JaffaCakes118_96ec1f741a8f6aef5501048c1f6cbf81

General

Target

JaffaCakes118_96ec1f741a8f6aef5501048c1f6cbf81
Size

204KB
MD5

96ec1f741a8f6aef5501048c1f6cbf81
SHA1

05162ccca467d38f1fba3196385d12ae0de9aeb5
SHA256

fb2564fbb02c8a5253a33a7af624c1c1c5fc896e34188f1c64c0f4ef99dcda81
SHA512

c481a90c3425ee8ee01112c02fc534c50186db0aa165a122b77d60921b2f7510cd26d0c3f5f08562d55d9df8e66289460b147b1aad11e7d891a7bbf35c306d9b
SSDEEP

6144:QQ4qCMLgpZ5Ip7AKCSkvEXtMSpGf8h68LcDI:n57nCbvE+Sgc6BD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_96ec1f741a8f6aef5501048c1f6cbf81

Files

JaffaCakes118_96ec1f741a8f6aef5501048c1f6cbf81
.exe windows:4 windows x86 arch:x86

d23cc94dfadbabfb899590cdc3ff0ada

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

advapi32

RegDeleteValueA
RegEnumValueA
CryptDestroyHash
CryptEncrypt
RegCreateKeyExA
RegQueryValueExA
CryptGetHashParam
CryptHashData
CryptImportKey
CryptDestroyKey
CryptReleaseContext
RegOpenKeyExA
RegEnumKeyExA
CryptCreateHash
RegSetValueExA
GetUserNameA
RegCloseKey

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

winmm

timeGetTime
timeSetEvent

kernel32

VirtualFree
CreateFiber
GetSystemTime
GetLastError
SetThreadContext
GetThreadPriority
GetACP
EnumResourceNamesW
IsBadReadPtr
GetTickCount
SetThreadPriority
lstrcatA
GetCurrentThreadId
GetCurrentThread
WaitForMultipleObjects
CreateSemaphoreA

user32

GetDC
DispatchMessageA
PeekMessageA
CreateDialogParamA
ShowWindow
DestroyWindow
RealGetWindowClassW
PostThreadMessageA
GetQueueStatus
MsgWaitForMultipleObjects
GetDesktopWindow
RegisterWindowMessageA
wsprintfA
ReleaseDC
wvsprintfA

Sections

.text
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d23cc94dfadbabfb899590cdc3ff0ada

Headers

File Characteristics

Imports

setupapi

advapi32

wininet

winmm

kernel32

user32

Sections

.text Size: 186KB - Virtual size: 186KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 14KB - Virtual size: 14KB

.tls Size: 512B - Virtual size: 224KB

.text
Size: 186KB - Virtual size: 186KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 14KB - Virtual size: 14KB

.tls
Size: 512B - Virtual size: 224KB