ec27656de273f30f4124de1c3fd1a24a_JaffaCakes118

General

Target

ec27656de273f30f4124de1c3fd1a24a_JaffaCakes118
Size

197KB
MD5

ec27656de273f30f4124de1c3fd1a24a
SHA1

7666c48a9c2df4d4ef617c590786267dca9e2abf
SHA256

e06b7d345e3d73767ec0caaae6cf4e1780163968afa1d2e145519c297441135e
SHA512

4f2db17250e412c95027b085a5fdfc52d9d9600c9a8c75f9bd9b246d873e4e726a7d2b6d60a50728104379812921a165caa1db38617fdb24d79626db4ce5680c
SSDEEP

6144:yWfI3ub2rIsRycnMc6zlPF+o1L0LAB9Q+aNgh:1fOPUsRjvgl4yL0LiQ+KI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec27656de273f30f4124de1c3fd1a24a_JaffaCakes118

Files

ec27656de273f30f4124de1c3fd1a24a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fe2800627b0328d66a8fb058b3ab5c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CryptReleaseContext
CryptHashData
CryptGetHashParam
RegQueryValueExA
CryptDestroyKey
CryptEncrypt
CryptDestroyHash
RegEnumValueA
RegEnumKeyExA
RegCreateKeyExA
GetUserNameA
RegDeleteValueA
RegOpenKeyExA
CryptCreateHash
CryptImportKey
RegSetValueExA
RegCloseKey

user32

PeekMessageA
MsgWaitForMultipleObjects
DispatchMessageA
PostThreadMessageA
GetQueueStatus
RegisterWindowMessageA
RealGetWindowClassA
DestroyWindow
wsprintfA
ReleaseDC
ShowWindow
GetDesktopWindow
GetDC
CreateDialogParamA
wvsprintfA

kernel32

GetLastError
CreateFiberEx
IsBadReadPtr
SetThreadPriority
CancelIo
GetSystemTime
WaitForMultipleObjects
EnumResourceNamesW
GetThreadPriority
GetTickCount
GetACP
GetCurrentThread
GetCurrentThreadId
FlushFileBuffers
VirtualFree
CreateSemaphoreA

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

winmm

timeGetTime
timeSetEvent

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fe2800627b0328d66a8fb058b3ab5c1

Headers

File Characteristics

Imports

advapi32

user32

kernel32

setupapi

wininet

winmm

Sections

.text Size: 177KB - Virtual size: 177KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 16KB - Virtual size: 15KB

.tls Size: 512B - Virtual size: 220KB

.text
Size: 177KB - Virtual size: 177KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 16KB - Virtual size: 15KB

.tls
Size: 512B - Virtual size: 220KB