9859d1174b5baf5e20a214a5fdd43d66_JaffaCakes118

General

Target

9859d1174b5baf5e20a214a5fdd43d66_JaffaCakes118
Size

211KB
MD5

9859d1174b5baf5e20a214a5fdd43d66
SHA1

143e91a34336a58fb1970b78e58560abeae89c75
SHA256

11cc39fb0708c55cdcb25a234719321f8ae0b319baa9023106498e12fc7e8ebc
SHA512

0e3cea265eae92885995dde369fc9fa7269f8a1976d8d552545c0ede92e4103ff8d94318f1530a3fb01a88e0cddb86438d9fe7389c31267fcdf250acb69c1804
SSDEEP

6144:RYL80RD/VjhEV4/C47SU7G2XGEjwSMzF:iI8d9I4/3C2zwZF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9859d1174b5baf5e20a214a5fdd43d66_JaffaCakes118

Files

9859d1174b5baf5e20a214a5fdd43d66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

147438135d0f28a8ccf9bd5b9235007c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

PostThreadMessageA
GetQueueStatus
RealGetWindowClassA
MsgWaitForMultipleObjects
ReleaseDC
RegisterWindowMessageA
CreateDialogParamA
wsprintfA
DestroyWindow
PeekMessageA
ShowWindow
GetDC
GetDesktopWindow
DispatchMessageA
wvsprintfA

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

advapi32

RegEnumKeyExA
CryptCreateHash
RegSetValueExA
CryptImportKey
RegEnumValueA
CryptEncrypt
RegOpenKeyExA
GetUserNameA
CryptReleaseContext
RegDeleteValueA
CryptDestroyHash
CryptGetHashParam
CryptDestroyKey
RegCreateKeyExA
RegQueryValueExA
CryptHashData
RegCloseKey

kernel32

CreateFiber
GetLastError
SetThreadPriority
CancelIo
WaitForMultipleObjects
GetACP
EnumResourceNamesW
GetCurrentThreadId
GetCurrentThread
GetTickCount
GetThreadPriority
lstrcatA
VirtualFree
IsBadReadPtr
GetSystemTime
CreateSemaphoreA

winmm

timeGetTime
timeSetEvent

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

147438135d0f28a8ccf9bd5b9235007c

Headers

File Characteristics

Imports

setupapi

user32

wininet

advapi32

kernel32

winmm

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 17KB - Virtual size: 16KB

.tls Size: 512B - Virtual size: 96KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 17KB - Virtual size: 16KB

.tls
Size: 512B - Virtual size: 96KB