e315dcdf0c2d2ca9bc113a0f41b5631c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e315dcdf0c2d2ca9bc113a0f41b5631c_JaffaCakes118
Size

210KB
MD5

e315dcdf0c2d2ca9bc113a0f41b5631c
SHA1

dac5ece3896c5363815d4ae5d67d0ea4057f6598
SHA256

8ccce028916c95e6a57c78c86c010834653f4723401135afbf49c9a2f62bd1f7
SHA512

443cee5cfaca54aca1975664252aa98bc778fb50bde1f6e0a198071fa1d60b4041848998dd9c17a34628757e3351e93bae1b347e7160c151b9822575650436bb
SSDEEP

3072:1jy+Jc2pW+ycmY9DKbzjvQtfbUgUCD8khVC2gx4ivWC76P5i07pZXGq6UR8Xbf7x:ZJJFmY9s5uHC2OVUnUqq68J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e315dcdf0c2d2ca9bc113a0f41b5631c_JaffaCakes118

Files

e315dcdf0c2d2ca9bc113a0f41b5631c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c4187a23d708578689dcef7417555cbc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

timeGetTime
timeSetEvent

advapi32

RegSetValueExA
RegCreateKeyExA
CryptEncrypt
CryptCreateHash
RegOpenKeyExA
RegEnumKeyExA
RegDeleteValueA
RegEnumValueA
CryptReleaseContext
CryptGetHashParam
RegQueryValueExA
CryptHashData
CryptDestroyKey
GetUserNameA
CryptDestroyHash
CryptImportKey
RegCloseKey

ole32

CoCreateInstance
CoUninitialize
StgCreateDocfile
StringFromGUID2
GetRunningObjectTable
CoTaskMemFree
CreateBindCtx
StgIsStorageFile
CreateItemMoniker
CoTaskMemAlloc
BindMoniker
StgOpenStorage
CoInitialize

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

gdi32

CreateDIBitmap

iphlpapi

GetBestInterface
GetAdaptersInfo
SendARP

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

kernel32

DeviceIoControl
GetLocaleInfoA
QueryPerformanceCounter
CreateFiberEx
VirtualFree
LoadLibraryExA
SetThreadPriority
InterlockedDecrement
SetEvent
FreeLibrary
IsBadReadPtr
GetPrivateProfileStringA
CreateSemaphoreA
GetFileAttributesA
GetCurrentProcessId
_llseek
GetWindowsDirectoryA
CreateProcessA
SetLastError
ReadFile
GetDevicePowerState
GetLocalTime
LocalFree
IsBadWritePtr
GetLastError
LeaveCriticalSection
VirtualAlloc
FlushInstructionCache
GetTickCount
InitializeCriticalSection
InterlockedIncrement
DeleteFileA
QueryDosDeviceA
WaitForMultipleObjects
EnumResourceNamesW
GetSystemInfo
GetVersion
WriteFile
InterlockedExchange
GetComputerNameA
GetSystemDirectoryA
CreateThread
GetACP
VirtualQuery
Sleep
CreateMutexA
GetTempPathA
GetCurrentThread
WaitForSingleObject
CloseHandle
CreateDirectoryA
LocalAlloc
FlushFileBuffers
LoadLibraryA
lstrlenA
CreateEventA
GetModuleHandleA
OutputDebugStringA
GetThreadPriority
GetCurrentThreadId
CompareStringA
DefineDosDeviceA
GetModuleFileNameA
DeleteCriticalSection
GlobalMemoryStatus
EnterCriticalSection
GetDiskFreeSpaceA
GetSystemTime
CreateFileA
GetVersionExA
ResetEvent
ReleaseMutex

wininet

InternetCloseHandle
InternetOpenUrlA
InternetReadFile
InternetOpenA

user32

PostThreadMessageA
GetDC
DestroyWindow
RealGetWindowClassA
ShowWindow
PeekMessageA
RegisterWindowMessageA
GetDesktopWindow
GetQueueStatus
wsprintfA
ReleaseDC
MsgWaitForMultipleObjects
DispatchMessageA
CreateDialogParamA
wvsprintfA

Sections

.text
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4187a23d708578689dcef7417555cbc

Headers

File Characteristics

Imports

winmm

advapi32

ole32

setupapi

gdi32

iphlpapi

shell32

kernel32

wininet

user32

Sections

.text Size: 181KB - Virtual size: 181KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 23KB - Virtual size: 22KB

.tls Size: 512B - Virtual size: 100KB

.text
Size: 181KB - Virtual size: 181KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 23KB - Virtual size: 22KB

.tls
Size: 512B - Virtual size: 100KB