bae3318f4755a06022d4f28f46878794_JaffaCakes118

General

Target

bae3318f4755a06022d4f28f46878794_JaffaCakes118
Size

185KB
MD5

bae3318f4755a06022d4f28f46878794
SHA1

d2daff850f93a5495436768e8f333f60727fe641
SHA256

8cb7febbf0ca9f33304fa10eb529f7fd7a6105b4fa6af676aa0e2138c10a8068
SHA512

5f71775658eb7d5d0d21c1b3c222e958b96cd5d553328737f87a7d243c2b95a493a7566ca9dd81ed623a62fbb14e7ebf90678fb7c9720cc4d2ff2a6851fbbbc3
SSDEEP

3072:4NAvjiyMk96bj+ReNPpD8O5oo+g9hPp0dMqHdl7lmk/AqFYGfLGOvv1Q6hfN:4NAvjiyr9EUeNPhooz9hHqLh//vSoHQy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bae3318f4755a06022d4f28f46878794_JaffaCakes118

Files

bae3318f4755a06022d4f28f46878794_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f24ad9fc9c88d56fa2534d51c35485c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

CreateFiberEx
IsBadReadPtr
GetCurrentThread
GetDevicePowerState
GetThreadPriority
GetTickCount
EnumResourceNamesW
GetCurrentThreadId
GetACP
VirtualFree
WaitForMultipleObjects
GetLastError
FlushFileBuffers
SetThreadPriority
GetSystemTime
CreateSemaphoreA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

winmm

timeGetTime
timeSetEvent

advapi32

RegEnumValueA
GetUserNameA
RegQueryValueExA
CryptCreateHash
CryptEncrypt
CryptDestroyKey
RegCreateKeyExA
CryptHashData
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptImportKey
RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey

user32

CreateDialogParamA
ReleaseDC
PeekMessageA
RegisterWindowMessageA
wsprintfA
GetQueueStatus
DispatchMessageA
PostThreadMessageA
RealGetWindowClassA
MsgWaitForMultipleObjects
GetDesktopWindow
ShowWindow
GetDC
DestroyWindow
wvsprintfA

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f24ad9fc9c88d56fa2534d51c35485c1

Headers

File Characteristics

Imports

setupapi

kernel32

wininet

winmm

advapi32

user32

Sections

.text Size: 158KB - Virtual size: 157KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 24KB - Virtual size: 23KB

.tls Size: 512B - Virtual size: 84KB

.text
Size: 158KB - Virtual size: 157KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 24KB - Virtual size: 23KB

.tls
Size: 512B - Virtual size: 84KB