6bde783c9a40a6ac04c3145f4c6417ae_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6bde783c9a40a6ac04c3145f4c6417ae_JaffaCakes118
Size

1.4MB
MD5

6bde783c9a40a6ac04c3145f4c6417ae
SHA1

d4de2bda3d81b1c591e24dbfa0c8b372f72c3605
SHA256

b774c6d9dc51ebd28884fb046d080fb2eb58cab7233d5c23b5bd8c88755c6196
SHA512

a0faaced2585bac4de121cd46b157d070eaa4beaffe8bc8ff2f9b9649aa2b25b076529cbbbdff80627147248c3554e08883bdccc738d21ad6e4e43d763e58fec
SSDEEP

24576:Vh56Yl/M2gdC1hKETzLkVMKM35/ZGc25mrY:VMeh9re6ZZb2iY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6bde783c9a40a6ac04c3145f4c6417ae_JaffaCakes118

Files

6bde783c9a40a6ac04c3145f4c6417ae_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8771d13f5d6a5209a72f41ba1241fe15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Locate_DevNodeW
CM_Get_Parent
CM_Get_DevNode_Status
CM_Get_DevNode_Registry_Property_ExW
CM_Get_Device_ID_ExW
CM_Get_Device_IDW
SetupDiGetActualSectionToInstallW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiOpenDevRegKey
SetupDiCallClassInstaller
SetupDiGetClassDevsExW
SetupDiGetClassDevsW
SetupDiGetDriverInfoDetailW
SetupDiBuildDriverInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceInstanceIdW
SetupDiOpenDeviceInfoW
SetupDiCreateDeviceInfoListExW
SetupInstallFromInfSectionW
SetupCloseFileQueue
SetupOpenFileQueue
SetupGetIntField
SetupGetStringFieldW
SetupGetFieldCount
SetupFindFirstLineW
SetupCloseInfFile
SetupOpenInfFileW

comdlg32

GetOpenFileNameW
GetFileTitleW

crypt32

CryptProtectData
CertNameToStrW
CryptHashPublicKeyInfo
CryptExportPKCS8
CryptAcquireCertificatePrivateKey
CryptExportPublicKeyInfo
CertVerifyTimeValidity
CryptHashCertificate
CertAddStoreToCollection
CertVerifyCertificateChainPolicy
CertSetCertificateContextProperty
CertCreateCertificateContext
CertEnumCertificatesInStore
CertCloseStore
CryptMsgUpdate
CryptMsgClose
CryptMsgOpenToDecode
CryptEnumOIDInfo
CryptFindOIDInfo
CryptEncodeObject
CryptStringToBinaryW
CertGetCertificateContextProperty
CryptBinaryToStringW

kernel32

GetOEMCP
GetCPInfo
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryExW
RtlUnwind
OutputDebugStringW
HeapReAlloc
GetStringTypeW
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CreateFileW
GetACP
FileTimeToSystemTime
GetProcAddress
VirtualAlloc
HeapDestroy
HeapAlloc
HeapFree
GetCurrentProcessId
GetEnvironmentStringsW
GetCurrentThreadId
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WaitForMultipleObjects
FindClose
CloseHandle
GetSystemTimeAsFileTime
GetSystemInfo
FormatMessageW
CreateFileMappingW
GetModuleHandleW
GetCommandLineW
ExpandEnvironmentStringsW
GetSystemDirectoryW
FindFirstFileW
MultiByteToWideChar
GetCommandLineA
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameA
WriteFile
GetModuleFileNameW
QueryPerformanceCounter
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree

userenv

ExpandEnvironmentStringsForUserW
RegisterGPNotification
LoadUserProfileW

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 942KB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8771d13f5d6a5209a72f41ba1241fe15

Headers

File Characteristics

Imports

setupapi

comdlg32

crypt32

kernel32

userenv

Sections

.text Size: 77KB - Virtual size: 76KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 942KB - Virtual size: 7.8MB

.rsrc Size: 364KB - Virtual size: 364KB

.text
Size: 77KB - Virtual size: 76KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 942KB - Virtual size: 7.8MB

.rsrc
Size: 364KB - Virtual size: 364KB