f7ec5b73084c9eeba09617232a038545_JaffaCakes118

General

Target

f7ec5b73084c9eeba09617232a038545_JaffaCakes118
Size

198KB
MD5

f7ec5b73084c9eeba09617232a038545
SHA1

24528b8ada8984d6bb83aa0e2ae6ab4b3d2ef086
SHA256

4227bf45d323f23bd70c68285d659212b64e16e82ac96abb9e4272074ae97218
SHA512

a6508bead6c3e678464fbeecdef143f9af94fd208dd94d46c41778fbba365c9ca6469c77f94c6f8a9860a91d6d4e29d3de6475302f2391531f20855ba4bb2766
SSDEEP

6144:JBAa+BClfws7YPDejInJs5HunW2k51fqJhThn:JBL+Yai5qWx51f+h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7ec5b73084c9eeba09617232a038545_JaffaCakes118

Files

f7ec5b73084c9eeba09617232a038545_JaffaCakes118
.exe windows:4 windows x86 arch:x86

76f6ed8cdc84a2039fb9ca1a43745fec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

advapi32

RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

GetACP
CreateFiber
GetProcAddress
lstrcmpiA
lstrlenA
GetThreadLocale
SuspendThread
LoadLibraryW
WideCharToMultiByte
RaiseException
DeleteCriticalSection
EnumResourceNamesA
MultiByteToWideChar
GetVersion
SetThreadPriority
GetVersionExA
InterlockedExchange
lstrlenW
FreeLibrary
InitializeCriticalSection
GetLocaleInfoA
GetLastError

user32

RegisterWindowMessageA
CreateDialogParamA
wsprintfA
ReleaseDC
MsgWaitForMultipleObjects
GetDesktopWindow
DestroyWindow
GetDC
RealGetWindowClassW
GetQueueStatus
ShowWindow
PeekMessageA
DispatchMessageA
PostThreadMessageA
wvsprintfA

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76f6ed8cdc84a2039fb9ca1a43745fec

Headers

File Characteristics

Imports

wininet

advapi32

setupapi

kernel32

user32

Sections

.text Size: 177KB - Virtual size: 177KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 17KB - Virtual size: 17KB

.tls Size: 512B - Virtual size: 216KB

.text
Size: 177KB - Virtual size: 177KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 17KB - Virtual size: 17KB

.tls
Size: 512B - Virtual size: 216KB