0bf810e2003780d8b3bf921f9a15f43e_JaffaCakes118

General

Target

0bf810e2003780d8b3bf921f9a15f43e_JaffaCakes118
Size

197KB
MD5

0bf810e2003780d8b3bf921f9a15f43e
SHA1

ece1dfbf2b60f04ec01413dd54b6a79f3e05caa7
SHA256

eea4656ca48842339e88ec8f49cc9e69e0a8bd597bc37e761847319ea5c2f879
SHA512

f1aa825e51ea589f5f3d59e9c1ce5abe1e430427e90acf41693334fa8697bd0b072ed550c56681de4551a3d65bcf0705aa9cc4a387a72f2ad181502033af3b4c
SSDEEP

6144:DtVQ+OeyOHKdQ0qGeQxWRk0rEmZEMjyXz4krgHY6MsPftu:HQ+/yOqdkQ6k/WTYsd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bf810e2003780d8b3bf921f9a15f43e_JaffaCakes118

Files

0bf810e2003780d8b3bf921f9a15f43e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8d1ef5d7018679cdcca5082a6c4eb8b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegSetValueExA
RegQueryValueExA
RegEnumValueA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

kernel32

lstrlenW
CreateFiber
GetProcAddress
GetACP
SuspendThread
MultiByteToWideChar
InitializeCriticalSection
RaiseException
GetVersionExA
GetVersion
InterlockedExchange
WideCharToMultiByte
lstrlenA
EnumResourceNamesA
FreeLibrary
SetThreadPriority
GetLocaleInfoA
DeleteCriticalSection
GetThreadLocale
lstrcmpiA
LoadLibraryW
GetLastError

user32

MsgWaitForMultipleObjects
ShowWindow
RealGetWindowClassW
DispatchMessageA
RegisterWindowMessageA
GetQueueStatus
PeekMessageA
CreateDialogParamA
GetDesktopWindow
ReleaseDC
DestroyWindow
wsprintfA
GetDC
PostThreadMessageA
wvsprintfA

wininet

InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8d1ef5d7018679cdcca5082a6c4eb8b

Headers

File Characteristics

Imports

advapi32

kernel32

user32

wininet

setupapi

Sections

.text Size: 173KB - Virtual size: 172KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 20KB - Virtual size: 20KB

.tls Size: 512B - Virtual size: 216KB

.text
Size: 173KB - Virtual size: 172KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 20KB - Virtual size: 20KB

.tls
Size: 512B - Virtual size: 216KB