416f3ae4603a487477fb6211bd37fac6_JaffaCakes118

General

Target

416f3ae4603a487477fb6211bd37fac6_JaffaCakes118
Size

189KB
MD5

416f3ae4603a487477fb6211bd37fac6
SHA1

902cf2825a859fee0004f11911d2dbe762a45c3d
SHA256

f4d8032d85c5007031f82534593fee765aa87c5ca9ec1e3700f7a50ae2bc299c
SHA512

84c4bcfdb0b95e0af85536ec39ddb02fa6c557460f58770884a7275db9ce933242f924d4b45c4d652144a01790aa8106928f5b9a511a3eb9002490552ef39afb
SSDEEP

3072:9sTxEwVTIA8vt3ZFYIZg59kh8EqsapZjsb+B5F2QyoS06F77AO1nvQ/juBCureyt:9fwdm9Xq5+UpZjo+B32T9ZnejuB3ey

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
416f3ae4603a487477fb6211bd37fac6_JaffaCakes118

Files

416f3ae4603a487477fb6211bd37fac6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9778070eb887a4f7ecf23730dc3470e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

wininet

InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA

kernel32

GetThreadLocale
InterlockedExchange
CreateFiber
GetVersionExA
SuspendThread
RaiseException
LoadLibraryW
GetACP
MultiByteToWideChar
DeleteCriticalSection
lstrcmpiA
GetProcAddress
GetVersion
EnumResourceNamesA
lstrlenW
SetThreadPriority
lstrlenA
FreeLibrary
WideCharToMultiByte
InitializeCriticalSection
GetLocaleInfoA
GetLastError

user32

PeekMessageA
RealGetWindowClassW
GetDesktopWindow
RegisterWindowMessageA
PostThreadMessageA
CreateDialogParamA
DispatchMessageA
wsprintfA
DestroyWindow
ReleaseDC
ShowWindow
GetQueueStatus
MsgWaitForMultipleObjects
GetDC
wvsprintfA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegEnumValueA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegCloseKey

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9778070eb887a4f7ecf23730dc3470e

Headers

File Characteristics

Imports

wininet

kernel32

user32

advapi32

setupapi

Sections

.text Size: 173KB - Virtual size: 173KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 12KB - Virtual size: 12KB

.tls Size: 512B - Virtual size: 76KB

.text
Size: 173KB - Virtual size: 173KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 12KB - Virtual size: 12KB

.tls
Size: 512B - Virtual size: 76KB