051dba01a47257d726f0f18e99760db7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

051dba01a47257d726f0f18e99760db7_JaffaCakes118
Size

200KB
MD5

051dba01a47257d726f0f18e99760db7
SHA1

28e149574b1c8e6436e0b85f7e34797cb727c788
SHA256

d4a907ae86ff13c808e2b3e8b579afac1df97d2f00524a939eecb17fb5c875a2
SHA512

db776b06841dd6b3a4be22b404469838abead9025afb3be154fb95404e143c4add7025b03745afaf7e1cb0360dde6adc11fa493a431d30b51148b79aebba1628
SSDEEP

6144:EHd9Dp2KSv7nTiPwVi9V3J5kCOIY3+Mm7n08JrdE:EHrlwE9VZ5EI3Mm7n/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
051dba01a47257d726f0f18e99760db7_JaffaCakes118

Files

051dba01a47257d726f0f18e99760db7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ce4f8fdcdc6f5963224151286d7a9df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

gdi32

CreateDIBitmap

iphlpapi

GetBestInterface
GetAdaptersInfo
SendARP

kernel32

GetComputerNameA
FlushInstructionCache
DeleteFileA
GetThreadPriority
GetPrivateProfileStringA
CreateFiberEx
GetVersionExA
SetEvent
CreateThread
lstrlenA
OutputDebugStringA
GlobalMemoryStatus
GetSystemInfo
GetDiskFreeSpaceA
GetModuleHandleA
Sleep
DefineDosDeviceA
DeleteCriticalSection
GetVersion
InterlockedExchange
CreateMutexA
QueryPerformanceCounter
LoadLibraryExA
GetDevicePowerState
GetCurrentThreadId
LoadLibraryA
LocalAlloc
_llseek
InterlockedIncrement
GetTempPathA
GetModuleFileNameA
GetWindowsDirectoryA
EnumResourceNamesW
GetTickCount
CreateDirectoryA
InitializeCriticalSection
WaitForMultipleObjects
GetFileAttributesA
LeaveCriticalSection
GetLocalTime
LocalFree
CreateFileA
GetLocaleInfoA
GetSystemDirectoryA
SetLastError
ReadFile
EnterCriticalSection
FlushFileBuffers
GetACP
CreateProcessA
GetLastError
CloseHandle
ResetEvent
IsBadReadPtr
SetThreadPriority
InterlockedDecrement
VirtualFree
CreateEventA
WriteFile
IsBadWritePtr
VirtualQuery
VirtualAlloc
QueryDosDeviceA
DeviceIoControl
WaitForSingleObject
GetCurrentThread
CompareStringA
GetCurrentProcessId
GetSystemTime
FreeLibrary
CreateSemaphoreA
ReleaseMutex

winmm

timeGetTime
timeSetEvent

user32

RegisterWindowMessageA
PostThreadMessageA
GetDesktopWindow
DestroyWindow
ShowWindow
wsprintfA
GetDC
PeekMessageA
RealGetWindowClassA
GetQueueStatus
DispatchMessageA
MsgWaitForMultipleObjects
ReleaseDC
CreateDialogParamA
wvsprintfA

advapi32

RegOpenKeyExA
RegSetValueExA
CryptEncrypt
RegCreateKeyExA
CryptReleaseContext
CryptGetHashParam
CryptDestroyKey
GetUserNameA
CryptDestroyHash
CryptCreateHash
RegEnumKeyExA
RegQueryValueExA
RegEnumValueA
CryptHashData
RegDeleteValueA
CryptImportKey
RegCloseKey

ole32

CoCreateInstance
CreateItemMoniker
StgCreateDocfile
CreateBindCtx
GetRunningObjectTable
BindMoniker
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
StgOpenStorage
CoUninitialize
StgIsStorageFile
CoInitialize

Sections

.text
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ce4f8fdcdc6f5963224151286d7a9df

Headers

File Characteristics

Imports

setupapi

shell32

wininet

gdi32

iphlpapi

kernel32

winmm

user32

advapi32

ole32

Sections

.text Size: 182KB - Virtual size: 181KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 13KB - Virtual size: 12KB

.tls Size: 512B - Virtual size: 216KB

.text
Size: 182KB - Virtual size: 181KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 13KB - Virtual size: 12KB

.tls
Size: 512B - Virtual size: 216KB