3c00f72d38d1dece37f5604436bc8909_JaffaCakes118

General

Target

3c00f72d38d1dece37f5604436bc8909_JaffaCakes118
Size

193KB
MD5

3c00f72d38d1dece37f5604436bc8909
SHA1

e73e9375f6a86c827cf326254a27fc5d8aece3b5
SHA256

ff354699a24b994621357611c0ffa572459581d167b2288061fcbcfbe67c03ed
SHA512

04ca55eae094940c868024db2c73305a06b6c692be7637220f5f2eb39a787239b2f15eaecf99a4cb2273d3b05ae654be7e82c667e84c8bd719de21f739931c97
SSDEEP

6144:Uhqvi1lMcIzdGDydIXcsGSWqixBbDzXDx2PrwK:UMa1lMtfAckej3XNL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c00f72d38d1dece37f5604436bc8909_JaffaCakes118

Files

3c00f72d38d1dece37f5604436bc8909_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92624578cdd6fbee33ae3d62d9a4beb7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

timeGetTime
timeSetEvent

user32

RegisterWindowMessageA
GetQueueStatus
PostThreadMessageA
MsgWaitForMultipleObjects
DestroyWindow
DispatchMessageA
wsprintfA
PeekMessageA
ShowWindow
GetDesktopWindow
GetDC
RealGetWindowClassW
ReleaseDC
CreateDialogParamA
wvsprintfA

advapi32

CryptEncrypt
CryptImportKey
CryptGetHashParam
RegEnumValueA
GetUserNameA
RegOpenKeyExA
CryptDestroyKey
CryptDestroyHash
RegEnumKeyExA
RegCreateKeyExA
CryptHashData
CryptReleaseContext
RegDeleteValueA
CryptCreateHash
RegQueryValueExA
RegSetValueExA
RegCloseKey

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

GetSystemTime
CreateFiber
WaitForMultipleObjects
SetThreadContext
GetCurrentThreadId
GetLastError
VirtualFree
EnumResourceNamesW
GetTickCount
GetThreadPriority
GetCurrentThread
lstrcatA
GetACP
SetThreadPriority
IsBadReadPtr
CreateSemaphoreA

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92624578cdd6fbee33ae3d62d9a4beb7

Headers

File Characteristics

Imports

winmm

user32

advapi32

setupapi

kernel32

wininet

Sections

.text Size: 165KB - Virtual size: 165KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 24KB - Virtual size: 24KB

.tls Size: 512B - Virtual size: 220KB

.text
Size: 165KB - Virtual size: 165KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 24KB - Virtual size: 24KB

.tls
Size: 512B - Virtual size: 220KB