4198d0c77921d49661e652c18cfdc4b9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4198d0c77921d49661e652c18cfdc4b9_JaffaCakes118
Size

199KB
MD5

4198d0c77921d49661e652c18cfdc4b9
SHA1

02a9c7fab13b64f234d4d6148c44112e2dbd586e
SHA256

54f02f72d90ca721ed711a1eb3353bb865a38b673d01d8de26abe1a6d76444c0
SHA512

70ba12e136ea90418b0e08fe4ab09a30c65ca8d686815558c842fc47f8cdb4f9aa64d2aac02dea15c6a69951790cd59b736ecdaeac489d678fb608ed07b8cf6b
SSDEEP

6144:Z/3pbhK890PsDBWD81EUx2itvScRm3bUUA9NXgIA:Z/3dw89UsDsD81EUFHRW0NXxA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4198d0c77921d49661e652c18cfdc4b9_JaffaCakes118

Files

4198d0c77921d49661e652c18cfdc4b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5074b9b9a154cc0063255469628843e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

StgCreateDocfile
CreateBindCtx
BindMoniker
StringFromGUID2
CoCreateInstance
StgOpenStorage
CoUninitialize
GetRunningObjectTable
CoTaskMemAlloc
StgIsStorageFile
CoTaskMemFree
CreateItemMoniker
CoInitialize

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

gdi32

CreateDIBitmap

iphlpapi

GetBestInterface
GetAdaptersInfo
SendARP

wininet

InternetOpenUrlA
InternetCloseHandle
InternetReadFile
InternetOpenA

kernel32

FreeLibrary
GetACP
GetCurrentThreadId
LoadLibraryExA
VirtualFree
CreateEventA
GetWindowsDirectoryA
GetLastError
CreateFiberEx
GetModuleHandleA
GetVersion
GetFileAttributesA
EnterCriticalSection
WaitForMultipleObjects
IsBadWritePtr
GetSystemTime
GetDevicePowerState
InterlockedExchange
VirtualAlloc
GlobalMemoryStatus
CreateFileA
GetModuleFileNameA
SetLastError
FlushInstructionCache
InterlockedIncrement
SetThreadPriority
IsBadReadPtr
GetComputerNameA
GetDiskFreeSpaceA
GetTickCount
GetPrivateProfileStringA
CreateProcessA
WaitForSingleObject
lstrlenA
DefineDosDeviceA
EnumResourceNamesW
DeviceIoControl
LocalFree
GetLocalTime
_llseek
GetThreadPriority
InitializeCriticalSection
GetSystemDirectoryA
LoadLibraryA
GetSystemInfo
GetTempPathA
OutputDebugStringA
SetEvent
LeaveCriticalSection
GetVersionExA
ResetEvent
CreateSemaphoreA
FlushFileBuffers
DeleteFileA
CreateMutexA
QueryDosDeviceA
DeleteCriticalSection
LocalAlloc
CreateThread
GetCurrentThread
Sleep
VirtualQuery
GetCurrentProcessId
CloseHandle
CompareStringA
ReadFile
CreateDirectoryA
QueryPerformanceCounter
WriteFile
InterlockedDecrement
GetLocaleInfoA
ReleaseMutex

user32

wsprintfA
MsgWaitForMultipleObjects
GetDesktopWindow
DispatchMessageA
DestroyWindow
RealGetWindowClassA
ShowWindow
GetQueueStatus
CreateDialogParamA
PostThreadMessageA
GetDC
PeekMessageA
ReleaseDC
RegisterWindowMessageA
wvsprintfA

winmm

timeGetTime
timeSetEvent

advapi32

RegCreateKeyExA
CryptGetHashParam
RegEnumKeyExA
GetUserNameA
CryptEncrypt
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
CryptCreateHash
RegSetValueExA
CryptImportKey
RegEnumValueA
CryptHashData
CryptDestroyKey
CryptReleaseContext
CryptDestroyHash
RegCloseKey

Sections

.text
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5074b9b9a154cc0063255469628843e

Headers

File Characteristics

Imports

ole32

setupapi

shell32

gdi32

iphlpapi

wininet

kernel32

user32

winmm

advapi32

Sections

.text Size: 170KB - Virtual size: 169KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 23KB - Virtual size: 23KB

.tls Size: 512B - Virtual size: 356KB

.text
Size: 170KB - Virtual size: 169KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 23KB - Virtual size: 23KB

.tls
Size: 512B - Virtual size: 356KB