ba8b06c1a2e443e0709f6671253d53d5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba8b06c1a2e443e0709f6671253d53d5_JaffaCakes118
Size

203KB
MD5

ba8b06c1a2e443e0709f6671253d53d5
SHA1

1d1ae016aa5d7aaab377d7053318346130cbd65a
SHA256

1aa1a3b37c99efc6190ae85a5d37632bf2035176a388c842a95ccf249dea7354
SHA512

d8a5bae10a9ec5ac491a6283b3765a5a79a7ff136cc6ebbc7fa76babd99e0da2e12eb95cc3696f17c9ecb39d1ce8608f7a421a38ebc87db3639a9ba791dac0f9
SSDEEP

3072:TRdjAfpmX+K+akohDQEHf6BdfX4EwDFxCTsLzwRNMjDBhmX+P49bLjMtiC7gi:vgiR+Xdk09X4EyF1zqNMK+yLjMtui

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba8b06c1a2e443e0709f6671253d53d5_JaffaCakes118

Files

ba8b06c1a2e443e0709f6671253d53d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87a02208ca1499c0afb9776433f0d3ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

ole32

GetRunningObjectTable
CoUninitialize
StgCreateDocfile
BindMoniker
CreateItemMoniker
CoTaskMemFree
CoTaskMemAlloc
StgOpenStorage
CoCreateInstance
StgIsStorageFile
CreateBindCtx
StringFromGUID2
CoInitialize

advapi32

CryptEncrypt
RegEnumKeyExA
CryptHashData
CryptCreateHash
CryptReleaseContext
RegCreateKeyExA
CryptImportKey
GetUserNameA
RegDeleteValueA
RegOpenKeyExA
CryptDestroyKey
CryptGetHashParam
RegEnumValueA
RegSetValueExA
CryptDestroyHash
RegQueryValueExA
RegCloseKey

kernel32

GetPrivateProfileStringA
GetComputerNameA
CreateProcessA
GetLocaleInfoA
SetThreadPriority
GlobalMemoryStatus
InterlockedIncrement
WaitForSingleObject
CompareStringA
CreateDirectoryA
ReadFile
CreateSemaphoreA
CreateFiberEx
InterlockedDecrement
SetLastError
CreateFileA
GetDevicePowerState
GetACP
GetThreadPriority
IsBadReadPtr
GetLocalTime
GetSystemInfo
GetSystemTime
CreateMutexA
EnterCriticalSection
GetModuleFileNameA
GetTempPathA
LocalAlloc
LocalFree
FreeLibrary
LoadLibraryA
CloseHandle
GetSystemDirectoryA
SetEvent
InitializeCriticalSection
GetDiskFreeSpaceA
VirtualAlloc
_llseek
QueryDosDeviceA
InterlockedExchange
DefineDosDeviceA
EnumResourceNamesW
ResetEvent
GetLastError
DeviceIoControl
FlushFileBuffers
GetTickCount
VirtualFree
VirtualQuery
IsBadWritePtr
CreateEventA
GetVersion
lstrlenA
QueryPerformanceCounter
GetModuleHandleA
OutputDebugStringA
GetCurrentProcessId
GetWindowsDirectoryA
FlushInstructionCache
GetCurrentThreadId
WaitForMultipleObjects
DeleteFileA
Sleep
GetVersionExA
DeleteCriticalSection
WriteFile
LeaveCriticalSection
GetFileAttributesA
GetCurrentThread
LoadLibraryExA
CreateThread
ReleaseMutex

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

gdi32

CreateDIBitmap

iphlpapi

GetBestInterface
GetAdaptersInfo
SendARP

user32

GetQueueStatus
CreateDialogParamA
DispatchMessageA
GetDC
PeekMessageA
wsprintfA
RealGetWindowClassA
GetDesktopWindow
RegisterWindowMessageA
ReleaseDC
PostThreadMessageA
DestroyWindow
ShowWindow
MsgWaitForMultipleObjects
wvsprintfA

wininet

InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA

winmm

timeGetTime
timeSetEvent

Sections

.text
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87a02208ca1499c0afb9776433f0d3ca

Headers

File Characteristics

Imports

shell32

ole32

advapi32

kernel32

setupapi

gdi32

iphlpapi

user32

wininet

winmm

Sections

.text Size: 173KB - Virtual size: 172KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 25KB - Virtual size: 24KB

.tls Size: 512B - Virtual size: 224KB

.text
Size: 173KB - Virtual size: 172KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 25KB - Virtual size: 24KB

.tls
Size: 512B - Virtual size: 224KB