4a766453186ec9bb3e00f270f9209f49_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4a766453186ec9bb3e00f270f9209f49_JaffaCakes118
Size

945KB
MD5

4a766453186ec9bb3e00f270f9209f49
SHA1

5caf1be04bf000bbc2b2c6525f4e26af87d2c7be
SHA256

7bd7218bad08af3cdecb7b2049d524857781c1754f6073f346c0e24ede3d89bd
SHA512

579e651ab8240e8834cfb6c9e1d2f6af52c54f2808ff116da4ff1ad95b0cb0b79d4ee6010abdcb83a172c5dbc3f8d43617bf31c17bad04146c4e95e3e14e7cf9
SSDEEP

24576:lCjuie/w0iHy65t6x4thJcvSfK2kLsipbB:xiQWtsx4t/cakAYb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a766453186ec9bb3e00f270f9209f49_JaffaCakes118

Files

4a766453186ec9bb3e00f270f9209f49_JaffaCakes118
.exe windows:5 windows x86 arch:x86

78c43465002ff8083e858464dd71a16d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
GetLocaleInfoW
WideCharToMultiByte
MultiByteToWideChar
GetACP
FindFirstFileW
GetFileAttributesW
CreateFileW
GetFullPathNameW
GetStartupInfoW
LoadLibraryExW
FormatMessageW
FileTimeToSystemTime
GetSystemInfo
GetSystemTimeAsFileTime
CloseHandle
FindClose
SetFilePointer
ReadFile
ReleaseSemaphore
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
GetCurrentThreadId
GetCurrentProcess
VirtualAlloc
LocalAlloc
GetVersion
GetUserDefaultLCID
GetProcAddress
GetModuleHandleW

comctl32

_TrackMouseEvent
ImageList_Add
ImageList_SetBkColor
ImageList_Draw
ImageList_Replace
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Write
ImageList_GetImageInfo
FlatSB_SetScrollProp
ImageList_Create
CreateStatusWindowW

crypt32

CryptEncodeObject
CryptMsgUpdate
CertCloseStore
CertCreateCertificateContext
CertAddCertificateContextToStore
CertAddStoreToCollection
CertControlStore
CertGetEnhancedKeyUsage
CryptHashPublicKeyInfo
CertNameToStrW
CertFreeCertificateChain
CryptStringToBinaryW

wintrust

CryptCATAdminReleaseCatalogContext
WTHelperGetProvCertFromChain
WinVerifyTrust

shlwapi

SHAutoComplete
SHGetValueW
SHDeleteValueW
SHDeleteKeyW
SHDeleteEmptyKeyW
UrlUnescapeW
PathRemoveBackslashW
PathParseIconLocationW
PathIsNetworkPathW
PathIsRootW
PathGetDriveNumberW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
PathCombineW
PathBuildRootW
SHStrDupW
StrRetToStrW
StrPBrkW
StrChrW

setupapi

CM_Locate_DevNodeW
CM_Get_Parent_Ex
CM_Get_DevNode_Registry_Property_ExW
CM_Get_Device_IDW
SetupDiGetActualSectionToInstallW
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupOpenInfFileW
SetupFindFirstLineW
SetupFindNextLine
SetupGetLineCountW
SetupGetFieldCount
SetupCloseFileQueue
SetupInstallFromInfSectionW
SetupDiCreateDeviceInfoListExW
SetupDiGetDeviceInfoListDetailW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDriverInfoW
SetupDiGetSelectedDriverW
SetupDiGetDriverInfoDetailW
SetupDiGetClassDevsW
SetupDiCallClassInstaller
SetupDiGetDeviceRegistryPropertyW
SetupDiSetDeviceRegistryPropertyW

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 883KB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78c43465002ff8083e858464dd71a16d

Headers

File Characteristics

Imports

kernel32

comctl32

crypt32

wintrust

shlwapi

setupapi

msvcrt

Sections

.text Size: 37KB - Virtual size: 36KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 883KB - Virtual size: 7.7MB

.rsrc Size: 20KB - Virtual size: 22KB

.text
Size: 37KB - Virtual size: 36KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 883KB - Virtual size: 7.7MB

.rsrc
Size: 20KB - Virtual size: 22KB