JaffaCakes118_6e8f7aeef56207be6abdd96b571ff575

General

Target

JaffaCakes118_6e8f7aeef56207be6abdd96b571ff575
Size

211KB
MD5

6e8f7aeef56207be6abdd96b571ff575
SHA1

1af7bfa7cd47be565de3db92ae18d185c0bb5739
SHA256

4ea6d62094747ebde70ada63f90a317a8073776ed26f0c6373d19c49cee65463
SHA512

91702413c1fc7d8356b9cf82bfc14e0f5f8b1f5c518c291b98a4c82864f2b482bb8ad18bd65275aaf1636d5fea14539a85d6bedaa75927896dbd4d1f8e220719
SSDEEP

6144:h/Z20OehgB6ku3Ci1TwgcaQAEtz1VMZp:h/ZU6auNQZtz1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6e8f7aeef56207be6abdd96b571ff575

Files

JaffaCakes118_6e8f7aeef56207be6abdd96b571ff575
.exe windows:4 windows x86 arch:x86

200d3125c6abd545be04e20e81829721

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

CreateFiberEx
GetCurrentThreadId
GetTickCount
GetDevicePowerState
GetLastError
IsBadReadPtr
VirtualFree
EnumResourceNamesW
GetCurrentThread
WaitForMultipleObjects
GetACP
FlushFileBuffers
SetThreadPriority
GetThreadPriority
GetSystemTime
CreateSemaphoreA

advapi32

CryptReleaseContext
CryptDestroyHash
RegOpenKeyExA
CryptEncrypt
RegQueryValueExA
CryptImportKey
RegEnumValueA
RegEnumKeyExA
GetUserNameA
CryptCreateHash
RegCreateKeyExA
CryptDestroyKey
CryptHashData
CryptGetHashParam
RegDeleteValueA
RegSetValueExA
RegCloseKey

winmm

timeGetTime
timeSetEvent

user32

ReleaseDC
ShowWindow
CreateDialogParamA
DestroyWindow
GetDC
wsprintfA
PeekMessageA
PostThreadMessageA
MsgWaitForMultipleObjects
GetQueueStatus
GetDesktopWindow
RegisterWindowMessageA
RealGetWindowClassA
DispatchMessageA
wvsprintfA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

200d3125c6abd545be04e20e81829721

Headers

File Characteristics

Imports

setupapi

kernel32

advapi32

winmm

user32

wininet

Sections

.text Size: 191KB - Virtual size: 191KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 16KB - Virtual size: 15KB

.tls Size: 512B - Virtual size: 100KB

.text
Size: 191KB - Virtual size: 191KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 16KB - Virtual size: 15KB

.tls
Size: 512B - Virtual size: 100KB