4ccfc18c2eebb7b3ba9cd7b53e540d3b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4ccfc18c2eebb7b3ba9cd7b53e540d3b_JaffaCakes118
Size

524KB
MD5

4ccfc18c2eebb7b3ba9cd7b53e540d3b
SHA1

ae6b1d06bb5d91c8a390218ff6b5eb6a23c8b61d
SHA256

c22bddc105d939931a107ec48ff42203b6fda9b42bfb9665a2c09142f2e124d8
SHA512

90f3623b6f42d9ca1d8d4159d08cb7e7a5fae9c0e6301c8fa5975dc86521e2cdf2db9457ce6bddfd8bf97df3c66b72835bde558890232ea94b4e043fd431de87
SSDEEP

12288:81sPLy/3dkSLshG+u5SoQNSPcQ+Dcy3SS:OKdukoQNmMS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ccfc18c2eebb7b3ba9cd7b53e540d3b_JaffaCakes118

Files

4ccfc18c2eebb7b3ba9cd7b53e540d3b_JaffaCakes118
.exe windows:6 windows x86 arch:x86

fc8dab45486f9aec71c5ce5c04fa3fc8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mswsock

GetTypeByNameW
MigrateWinsockConfiguration
GetAcceptExSockaddrs
SetServiceA
GetServiceA
GetNameByTypeA
GetServiceW
rexec
getnetbyname
TransmitFile
SetServiceW
GetNameByTypeW
GetAddressByNameA
sethostname
EnumProtocolsA
WSARecvEx

crypt32

CryptDecodeMessage
CryptGetDefaultOIDFunctionAddress
CertGetEnhancedKeyUsage
CertSerializeCRLStoreElement
CryptVerifyMessageSignatureWithKey
CertGetCRLContextProperty
CertSetCertificateContextProperty
CertSetCTLContextProperty
CertVerifyRevocation
CertIsRDNAttrsInCertificateName
CertFreeCRLContext
CertSerializeCertificateStoreElement
CertCompareIntegerBlob
CryptGetOIDFunctionValue
CryptDecryptMessage
CryptLoadSip
CryptSignMessageWithKey
CertStrToNameW
CertAddEncodedCertificateToSystemStoreW
CryptSignMessage
CertSetEnhancedKeyUsage
CertFindAttribute
CertEnumCertificateContextProperties
CertDuplicateCTLContext
CertAddEnhancedKeyUsageIdentifier

msi

ord11
ord159
ord97
ord165
ord139
ord112
ord140
ord71
ord83
ord58
ord153
ord64
ord167
ord144
ord88
ord156
ord93
ord137
ord50
ord164
ord53
ord166
ord158

avifil32

EditStreamSetNameW
AVIStreamInfo
AVIStreamRead
AVIStreamGetFrameClose
AVISaveA
IID_IAVIEditStream
AVIStreamWrite
AVIPutFileOnClipboard
EditStreamSetInfoA

msvfw32

DrawDibDraw
DrawDibBegin
DrawDibStop
ICGetInfo
ICDraw
ICDecompress
ICClose
ICCompress

avicap32

AppCleanup
capCreateCaptureWindowW

setupapi

SetupDiGetClassInstallParamsW
SetupQueryInfVersionInformationW
SetupCloseLog
SetupDiInstallClassA
SetupDiLoadClassIcon
SetupDiDrawMiniIcon
SetupTermDefaultQueueCallback
SetupDiBuildClassInfoList
SetupGetInfInformationA
SetupGetLineTextW
SetupTerminateFileLog
SetupCommitFileQueueW
SetupGetFileCompressionInfoW
SetupPromptForDiskW
SetupDiOpenDeviceInterfaceRegKey
SetupQueueRenameA

kernel32

GetProcAddress
LoadLibraryExW
EncodePointer
CreateFileW
RaiseException
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapReAlloc
HeapSize
SetConsoleCtrlHandler
GetProcessHeap
GetStringTypeW
GetFileType
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetStdHandle
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeLibrary
TlsFree
TlsSetValue
GetLastError
TlsGetValue
TlsAlloc
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetACP
GetCurrentThread
DeleteCriticalSection
OutputDebugStringA
DecodePointer
LeaveCriticalSection
OutputDebugStringW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
EnterCriticalSection
FindNextFileW
FindNextFileA
FindFirstFileExW
FindFirstFileExA
FindClose
HeapFree
HeapAlloc
CreateThread
WaitForSingleObjectEx
CloseHandle
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
SetLastError

Sections

.text
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc8dab45486f9aec71c5ce5c04fa3fc8

Headers

DLL Characteristics

File Characteristics

Imports

mswsock

crypt32

msi

avifil32

msvfw32

avicap32

setupapi

kernel32

Sections

.text Size: 302KB - Virtual size: 301KB

.rdata Size: 42KB - Virtual size: 42KB

.data Size: 39KB - Virtual size: 43KB

.rsrc Size: 139KB - Virtual size: 139KB

.text
Size: 302KB - Virtual size: 301KB

.rdata
Size: 42KB - Virtual size: 42KB

.data
Size: 39KB - Virtual size: 43KB

.rsrc
Size: 139KB - Virtual size: 139KB