ea3d6b53b42bb3460b54d09d95a44c1e_JaffaCakes118

General

Target

ea3d6b53b42bb3460b54d09d95a44c1e_JaffaCakes118
Size

197KB
MD5

ea3d6b53b42bb3460b54d09d95a44c1e
SHA1

dd689ce09f8e5e67513edab0913d1ed58269ef6d
SHA256

583bbc839ed5ba9a6917166e6dae273bd06c09ef6da393a46dcf56a44a192870
SHA512

cd4a75a17c9a0bf90e2dc05bb2605cbace47dafed4275db650891a23f822c93f22232df392191c1902a3e736ca6980b169abdcf06c536ed6fcbafb23a692294b
SSDEEP

6144:DDtxEPb/lvvHVBfg9t3io4TIJ7gN0AnM1sU1JC0:DkPhvv1aB4vMJC0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea3d6b53b42bb3460b54d09d95a44c1e_JaffaCakes118

Files

ea3d6b53b42bb3460b54d09d95a44c1e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18ca1f5698e86d7f7a28c97342cf42a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetACP
CreateFiberEx
GetThreadPriority
GetSystemTime
CancelIo
WaitForMultipleObjects
EnumResourceNamesW
VirtualFree
GetCurrentThreadId
GetLastError
GetTickCount
IsBadReadPtr
SetThreadPriority
FlushFileBuffers
GetCurrentThread
CreateSemaphoreA

user32

PeekMessageA
RegisterWindowMessageA
MsgWaitForMultipleObjects
DispatchMessageA
PostThreadMessageA
wsprintfA
CreateDialogParamA
RealGetWindowClassA
DestroyWindow
GetQueueStatus
ReleaseDC
GetDC
ShowWindow
GetDesktopWindow
wvsprintfA

advapi32

RegOpenKeyExA
CryptReleaseContext
RegEnumValueA
RegDeleteValueA
RegCreateKeyExA
CryptGetHashParam
CryptImportKey
GetUserNameA
CryptCreateHash
RegQueryValueExA
RegEnumKeyExA
CryptDestroyKey
CryptDestroyHash
CryptEncrypt
CryptHashData
RegSetValueExA
RegCloseKey

winmm

timeGetTime
timeSetEvent

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

Sections

.text
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18ca1f5698e86d7f7a28c97342cf42a7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

winmm

setupapi

wininet

Sections

.text Size: 170KB - Virtual size: 170KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 23KB - Virtual size: 23KB

.tls Size: 512B - Virtual size: 356KB

.text
Size: 170KB - Virtual size: 170KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 23KB - Virtual size: 23KB

.tls
Size: 512B - Virtual size: 356KB