageFile
CoUninitialize
GetRunningObjectTable
CoTaskMemRealloc
StgOpenStorage
CreateStreamOnHGlobal
CreateItemMoniker
CoSetProxyBlanket
OleLockRunning
CreateBindCtx
CoInitializeSecurity
OleUninitialize
BindMoniker
CoGetClassObject
StringFromGUID2
CoTaskMemFree
OleInitialize
CoInitialize
CoCreateInstance
CLSIDFromString

winmm

timeGetTime
timeSetEvent

gdi32

SelectPalette
StretchDIBits
DeleteObject
CreateSolidBrush
GetObjectA
SelectObject
CreateCompatibleDC
BitBlt
RealizePalette
GetDeviceCaps
CreateDIBitmap
CreateFontA
GetStockObject
CreateDIBSection
SetStretchBltMode
DeleteDC
GetDIBits
CreateCompatibleBitmap
ExtEscape
SetBkMode

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

shlwapi

PathFileExistsW
PathCombineW

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cecc14a3417df5b6f557e76b8cb99637

Headers

File Characteristics

Imports

kernel32

advapi32

version

user32

gdiplus

ole32

winmm

gdi32

shell32

setupapi

shlwapi

wininet

Sections

.text Size: 103KB - Virtual size: 103KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 76KB - Virtual size: 75KB

.tls Size: 1024B - Virtual size: 240KB

.text
Size: 103KB - Virtual size: 103KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 76KB - Virtual size: 75KB

.tls
Size: 1024B - Virtual size: 240KB