ced1f01a9493b7e7c71009ae01d3751e_JaffaCakes118

General

Target

ced1f01a9493b7e7c71009ae01d3751e_JaffaCakes118
Size

186KB
MD5

ced1f01a9493b7e7c71009ae01d3751e
SHA1

10ba64e83ddbff3699f0e59460da6295d2bed8c9
SHA256

7bc2d42ea9d50ec35613c734f23425e5cd76da7351579acf4d87420def398b53
SHA512

88879b54560edf816d6799a4b86fd7cffeb584fbfe0c94701cd71e52b78709aa0081d3a284c197e69e776f14a3038aa993d55ce64955bee65d76338deda928e7
SSDEEP

3072:zP3WsdS1L203WShsHCB2hxJhltdN4CxQOKN6qwygOWnqqaa6oD3cCyTu8vcPIbR:zPGFp6HCaxxTN4i+6qw88qqaa6ecJTp/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ced1f01a9493b7e7c71009ae01d3751e_JaffaCakes118

Files

ced1f01a9493b7e7c71009ae01d3751e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58a94e7e70d6c41adf47edb786b97da0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

timeGetTime
timeSetEvent

user32

RealGetWindowClassW
DestroyWindow
PostThreadMessageA
wsprintfA
PeekMessageA
RegisterWindowMessageA
GetDesktopWindow
CreateDialogParamA
MsgWaitForMultipleObjects
ReleaseDC
DispatchMessageA
GetQueueStatus
GetDC
ShowWindow
wvsprintfA

advapi32

RegCreateKeyExA
CryptDestroyHash
RegDeleteValueA
CryptDestroyKey
CryptGetHashParam
CryptReleaseContext
RegEnumValueA
CryptImportKey
RegEnumKeyExA
CryptHashData
RegOpenKeyExA
CryptEncrypt
GetUserNameA
CryptCreateHash
RegQueryValueExA
RegSetValueExA
RegCloseKey

kernel32

CreateFiber
VirtualFree
GetCurrentThread
SetThreadContext
GetTickCount
SetThreadPriority
EnumResourceNamesW
GetCurrentThreadId
GetSystemTime
WaitForMultipleObjects
IsBadReadPtr
lstrcatA
GetACP
GetThreadPriority
GetLastError
CreateSemaphoreA

wininet

InternetOpenUrlA
InternetCloseHandle
InternetReadFile
InternetOpenA

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58a94e7e70d6c41adf47edb786b97da0

Headers

File Characteristics

Imports

winmm

user32

advapi32

kernel32

wininet

setupapi

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 23KB - Virtual size: 22KB

.tls Size: 512B - Virtual size: 84KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 23KB - Virtual size: 22KB

.tls
Size: 512B - Virtual size: 84KB