cbaa6d8a5ee7a4490d41467ccd455e2d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cbaa6d8a5ee7a4490d41467ccd455e2d_JaffaCakes118
Size

204KB
MD5

cbaa6d8a5ee7a4490d41467ccd455e2d
SHA1

0be47111b8c33ca392c024be97ab98a7b7570103
SHA256

f6155095f14cc52bc2cb158b515432e5de31bebdab823b4b9e86a0433c589720
SHA512

44b5f6c46f49f6f51d346e0be01fcb3f59f5fe563be7e4a80d4c71a4e2375d328bf58447df91df23ec54a63b72d08fb33bb2107271cf4f094e79007ead78daa5
SSDEEP

6144:AxU3ol2HZlQGjdFX9/oAz84Ftpzk+JWL4:pq4lbFt/BdF1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbaa6d8a5ee7a4490d41467ccd455e2d_JaffaCakes118

Files

cbaa6d8a5ee7a4490d41467ccd455e2d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccaf810bf82cb75380e5b53b5e9a4851

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

StgIsStorageFile
CreateItemMoniker
StgOpenStorage
StgCreateDocfile
BindMoniker
CreateBindCtx
CoCreateInstance
CoUninitialize
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
GetRunningObjectTable
CoInitialize

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

winmm

timeGetTime
timeSetEvent

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

gdi32

CreateDIBitmap

iphlpapi

GetAdaptersInfo
GetBestInterface
SendARP

advapi32

RegCreateKeyExA
GetUserNameA
CryptImportKey
RegDeleteValueA
RegEnumKeyExA
CryptCreateHash
CryptDestroyKey
CryptHashData
RegQueryValueExA
CryptDestroyHash
CryptGetHashParam
RegEnumValueA
RegOpenKeyExA
RegSetValueExA
CryptEncrypt
CryptReleaseContext
RegCloseKey

kernel32

CreateFiberEx
GetTempPathA
GetSystemDirectoryA
IsBadWritePtr
GetLastError
ResetEvent
EnterCriticalSection
GetComputerNameA
LoadLibraryA
GetDiskFreeSpaceA
WaitForSingleObject
DeleteFileA
GetLocalTime
GetSystemInfo
SetThreadPriority
LocalAlloc
CloseHandle
GetSystemTime
SetEvent
GetVersion
DefineDosDeviceA
OutputDebugStringA
GetModuleHandleA
GetDevicePowerState
GetLocaleInfoA
DeleteCriticalSection
GetModuleFileNameA
VirtualAlloc
CreateProcessA
LocalFree
DeviceIoControl
VirtualQuery
EnumResourceNamesW
GlobalMemoryStatus
CreateFileA
QueryPerformanceCounter
GetTickCount
InterlockedExchange
WaitForMultipleObjects
GetCurrentProcessId
GetFileAttributesA
GetWindowsDirectoryA
FlushInstructionCache
VirtualFree
FreeLibrary
GetCurrentThreadId
lstrlenA
CreateSemaphoreA
CreateThread
_llseek
CreateMutexA
IsBadReadPtr
CreateDirectoryA
WriteFile
InterlockedDecrement
QueryDosDeviceA
FlushFileBuffers
GetPrivateProfileStringA
LoadLibraryExA
InitializeCriticalSection
Sleep
GetCurrentThread
GetThreadPriority
GetACP
SetLastError
CompareStringA
LeaveCriticalSection
GetVersionExA
InterlockedIncrement
CreateEventA
ReadFile
ReleaseMutex

user32

RegisterWindowMessageA
GetDC
RealGetWindowClassA
PeekMessageA
ShowWindow
GetQueueStatus
ReleaseDC
PostThreadMessageA
CreateDialogParamA
DestroyWindow
DispatchMessageA
GetDesktopWindow
wsprintfA
MsgWaitForMultipleObjects
wvsprintfA

wininet

InternetOpenUrlA
InternetCloseHandle
InternetReadFile
InternetOpenA

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccaf810bf82cb75380e5b53b5e9a4851

Headers

File Characteristics

Imports

ole32

setupapi

winmm

shell32

gdi32

iphlpapi

advapi32

kernel32

user32

wininet

Sections

.text Size: 179KB - Virtual size: 179KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 19KB - Virtual size: 19KB

.tls Size: 512B - Virtual size: 228KB

.text
Size: 179KB - Virtual size: 179KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 19KB - Virtual size: 19KB

.tls
Size: 512B - Virtual size: 228KB