890ea73657da6f0d563ca6324a6317ef_JaffaCakes118

General

Target

890ea73657da6f0d563ca6324a6317ef_JaffaCakes118
Size

212KB
MD5

890ea73657da6f0d563ca6324a6317ef
SHA1

f9e4f2aa2752fcc741eca8fa6c9f445397b6c471
SHA256

4c5547f98f0d01b4e13f81b8b7f81de41142125eb4249376752ad050f79faffc
SHA512

1233f4bdb8d036ea685838b4430a41f534142358190ad9e779c8f10d4b30f0c27ceef92079cbbe285df65d69c22f56878f4f32a63206d251bccf9a7d4e194c76
SSDEEP

6144:A9Rfq40YEedZwInOpvqS9qCcbx6icUo3jOTvjw:QRfYbyZwIngCnCcbx6q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
890ea73657da6f0d563ca6324a6317ef_JaffaCakes118

Files

890ea73657da6f0d563ca6324a6317ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b858f09e3005dc92d93f845b159bb163

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegSetValueExA
RegDeleteValueA
RegQueryValueExA
RegCreateKeyExA
RegEnumValueA
RegOpenKeyExA
RegCloseKey

wininet

InternetOpenUrlA
InternetCloseHandle
InternetReadFile
InternetOpenA

user32

GetQueueStatus
wsprintfA
RealGetWindowClassW
PeekMessageA
DispatchMessageA
DestroyWindow
RegisterWindowMessageA
CreateDialogParamA
GetDC
GetDesktopWindow
MsgWaitForMultipleObjects
ReleaseDC
PostThreadMessageA
ShowWindow
wvsprintfA

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

CreateFiber
GetThreadLocale
WideCharToMultiByte
GetLocaleInfoA
GetProcAddress
SetThreadContext
GetVersion
FreeLibrary
RaiseException
InitializeCriticalSection
InterlockedExchange
EnumResourceNamesA
LoadLibraryW
GetACP
lstrcmpiA
lstrlenA
SetThreadPriority
MultiByteToWideChar
lstrlenW
GetVersionExA
DeleteCriticalSection
GetLastError

Sections

.text
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b858f09e3005dc92d93f845b159bb163

Headers

File Characteristics

Imports

advapi32

wininet

user32

setupapi

kernel32

Sections

.text Size: 189KB - Virtual size: 188KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 19KB - Virtual size: 19KB

.tls Size: 512B - Virtual size: 92KB

.text
Size: 189KB - Virtual size: 188KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 19KB - Virtual size: 19KB

.tls
Size: 512B - Virtual size: 92KB