f04c49ee2bfc17c0ad1f36946fa8b668_JaffaCakes118

General

Target

f04c49ee2bfc17c0ad1f36946fa8b668_JaffaCakes118
Size

198KB
MD5

f04c49ee2bfc17c0ad1f36946fa8b668
SHA1

b07c956ae1ab20edf29ec9bee8c519e3fe69afd5
SHA256

8bd9d7bc3c342f415240066c32041c8f7a8f652913a653ce7c769a0ffb6039bb
SHA512

87bb3938e110db39a497e65a154ed115afd95caace0a805960898677a988f4cc33c803e9f666e58b4a965c907a8fcdaa79a5795d62df22baf0987fee93efcb46
SSDEEP

6144:x38zsLiX4ldI59IU3lCNrAk3d5VIBksoS9KQ:xM/IdW6r/d+NnK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f04c49ee2bfc17c0ad1f36946fa8b668_JaffaCakes118

Files

f04c49ee2bfc17c0ad1f36946fa8b668_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b5e2efb7ce347af166002df1cb02304

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegDeleteValueA
CryptDestroyKey
CryptHashData
CryptDestroyHash
CryptReleaseContext
RegEnumValueA
GetUserNameA
CryptCreateHash
RegCreateKeyExA
RegEnumKeyExA
RegSetValueExA
RegOpenKeyExA
CryptEncrypt
RegQueryValueExA
CryptGetHashParam
CryptImportKey
RegCloseKey

user32

DispatchMessageA
PostThreadMessageA
GetQueueStatus
PeekMessageA
DestroyWindow
RegisterWindowMessageA
ReleaseDC
ShowWindow
CreateDialogParamA
GetDC
GetDesktopWindow
MsgWaitForMultipleObjects
wsprintfA
RealGetWindowClassW
wvsprintfA

kernel32

GetLastError
CreateFiber
GetTickCount
GetThreadPriority
SetThreadContext
IsBadReadPtr
EnumResourceNamesW
GetCurrentThread
GetACP
SetThreadPriority
VirtualFree
GetSystemTime
WaitForMultipleObjects
lstrcatA
GetCurrentThreadId
CreateSemaphoreA

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

winmm

timeGetTime
timeSetEvent

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b5e2efb7ce347af166002df1cb02304

Headers

File Characteristics

Imports

advapi32

user32

kernel32

wininet

winmm

setupapi

Sections

.text Size: 173KB - Virtual size: 172KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 21KB - Virtual size: 21KB

.tls Size: 512B - Virtual size: 352KB

.text
Size: 173KB - Virtual size: 172KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 21KB - Virtual size: 21KB

.tls
Size: 512B - Virtual size: 352KB