06b52805231e08015a3cb59d8748b7ac_JaffaCakes118

General

Target

06b52805231e08015a3cb59d8748b7ac_JaffaCakes118
Size

210KB
MD5

06b52805231e08015a3cb59d8748b7ac
SHA1

b4330b41d73e851704b12a31baf1c01e691f58d6
SHA256

7f5698721253c1854e14b94d436acf951ed76f48bf7d491f7bf27ac7f8c37382
SHA512

dd9a2b9be4cea9660e40b3521f7e733a04c8d62c7a55f00ec05b02b66e7e46e3874043b0169809ee6542589a6bf3e4471c9c5f8991d186f5528e08e71dcf4f2f
SSDEEP

6144:vEBdaOZE8XXP/B1n/jsOZy/LKkblIBaSbb2Q:sBdZZTXXxJ/j3eukJIlO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06b52805231e08015a3cb59d8748b7ac_JaffaCakes118

Files

06b52805231e08015a3cb59d8748b7ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f90592e84d770cd0ceaaa415579b6f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CryptDestroyHash
CryptReleaseContext
RegDeleteValueA
RegEnumKeyExA
GetUserNameA
CryptHashData
RegCreateKeyExA
CryptGetHashParam
CryptCreateHash
CryptImportKey
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
CryptDestroyKey
CryptEncrypt
RegCloseKey

winmm

timeGetTime
timeSetEvent

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

CreateFiber
GetLastError
SetThreadPriority
SetThreadContext
GetTickCount
GetSystemTime
IsBadReadPtr
EnumResourceNamesW
GetCurrentThread
VirtualFree
GetACP
lstrcatA
WaitForMultipleObjects
GetCurrentThreadId
GetThreadPriority
CreateSemaphoreA

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

user32

CreateDialogParamA
ReleaseDC
PeekMessageA
GetDesktopWindow
RegisterWindowMessageA
ShowWindow
wsprintfA
DestroyWindow
MsgWaitForMultipleObjects
DispatchMessageA
PostThreadMessageA
GetDC
GetQueueStatus
RealGetWindowClassW
wvsprintfA

Sections

.text
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f90592e84d770cd0ceaaa415579b6f1

Headers

File Characteristics

Imports

advapi32

winmm

setupapi

kernel32

wininet

user32

Sections

.text Size: 187KB - Virtual size: 187KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 19KB - Virtual size: 18KB

.tls Size: 512B - Virtual size: 100KB

.text
Size: 187KB - Virtual size: 187KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 19KB - Virtual size: 18KB

.tls
Size: 512B - Virtual size: 100KB