JaffaCakes118_640e5bdf2f5d175718d5a04265d33233

General

Target

JaffaCakes118_640e5bdf2f5d175718d5a04265d33233
Size

196KB
MD5

640e5bdf2f5d175718d5a04265d33233
SHA1

15b7d143b8c867824c75b6321ac3c30c18fff941
SHA256

e0c9bc0b34e76c1918c67c6248edaa5b3f143a47d1947812a5b3d2c24e4ac658
SHA512

17b3447597a7685089d3e2095016061e6fc936d0f1c3240a8a6bac925d046db46bbdf00e0e2f6a36a15fb6197218ec4c9bb9e33914aa8922bb6e0a5a9aaa4b02
SSDEEP

3072:dnbnGY+SVOb3uSwyLB1VUB4N6V8OWuzPuNKVo6DW6GAZOGZEVvWXmsz/TQl:dbGYTMbgyLB124AV8OWuzrtSCA+XmXl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_640e5bdf2f5d175718d5a04265d33233

Files

JaffaCakes118_640e5bdf2f5d175718d5a04265d33233
.exe windows:4 windows x86 arch:x86

0b4cc59198bac705576003972cf308a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

wininet

InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

FreeLibrary
lstrlenA
CreateFiber
LoadLibraryW
lstrcmpiA
SuspendThread
MultiByteToWideChar
GetVersionExA
GetProcAddress
lstrlenW
InterlockedExchange
RaiseException
EnumResourceNamesA
GetVersion
SetThreadPriority
InitializeCriticalSection
WideCharToMultiByte
GetThreadLocale
DeleteCriticalSection
GetACP
GetLocaleInfoA
GetLastError

advapi32

RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegEnumValueA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

user32

DispatchMessageA
RealGetWindowClassW
MsgWaitForMultipleObjects
wsprintfA
ShowWindow
RegisterWindowMessageA
GetDesktopWindow
GetQueueStatus
PeekMessageA
CreateDialogParamA
DestroyWindow
PostThreadMessageA
ReleaseDC
GetDC
wvsprintfA

Sections

.text
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b4cc59198bac705576003972cf308a6

Headers

File Characteristics

Imports

wininet

setupapi

kernel32

advapi32

user32

Sections

.text Size: 169KB - Virtual size: 169KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 23KB - Virtual size: 22KB

.tls Size: 512B - Virtual size: 220KB

.text
Size: 169KB - Virtual size: 169KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 23KB - Virtual size: 22KB

.tls
Size: 512B - Virtual size: 220KB