03fad569cfe0f9608624133ed2df8c2b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

03fad569cfe0f9608624133ed2df8c2b_JaffaCakes118
Size

843KB
MD5

03fad569cfe0f9608624133ed2df8c2b
SHA1

c9aaa70c4454a8579c2a27a7776264c3cd57ae89
SHA256

9007b580d171f90515d3456a46de9f4f7a78510c2ef1374b1371e35340963c5b
SHA512

3bb0384c44d8b19e62bb2cceee284e6bc3f695f374b0c9d4f69bed8a8ca53d5f4a187a8d46421eed8552e899bf980d521d0d9efab5c6aeb5d8d13f754bef4ac7
SSDEEP

24576:bfitmB9lRYzr0WfKWOsnrIbaum3EYbQqwmE7W3TqRAh8q7s:zAr0QOkPPbQqdEy3+Bq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03fad569cfe0f9608624133ed2df8c2b_JaffaCakes118

Files

03fad569cfe0f9608624133ed2df8c2b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

45463b0374c5adbac7f02c154121b5ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
InitCommonControlsEx
ImageList_SetImageCount
ImageList_GetBkColor
ImageList_BeginDrag
ImageList_Write
_TrackMouseEvent
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_SetScrollProp

crypt32

CryptEncodeObjectEx
CryptMsgClose
CryptMsgUpdate
CryptMsgGetParam
CertOpenStore
CertEnumCertificatesInStore
CertCreateCertificateContext
CertSetCertificateContextProperty
CertAddEncodedCertificateToStore
CertAddCertificateContextToStore
CertAddStoreToCollection
CertGetPublicKeyLength
CertFindExtension
CryptHashPublicKeyInfo
CertNameToStrW
CryptProtectData
CertFreeCertificateChain

kernel32

GetProcAddress
LocalAlloc
VirtualAlloc
HeapAlloc
HeapFree
GetEnvironmentStringsW
GetCurrentThreadId
GetLastError
FindClose
GetFullPathNameW
GetFileAttributesW
FindFirstFileW
IsValidCodePage
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoW
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP

ole32

CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
ReleaseStgMedium
CoGetMalloc

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 6.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wswan
Size: 733KB - Virtual size: 733KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45463b0374c5adbac7f02c154121b5ac

Headers

File Characteristics

Imports

comctl32

crypt32

kernel32

ole32

Sections

.text Size: 66KB - Virtual size: 66KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 11KB - Virtual size: 6.8MB

.wswan Size: 733KB - Virtual size: 733KB

.rsrc Size: 27KB - Virtual size: 29KB

.text
Size: 66KB - Virtual size: 66KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 11KB - Virtual size: 6.8MB

.wswan
Size: 733KB - Virtual size: 733KB

.rsrc
Size: 27KB - Virtual size: 29KB