e4078f024216d42ffb2cf93253d1e269_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e4078f024216d42ffb2cf93253d1e269_JaffaCakes118
Size

202KB
MD5

e4078f024216d42ffb2cf93253d1e269
SHA1

388d33df212372db1baefe5dcd8a2952fbe2bfd5
SHA256

4011693ae2f420ea3775f4382304d5938a44cb3400bee4ee964decf2177d9755
SHA512

5e0b5ac29d8d6535cc355d24ca9ff30779e5d59321a02f180b62770e15429333e9296e90fd1184bede465b39b044c3d180dc34bbd899407d6557a5a828ab9a42
SSDEEP

3072:VbOCtDy04LH1tMYBhsYWc/iCah6R29Tjo4vEywZSQr6hlR9Zl2VMjdMYt8ssD3:pOUT4JngYWbCap9TjoohS3ejdPt8ss

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e4078f024216d42ffb2cf93253d1e269_JaffaCakes118

Files

e4078f024216d42ffb2cf93253d1e269_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4b9d736119cc57a2b281a38e811d5c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
StgOpenStorage
CoUninitialize
StgIsStorageFile
CreateBindCtx
GetRunningObjectTable
CreateItemMoniker
StgCreateDocfile
BindMoniker
CoCreateInstance
CoInitialize

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

advapi32

CryptDestroyKey
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA
CryptEncrypt
RegEnumValueA
GetUserNameA
CryptImportKey
RegQueryValueExA
RegOpenKeyExA
CryptCreateHash
RegSetValueExA
CryptGetHashParam
CryptHashData
CryptDestroyHash
CryptReleaseContext
RegCloseKey

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

gdi32

CreateDIBitmap

kernel32

GetCurrentThreadId
CreateFiberEx
OutputDebugStringA
CreateDirectoryA
LoadLibraryExA
GetTempPathA
LoadLibraryA
_llseek
EnterCriticalSection
IsBadWritePtr
CompareStringA
GetFileAttributesA
GetSystemDirectoryA
DeleteFileA
GetDevicePowerState
GlobalMemoryStatus
GetModuleHandleA
WriteFile
Sleep
GetACP
GetComputerNameA
GetPrivateProfileStringA
ReadFile
GetLastError
DeleteCriticalSection
GetVersionExA
CreateProcessA
CreateEventA
SetThreadPriority
IsBadReadPtr
VirtualQuery
GetVersion
InterlockedDecrement
EnumResourceNamesW
GetTickCount
InterlockedExchange
FreeLibrary
GetWindowsDirectoryA
InterlockedIncrement
CreateSemaphoreA
SetLastError
DeviceIoControl
LocalFree
CreateFileA
FlushFileBuffers
InitializeCriticalSection
GetLocaleInfoA
GetSystemTime
LeaveCriticalSection
WaitForMultipleObjects
GetSystemInfo
DefineDosDeviceA
VirtualFree
CreateMutexA
QueryDosDeviceA
WaitForSingleObject
ResetEvent
CloseHandle
GetDiskFreeSpaceA
FlushInstructionCache
QueryPerformanceCounter
VirtualAlloc
lstrlenA
GetModuleFileNameA
SetEvent
GetLocalTime
LocalAlloc
GetCurrentProcessId
GetCurrentThread
CreateThread
GetThreadPriority
ReleaseMutex

user32

MsgWaitForMultipleObjects
PeekMessageA
RegisterWindowMessageA
GetQueueStatus
GetDC
DestroyWindow
GetDesktopWindow
wsprintfA
CreateDialogParamA
PostThreadMessageA
ShowWindow
ReleaseDC
DispatchMessageA
RealGetWindowClassA
wvsprintfA

winmm

timeGetTime
timeSetEvent

wininet

InternetCloseHandle
InternetOpenUrlA
InternetReadFile
InternetOpenA

iphlpapi

GetBestInterface
GetAdaptersInfo
SendARP

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4b9d736119cc57a2b281a38e811d5c7

Headers

File Characteristics

Imports

ole32

shell32

advapi32

setupapi

gdi32

kernel32

user32

winmm

wininet

iphlpapi

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 17KB - Virtual size: 16KB

.tls Size: 512B - Virtual size: 352KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 17KB - Virtual size: 16KB

.tls
Size: 512B - Virtual size: 352KB