9630f8a9ad0a727b8010798d104b9f36_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9630f8a9ad0a727b8010798d104b9f36_JaffaCakes118
Size

200KB
MD5

9630f8a9ad0a727b8010798d104b9f36
SHA1

2baf3cc0efa03eca46f4074684ca9489e89956a2
SHA256

15437222785be98bd9477febcbf979c3c44a4b18809f3b240c2b4975e01d5b3f
SHA512

a101b1f1cac3368f51826301c11fe2bdc8e0c7f9ac9ac547865cc9d55b9f30b51050b53d58949757f6ff8358f0325463be79abab5b715d10057e3854a2a9f791
SSDEEP

6144:EHd9Dp2KSv7nTiPwVi9V3J5kCOIY3+Mm7n08JrdE:EHrlwE9VZ5EI3Mm7n/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9630f8a9ad0a727b8010798d104b9f36_JaffaCakes118

Files

9630f8a9ad0a727b8010798d104b9f36_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ce4f8fdcdc6f5963224151286d7a9df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

gdi32

CreateDIBitmap

iphlpapi

GetBestInterface
GetAdaptersInfo
SendARP

kernel32

GetComputerNameA
FlushInstructionCache
DeleteFileA
GetThreadPriority
GetPrivateProfileStringA
CreateFiberEx
GetVersionExA
SetEvent
CreateThread
lstrlenA
OutputDebugStringA
GlobalMemoryStatus
GetSystemInfo
GetDiskFreeSpaceA
GetModuleHandleA
Sleep
DefineDosDeviceA
DeleteCriticalSection
GetVersion
InterlockedExchange
CreateMutexA
QueryPerformanceCounter
LoadLibraryExA
GetDevicePowerState
GetCurrentThreadId
LoadLibraryA
LocalAlloc
_llseek
InterlockedIncrement
GetTempPathA
GetModuleFileNameA
GetWindowsDirectoryA
EnumResourceNamesW
GetTickCount
CreateDirectoryA
InitializeCriticalSection
WaitForMultipleObjects
GetFileAttributesA
LeaveCriticalSection
GetLocalTime
LocalFree
CreateFileA
GetLocaleInfoA
GetSystemDirectoryA
SetLastError
ReadFile
EnterCriticalSection
FlushFileBuffers
GetACP
CreateProcessA
GetLastError
CloseHandle
ResetEvent
IsBadReadPtr
SetThreadPriority
InterlockedDecrement
VirtualFree
CreateEventA
WriteFile
IsBadWritePtr
VirtualQuery
VirtualAlloc
QueryDosDeviceA
DeviceIoControl
WaitForSingleObject
GetCurrentThread
CompareStringA
GetCurrentProcessId
GetSystemTime
FreeLibrary
CreateSemaphoreA
ReleaseMutex

winmm

timeGetTime
timeSetEvent

user32

RegisterWindowMessageA
PostThreadMessageA
GetDesktopWindow
DestroyWindow
ShowWindow
wsprintfA
GetDC
PeekMessageA
RealGetWindowClassA
GetQueueStatus
DispatchMessageA
MsgWaitForMultipleObjects
ReleaseDC
CreateDialogParamA
wvsprintfA

advapi32

RegOpenKeyExA
RegSetValueExA
CryptEncrypt
RegCreateKeyExA
CryptReleaseContext
CryptGetHashParam
CryptDestroyKey
GetUserNameA
CryptDestroyHash
CryptCreateHash
RegEnumKeyExA
RegQueryValueExA
RegEnumValueA
CryptHashData
RegDeleteValueA
CryptImportKey
RegCloseKey

ole32

CoCreateInstance
CreateItemMoniker
StgCreateDocfile
CreateBindCtx
GetRunningObjectTable
BindMoniker
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
StgOpenStorage
CoUninitialize
StgIsStorageFile
CoInitialize

Sections

.text
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ce4f8fdcdc6f5963224151286d7a9df

Headers

File Characteristics

Imports

setupapi

shell32

wininet

gdi32

iphlpapi

kernel32

winmm

user32

advapi32

ole32

Sections

.text Size: 182KB - Virtual size: 181KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 13KB - Virtual size: 12KB

.tls Size: 512B - Virtual size: 216KB

.text
Size: 182KB - Virtual size: 181KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 13KB - Virtual size: 12KB

.tls
Size: 512B - Virtual size: 216KB