JaffaCakes118_d29cadfb66e93625d051d1f52402473f

General

Target

JaffaCakes118_d29cadfb66e93625d051d1f52402473f
Size

212KB
MD5

d29cadfb66e93625d051d1f52402473f
SHA1

3d0aea15516652bd28b8400ba972a85bb3a8da21
SHA256

6aaf4f3b8dae877835a8d6f1535b0795eeb2758c01a26aa399c59572f05ae705
SHA512

14df550fda0788b0c9e8e45c4e2ffcd1c894b91933b43e43c7feab5209a17c464a19051316482498f531cc76e61198f5318ee44442900413387ce763eb2b4f06
SSDEEP

3072:zvl2flQHRveJJvrHDB0v85aPuW9fFJvsN7sAHCYoqtTnyTYqY:bWlQkH6v4aPuCvIAxo76RY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_d29cadfb66e93625d051d1f52402473f

Files

JaffaCakes118_d29cadfb66e93625d051d1f52402473f
.exe windows:4 windows x86 arch:x86

b21d7514f3ceb853aabbfd2b47db2524

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

RegisterWindowMessageA
ReleaseDC
wsprintfA
GetQueueStatus
PeekMessageA
PostThreadMessageA
RealGetWindowClassW
MsgWaitForMultipleObjects
DestroyWindow
ShowWindow
DispatchMessageA
CreateDialogParamA
GetDC
GetDesktopWindow
wvsprintfA

winmm

timeGetTime
timeSetEvent

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

advapi32

GetUserNameA
RegQueryValueExA
CryptGetHashParam
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA
CryptCreateHash
CryptImportKey
CryptReleaseContext
RegEnumValueA
CryptDestroyKey
CryptHashData
RegSetValueExA
RegOpenKeyExA
CryptEncrypt
CryptDestroyHash
RegCloseKey

kernel32

WaitForMultipleObjects
CreateFiber
GetSystemTime
GetCurrentThreadId
SetThreadContext
GetTickCount
IsBadReadPtr
EnumResourceNamesW
VirtualFree
GetACP
GetThreadPriority
lstrcatA
GetLastError
GetCurrentThread
SetThreadPriority
CreateSemaphoreA

wininet

InternetOpenUrlA
InternetCloseHandle
InternetReadFile
InternetOpenA

Sections

.text
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b21d7514f3ceb853aabbfd2b47db2524

Headers

File Characteristics

Imports

user32

winmm

setupapi

advapi32

kernel32

wininet

Sections

.text Size: 194KB - Virtual size: 193KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 15KB - Virtual size: 14KB

.tls Size: 512B - Virtual size: 96KB

.text
Size: 194KB - Virtual size: 193KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 15KB - Virtual size: 14KB

.tls
Size: 512B - Virtual size: 96KB