6c405dc64f2254e006180a3a9aa718b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6c405dc64f2254e006180a3a9aa718b9_JaffaCakes118
Size

860KB
MD5

6c405dc64f2254e006180a3a9aa718b9
SHA1

7ad6a4ea0540acefa509cb3240d6328d660afea7
SHA256

d14386352ad3b356263de9b27749570c0a43b06639d802dac18f79569aef2111
SHA512

b6576f8847a607b9ec2638fbb5981108db4db0845ab17fc41e4a0f3debe0bd41145ccee3fa44f271012c63c11e9cc5a7f6062ec21ddf8706307ef69cc1b5dc31
SSDEEP

12288:FHCNdhvJPbts7tQwuVd4MjduhZhv/M8dwIhxlPwPhakxzORBY/09CFO5M/VmeFZv:FHCLXRmQwSRvYXhxxBM0MVzgyL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6c405dc64f2254e006180a3a9aa718b9_JaffaCakes118

Files

6c405dc64f2254e006180a3a9aa718b9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dc424cc3f194c12c21f4d5e651222a1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OffsetRect
GetClassInfoExW
CreateDialogParamW
SetDlgItemInt
GetDlgCtrlID
WinHelpW
LoadStringW
CopyIcon
LoadImageW
CreateIcon
GetWindow
GetParent
GetKeyboardLayoutList
GetPropW
CheckMenuItem
CreatePopupMenu
GetSystemMenu
EnableWindow
SetTimer
GetDialogBaseUnits

comctl32

FlatSB_GetScrollPos
_TrackMouseEvent
ImageList_SetIconSize
ImageList_DragShowNolock
ImageList_EndDrag
ImageList_LoadImageW
ImageList_Remove
ImageList_DrawIndirect
ImageList_DrawEx
ImageList_Replace
ImageList_SetBkColor
ImageList_SetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControlsEx
CreatePropertySheetPageW
InitializeFlatSB

kernel32

GetCurrentThreadId
VirtualAlloc
InitializeCriticalSection
GetFileType
GetFileSize
CloseHandle
GetSystemTime
FormatMessageW
LoadLibraryW
CreateProcessW
GetStartupInfoW
GetFullPathNameW
FindFirstFileW
GetCPInfo
GetStringTypeW
IsProcessorFeaturePresent
IsDebuggerPresent
GetOEMCP
GetProcAddress
LoadLibraryExW
RtlUnwind
OutputDebugStringW
HeapAlloc
HeapReAlloc
HeapSize
LCMapStringW
CreateFileW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
GetLastError
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
DeleteCriticalSection
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
HeapFree
IsValidCodePage
GetACP

wintrust

WTHelperGetProvSignerFromChain
WTHelperGetProvCertFromChain
CryptCATCatalogInfoFromContext
WinVerifyTrust

crypt32

CryptFindOIDInfo
CryptMsgOpenToDecode
CryptEncodeObject
CryptMsgGetParam
CertOpenStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertGetCertificateContextProperty
CertAddEncodedCertificateToStore
CertAddCertificateContextToStore
CertAddStoreToCollection
CertGetPublicKeyLength
CertVerifyTimeValidity
CertFindExtension
CryptAcquireCertificatePrivateKey
CryptHashPublicKeyInfo
CryptQueryObject
CryptProtectData
CertFreeCertificateChain
CryptDecodeObject
CertGetEnhancedKeyUsage
CryptEncodeObjectEx

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5ei1i
Size: 767KB - Virtual size: 768KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dc424cc3f194c12c21f4d5e651222a1b

Headers

File Characteristics

Imports

user32

comctl32

kernel32

wintrust

crypt32

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 6.8MB

.5ei1i Size: 767KB - Virtual size: 768KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 6.8MB

.5ei1i
Size: 767KB - Virtual size: 768KB