3671fa3b935abfff776f446ba307f873_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3671fa3b935abfff776f446ba307f873_JaffaCakes118
Size

211KB
MD5

3671fa3b935abfff776f446ba307f873
SHA1

fb695d56fe3f1ff287d6cf30eb583bf4bdb05045
SHA256

f81bc427fc65ccf7fa98b4cf5d79e20d8a08f75200006d0ac3d36458e544deb2
SHA512

3b33884129f14f48f597dd08623a4b645ae23857907312a70afdc2deaf34d77d796df8e3b7f0196118d51a9d68e306d9bcbe05424a4d1101277a480d6e09e276
SSDEEP

6144:HreZkiGlWFHbCG1fZ7M/zoskaZKHH01VTUaOL/P8kl:KZntf9M7o4Knha2/l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3671fa3b935abfff776f446ba307f873_JaffaCakes118

Files

3671fa3b935abfff776f446ba307f873_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c40b8ff8fd8965dc09bea6339ba2d689

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

GetUserNameA
CryptDestroyHash
RegEnumKeyExA
RegQueryValueExA
CryptGetHashParam
RegCreateKeyExA
CryptDestroyKey
CryptImportKey
RegSetValueExA
CryptReleaseContext
RegDeleteValueA
RegOpenKeyExA
CryptHashData
CryptEncrypt
RegEnumValueA
CryptCreateHash
RegCloseKey

iphlpapi

GetAdaptersInfo
GetBestInterface
SendARP

gdi32

CreateDIBitmap

ole32

StgIsStorageFile
CoCreateInstance
CreateItemMoniker
CoTaskMemFree
StgCreateDocfile
CreateBindCtx
StringFromGUID2
StgOpenStorage
CoTaskMemAlloc
BindMoniker
GetRunningObjectTable
CoUninitialize
CoInitialize

winmm

timeGetTime
timeSetEvent

kernel32

CompareStringA
FreeLibrary
_llseek
CreateEventA
Sleep
FlushInstructionCache
InterlockedExchange
ReadFile
ResetEvent
VirtualQuery
CreateFiberEx
GetThreadPriority
SetThreadPriority
CreateProcessA
DefineDosDeviceA
GetSystemInfo
LoadLibraryA
GetPrivateProfileStringA
CloseHandle
SetEvent
DeleteCriticalSection
GetTickCount
IsBadWritePtr
GetDevicePowerState
GlobalMemoryStatus
GetCurrentThread
GetSystemDirectoryA
GetTempPathA
GetACP
QueryDosDeviceA
IsBadReadPtr
GetModuleFileNameA
CreateDirectoryA
InitializeCriticalSection
LeaveCriticalSection
EnumResourceNamesW
GetCurrentProcessId
VirtualFree
CreateFileA
GetDiskFreeSpaceA
WaitForMultipleObjects
GetLastError
GetWindowsDirectoryA
LocalAlloc
DeviceIoControl
FlushFileBuffers
GetVersionExA
GetCurrentThreadId
LocalFree
GetSystemTime
SetLastError
GetFileAttributesA
OutputDebugStringA
QueryPerformanceCounter
lstrlenA
GetLocaleInfoA
EnterCriticalSection
InterlockedDecrement
GetModuleHandleA
DeleteFileA
InterlockedIncrement
GetLocalTime
VirtualAlloc
CreateThread
GetVersion
WriteFile
GetComputerNameA
CreateMutexA
LoadLibraryExA
WaitForSingleObject
CreateSemaphoreA
ReleaseMutex

user32

RegisterWindowMessageA
CreateDialogParamA
GetDC
PeekMessageA
DispatchMessageA
GetQueueStatus
DestroyWindow
GetDesktopWindow
wsprintfA
ReleaseDC
RealGetWindowClassA
MsgWaitForMultipleObjects
PostThreadMessageA
ShowWindow
wvsprintfA

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

wininet

InternetCloseHandle
InternetOpenUrlA
InternetReadFile
InternetOpenA

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c40b8ff8fd8965dc09bea6339ba2d689

Headers

File Characteristics

Imports

advapi32

iphlpapi

gdi32

ole32

winmm

kernel32

user32

setupapi

shell32

wininet

Sections

.text Size: 184KB - Virtual size: 184KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 21KB - Virtual size: 20KB

.tls Size: 512B - Virtual size: 96KB

.text
Size: 184KB - Virtual size: 184KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 21KB - Virtual size: 20KB

.tls
Size: 512B - Virtual size: 96KB