JaffaCakes118_2c8e261534fbca9880c8ca818bfc33eb

General

Target

JaffaCakes118_2c8e261534fbca9880c8ca818bfc33eb
Size

196KB
MD5

2c8e261534fbca9880c8ca818bfc33eb
SHA1

a2ecb0da7055f431e17b60bbeebbd7fc4c9e0252
SHA256

0f984dcd699fb023454deaaabbce89d5689f74859d8d286b9985ddadfa00e4b4
SHA512

14f216d72878598eb0eec2d4d41f2422f0bfe88d31848cd0947c6cf3328cbc18c1efdc712007ff91d06e105083a914271266076e9d9e2040d9f422844cc252a7
SSDEEP

6144:A0cUbji9nUaw1W4K1mFdoZmx4OV0LcbkFMCaeCE/g:i+d1W5cFdoZ4gIk5r/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_2c8e261534fbca9880c8ca818bfc33eb

Files

JaffaCakes118_2c8e261534fbca9880c8ca818bfc33eb
.exe windows:4 windows x86 arch:x86

69d0619fb40850c2683c390e4b4f6795

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

wsprintfA
DispatchMessageA
RealGetWindowClassA
PostThreadMessageA
GetQueueStatus
ReleaseDC
RegisterWindowMessageA
GetDesktopWindow
ShowWindow
DestroyWindow
CreateDialogParamA
GetDC
MsgWaitForMultipleObjects
PeekMessageA
wvsprintfA

wininet

InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA

kernel32

IsBadReadPtr
CreateFiberEx
SetThreadPriority
VirtualFree
CancelIo
WaitForMultipleObjects
EnumResourceNamesW
GetACP
GetThreadPriority
GetCurrentThreadId
GetCurrentThread
FlushFileBuffers
GetSystemTime
GetTickCount
GetLastError
CreateSemaphoreA

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

advapi32

CryptReleaseContext
CryptCreateHash
RegCreateKeyExA
CryptImportKey
RegSetValueExA
RegDeleteValueA
GetUserNameA
CryptDestroyKey
CryptEncrypt
RegOpenKeyExA
CryptHashData
CryptDestroyHash
CryptGetHashParam
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegCloseKey

winmm

timeGetTime
timeSetEvent

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69d0619fb40850c2683c390e4b4f6795

Headers

File Characteristics

Imports

user32

wininet

kernel32

setupapi

advapi32

winmm

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 17KB - Virtual size: 16KB

.tls Size: 512B - Virtual size: 220KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 17KB - Virtual size: 16KB

.tls
Size: 512B - Virtual size: 220KB