061f04456e4ddf274b86216fa89704bd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

061f04456e4ddf274b86216fa89704bd_JaffaCakes118
Size

124KB
MD5

061f04456e4ddf274b86216fa89704bd
SHA1

ce1b514dd58597195c47eeed9608dcc60bbd74d8
SHA256

b56decc46e278dbbe8d14b86120950500749c78d874b539908671e5b26eeebe4
SHA512

1e931b6db8a606ab626370bc564bf0f62c4da2ef4d81189a991cb4d1c07a7321a1dc0ea71e9a97c967c10ae5fa427d05e1b0df0e84d4f995f8a11ed3b9592291
SSDEEP

3072:RZMgJQvN6xDcR7X6JJ8VbsPXk6CFxanP+9jabl:RZbENoy+b8WPk6oxeP+s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
061f04456e4ddf274b86216fa89704bd_JaffaCakes118

Files

061f04456e4ddf274b86216fa89704bd_JaffaCakes118
.exe windows:6 windows x86 arch:x86

1fdb23a2c19de3af281fcbc09a51d929

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

CryARr.pdb

Imports

crypt32

CertOpenSystemStoreA
CertGetSubjectCertificateFromStore

clusapi

ClusterResourceEnum

shlwapi

UrlIsW
PathCanonicalizeA
SHSkipJunction
SHOpenRegStream2W
IsCharSpaceA

setupapi

SetupSetNonInteractiveMode
SetupDiClassGuidsFromNameA
SetupSetFileQueueAlternatePlatformW
CM_Free_Log_Conf_Handle

user32

GetWindowInfo
GetCursor
GetTopWindow
GetScrollInfo
MsgWaitForMultipleObjectsEx
ToAsciiEx
ShutdownBlockReasonCreate
DdeConnect
GetWindowRgn
GetWindowDC

msacm32

acmFormatSuggest

comdlg32

ChooseFontA

winscard

g_rgSCardT0Pci

comctl32

ImageList_GetIcon

oleaut32

SafeArrayAllocDescriptorEx

kernel32

CloseHandle
GlobalSize
GetNamedPipeServerProcessId
GetUILanguageInfo
GetCommTimeouts
GetCommandLineW
GetProcessId
GetCurrentProcess
GetThreadLocale
GetLocalTime
GetPrivateProfileSectionNamesW
GetConsoleWindow
CreateMutexExA

wintrust

CryptCATPutMemberInfo
CryptCATGetCatAttrInfo

ws2_32

getsockname
getprotobyname

advapi32

QueryServiceConfigW
QueryRecoveryAgentsOnEncryptedFile
StartServiceCtrlDispatcherW
MakeSelfRelativeSD
RegReplaceKeyW

gdi32

GetClipBox
Rectangle
SaveDC
CreateCompatibleBitmap
SetDCPenColor
SetMetaRgn
StrokePath
DescribePixelFormat

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fdb23a2c19de3af281fcbc09a51d929

Headers

File Characteristics

PDB Paths

Imports

crypt32

clusapi

shlwapi

setupapi

user32

msacm32

comdlg32

winscard

comctl32

oleaut32

kernel32

wintrust

ws2_32

advapi32

gdi32

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 84KB - Virtual size: 85KB

DATA Size: 12KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 1024B

.reloc Size: 4KB - Virtual size: 652B

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 84KB - Virtual size: 85KB

DATA
Size: 12KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 1024B

.reloc
Size: 4KB - Virtual size: 652B