3700da46b72b0d70032dfc574c9340d3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3700da46b72b0d70032dfc574c9340d3_JaffaCakes118
Size

200KB
MD5

3700da46b72b0d70032dfc574c9340d3
SHA1

30fb310a0105aa2bf827c764fcbd7d6ff10a6f34
SHA256

15c349a8c9212df0993b43e14ea23230cac772ca9b7a10456d90d20358602229
SHA512

c80df7fc8e96cd02cf8cc819e7fd0d81975e2ca6a26b42b478126f9a179f48cbe30493d6fe0ae220d5fe7c86a7b19371e9ccd9741e7d0bad3b5fec170a9a0267
SSDEEP

6144:SoODFF3JH1ake3Nr/HXPm13QQiI2UOgoo730z8myhzUHqn:MSjr/PmeQiZgoo7E0eq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3700da46b72b0d70032dfc574c9340d3_JaffaCakes118

Files

3700da46b72b0d70032dfc574c9340d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a2cf120677ce66e1fa2ec4b032b35c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

CoTaskMemFree
StgIsStorageFile
StgOpenStorage
CoUninitialize
GetRunningObjectTable
CoCreateInstance
CreateBindCtx
CreateItemMoniker
BindMoniker
CoTaskMemAlloc
StringFromGUID2
StgCreateDocfile
CoInitialize

iphlpapi

GetBestInterface
GetAdaptersInfo
SendARP

winmm

timeGetTime
timeSetEvent

user32

GetDesktopWindow
GetDC
ShowWindow
ReleaseDC
MsgWaitForMultipleObjects
DestroyWindow
CreateDialogParamA
GetQueueStatus
DispatchMessageA
PeekMessageA
wsprintfA
PostThreadMessageA
RegisterWindowMessageA
RealGetWindowClassA
wvsprintfA

advapi32

CryptEncrypt
RegOpenKeyExA
CryptReleaseContext
RegQueryValueExA
RegEnumValueA
CryptGetHashParam
CryptHashData
RegEnumKeyExA
RegCreateKeyExA
GetUserNameA
CryptDestroyKey
RegDeleteValueA
RegSetValueExA
CryptCreateHash
CryptImportKey
CryptDestroyHash
RegCloseKey

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

gdi32

CreateDIBitmap

wininet

InternetOpenUrlA
InternetCloseHandle
InternetReadFile
InternetOpenA

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

kernel32

QueryDosDeviceA
GetFileAttributesA
DeviceIoControl
CreateDirectoryA
OutputDebugStringA
GetThreadPriority
CreateFiberEx
WriteFile
GetVersionExA
GetTempPathA
GetModuleHandleA
CreateEventA
lstrlenA
_llseek
GetSystemDirectoryA
DeleteFileA
CreateSemaphoreA
WaitForSingleObject
GetACP
InterlockedDecrement
InitializeCriticalSection
GlobalMemoryStatus
GetDevicePowerState
DefineDosDeviceA
CreateFileA
Sleep
VirtualFree
VirtualQuery
GetSystemTime
GetLocaleInfoA
InterlockedIncrement
GetSystemInfo
GetLocalTime
LoadLibraryExA
GetDiskFreeSpaceA
GetModuleFileNameA
CreateThread
GetCurrentThread
CreateMutexA
EnumResourceNamesW
GetPrivateProfileStringA
ResetEvent
EnterCriticalSection
GetCurrentThreadId
SetThreadPriority
SetEvent
SetLastError
InterlockedExchange
IsBadWritePtr
LocalAlloc
WaitForMultipleObjects
ReadFile
CompareStringA
GetLastError
GetWindowsDirectoryA
GetCurrentProcessId
QueryPerformanceCounter
FlushFileBuffers
VirtualAlloc
FreeLibrary
CloseHandle
LoadLibraryA
LeaveCriticalSection
CreateProcessA
GetComputerNameA
GetTickCount
LocalFree
DeleteCriticalSection
GetVersion
FlushInstructionCache
IsBadReadPtr
ReleaseMutex

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a2cf120677ce66e1fa2ec4b032b35c4

Headers

File Characteristics

Imports

ole32

iphlpapi

winmm

user32

advapi32

setupapi

gdi32

wininet

shell32

kernel32

Sections

.text Size: 174KB - Virtual size: 173KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 21KB - Virtual size: 20KB

.tls Size: 512B - Virtual size: 352KB

.text
Size: 174KB - Virtual size: 173KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 21KB - Virtual size: 20KB

.tls
Size: 512B - Virtual size: 352KB