JaffaCakes118_5ad2a1f41d991ea37f98f391c322d691

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_5ad2a1f41d991ea37f98f391c322d691
Size

191KB
MD5

5ad2a1f41d991ea37f98f391c322d691
SHA1

325f2cb66a09c2a9df80f1080d890a6421f8a473
SHA256

a9f678f2584dece46765d865ea47093c95fff10ec41aba79c783af33f23c576d
SHA512

5854da127d3444a2a1959175e6d9a91aa9d5f118dd6ec84a382dffd9977c65c2a54a2c4eb00a2ea42664a180333ebbf8370d7f9cd62fd6510230219a2bf5eb47
SSDEEP

3072:PlMLhgWduH4XE6s4BkGw8ICa084QuzB8eJfbENnGuEc2+ml9q8SU6oAhpX:PqhgWdawsMkGTICT/fbENnGm2pbSdR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_5ad2a1f41d991ea37f98f391c322d691

Files

JaffaCakes118_5ad2a1f41d991ea37f98f391c322d691
.exe windows:4 windows x86 arch:x86

c74535876e40d4235bb9618aa8aceaed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

winmm

timeGetTime
timeSetEvent

advapi32

CryptEncrypt
CryptHashData
CryptDestroyHash
GetUserNameA
RegSetValueExA
RegQueryValueExA
RegEnumKeyExA
RegDeleteValueA
CryptGetHashParam
CryptReleaseContext
RegOpenKeyExA
CryptCreateHash
CryptImportKey
RegEnumValueA
CryptDestroyKey
RegCreateKeyExA
RegCloseKey

user32

wsprintfA
GetQueueStatus
DispatchMessageA
GetDC
ReleaseDC
CreateDialogParamA
ShowWindow
PeekMessageA
PostThreadMessageA
DestroyWindow
MsgWaitForMultipleObjects
RegisterWindowMessageA
RealGetWindowClassA
GetDesktopWindow
wvsprintfA

gdi32

CreateDIBitmap

kernel32

CreateFiberEx
InterlockedDecrement
GetLocaleInfoA
GetFileAttributesA
GetWindowsDirectoryA
GetTickCount
CreateThread
IsBadReadPtr
GetDiskFreeSpaceA
DeleteCriticalSection
VirtualAlloc
GetModuleFileNameA
GetComputerNameA
LoadLibraryA
GetSystemDirectoryA
CreateDirectoryA
GetCurrentThreadId
IsBadWritePtr
ReadFile
GetTempPathA
VirtualFree
FreeLibrary
InterlockedExchange
GetDevicePowerState
GetACP
VirtualQuery
SetThreadPriority
DefineDosDeviceA
SetEvent
CompareStringA
GetPrivateProfileStringA
LocalFree
GetCurrentProcessId
LocalAlloc
WriteFile
CreateEventA
CreateFileA
lstrlenA
ResetEvent
WaitForMultipleObjects
CreateProcessA
EnumResourceNamesW
GetModuleHandleA
CreateMutexA
GetThreadPriority
DeleteFileA
LoadLibraryExA
FlushFileBuffers
OutputDebugStringA
GetVersion
GlobalMemoryStatus
GetLastError
GetSystemTime
GetSystemInfo
InitializeCriticalSection
LeaveCriticalSection
GetCurrentThread
CreateSemaphoreA
WaitForSingleObject
InterlockedIncrement
DeviceIoControl
FlushInstructionCache
Sleep
GetLocalTime
GetVersionExA
_llseek
EnterCriticalSection
SetLastError
QueryDosDeviceA
QueryPerformanceCounter
CloseHandle
ReleaseMutex

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

iphlpapi

GetBestInterface
GetAdaptersInfo
SendARP

ole32

BindMoniker
CoCreateInstance
StringFromGUID2
StgOpenStorage
GetRunningObjectTable
StgIsStorageFile
StgCreateDocfile
CoUninitialize
CreateBindCtx
CreateItemMoniker
CoTaskMemFree
CoTaskMemAlloc
CoInitialize

Sections

.text
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c74535876e40d4235bb9618aa8aceaed

Headers

File Characteristics

Imports

setupapi

shell32

winmm

advapi32

user32

gdi32

kernel32

wininet

iphlpapi

ole32

Sections

.text Size: 170KB - Virtual size: 169KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 15KB

.tls Size: 512B - Virtual size: 80KB

.text
Size: 170KB - Virtual size: 169KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 15KB

.tls
Size: 512B - Virtual size: 80KB