f9fac6949fee882cd1ed1a0a2f9e4751_JaffaCakes118

General

Target

f9fac6949fee882cd1ed1a0a2f9e4751_JaffaCakes118
Size

204KB
MD5

f9fac6949fee882cd1ed1a0a2f9e4751
SHA1

816997c66473f7bd37aa58a56f233b4eb5992ba2
SHA256

e2ead13305860473457e83aff6e6bca3174550c0b083da77a84088b19b1f7048
SHA512

642bd5609b11990c97442f2cc039eb052cb33c54f59de8b6e915cc264add735dd7c5d3d20231518cb59219f1d634c7fc97f55034c53031f88a016bf7ea465643
SSDEEP

6144:4WPB2ADacX/5u6AMxFy6N2Sb0+PZew5W9:dPkADacUTMxFy6lQoA9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9fac6949fee882cd1ed1a0a2f9e4751_JaffaCakes118

Files

f9fac6949fee882cd1ed1a0a2f9e4751_JaffaCakes118
.exe windows:4 windows x86 arch:x86

481a0ea46705414f19162f29856951b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

RaiseException
CreateFiber
GetVersionExA
InitializeCriticalSection
GetProcAddress
lstrlenW
SuspendThread
GetLocaleInfoA
FreeLibrary
MultiByteToWideChar
lstrcmpiA
LoadLibraryW
DeleteCriticalSection
EnumResourceNamesA
GetThreadLocale
SetThreadPriority
lstrlenA
GetACP
WideCharToMultiByte
InterlockedExchange
GetVersion
GetLastError

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

user32

ReleaseDC
GetDesktopWindow
ShowWindow
CreateDialogParamA
RealGetWindowClassW
wsprintfA
MsgWaitForMultipleObjects
RegisterWindowMessageA
PeekMessageA
DestroyWindow
GetQueueStatus
DispatchMessageA
GetDC
PostThreadMessageA
wvsprintfA

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCloseKey

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

481a0ea46705414f19162f29856951b4

Headers

File Characteristics

Imports

kernel32

setupapi

user32

wininet

advapi32

Sections

.text Size: 179KB - Virtual size: 179KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 21KB - Virtual size: 20KB

.tls Size: 512B - Virtual size: 228KB

.text
Size: 179KB - Virtual size: 179KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 21KB - Virtual size: 20KB

.tls
Size: 512B - Virtual size: 228KB