JaffaCakes118_741585b050760070c160f80d47e0b6f0

General

Target

JaffaCakes118_741585b050760070c160f80d47e0b6f0
Size

193KB
MD5

741585b050760070c160f80d47e0b6f0
SHA1

7a2676889475dec113f787fd6376a60653a54948
SHA256

e7b997ad7f409b43c71bbc7882189ec4ba8d09fe1d58c3e5c60526891efd50b8
SHA512

5c18111a2444a938ede2113f7251ecc689e478ed9b8d845c2c949e15e2bcb2fe83960082af30edae3dbba4302a8cadcd8b7da0fc8f7898473f2dd6e58d8d5ac9
SSDEEP

6144:Qkrv2dIUxHqmt0ZJh1pINcqJpfJNTF8oq:Qav2dRHmJhufpfJNTFRq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_741585b050760070c160f80d47e0b6f0

Files

JaffaCakes118_741585b050760070c160f80d47e0b6f0
.exe windows:4 windows x86 arch:x86

8eaf28e252545c871570c4bb4207ebaf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

wininet

InternetCloseHandle
InternetOpenUrlA
InternetReadFile
InternetOpenA

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

CreateFiber
lstrlenW
GetProcAddress
GetVersion
GetThreadLocale
SuspendThread
lstrcmpiA
InterlockedExchange
GetVersionExA
RaiseException
EnumResourceNamesA
GetLocaleInfoA
WideCharToMultiByte
FreeLibrary
MultiByteToWideChar
SetThreadPriority
GetACP
LoadLibraryW
lstrlenA
InitializeCriticalSection
DeleteCriticalSection
GetLastError

advapi32

RegEnumValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegCloseKey

user32

DestroyWindow
MsgWaitForMultipleObjects
PostThreadMessageA
wsprintfA
RegisterWindowMessageA
ReleaseDC
RealGetWindowClassW
DispatchMessageA
GetDesktopWindow
GetQueueStatus
ShowWindow
CreateDialogParamA
GetDC
PeekMessageA
wvsprintfA

Sections

.text
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8eaf28e252545c871570c4bb4207ebaf

Headers

File Characteristics

Imports

wininet

setupapi

kernel32

advapi32

user32

Sections

.text Size: 175KB - Virtual size: 175KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 14KB - Virtual size: 13KB

.tls Size: 512B - Virtual size: 76KB

.text
Size: 175KB - Virtual size: 175KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 14KB - Virtual size: 13KB

.tls
Size: 512B - Virtual size: 76KB