7a87b22f97f3b8d7e8ae2f3621a021e0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7a87b22f97f3b8d7e8ae2f3621a021e0_JaffaCakes118
Size

2.0MB
MD5

7a87b22f97f3b8d7e8ae2f3621a021e0
SHA1

84d64f1a9be7b43e076db0a1a28e9e6e2e8bb105
SHA256

2271a018134a76fdd323e505bce01dbf9c35a90d6bbb9f9d3f10de60775a3e71
SHA512

00b0edc46898b4c73299ba18649cc85ed1943c876a0a5770220a0dd76fcc17b2c52787b84fb0a17dc4b0bb7a7acbf3734dbba6683aa6a41cb68cf0690ec0beed
SSDEEP

24576:8pAd+UsMltkvSCuQTKBWDjQOHBwwQFdJLqWnh:8s+AltnGCOHjoXLqWh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a87b22f97f3b8d7e8ae2f3621a021e0_JaffaCakes118

Files

7a87b22f97f3b8d7e8ae2f3621a021e0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

42484b7510ee56aa241101bcb3d80d0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

CreateErrorInfo
GetErrorInfo
SetErrorInfo
RegisterTypeLi
LoadTypeLi
VarNeg
VarBoolFromStr
VarBstrFromBool
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VarR8FromStr
VarI4FromStr
VariantChangeTypeEx
VariantCopyInd
VariantClear
VariantInit
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayRedim
SafeArrayCreate
SysStringLen
SysFreeString
SysAllocStringLen

wintrust

CryptCATAdminCalcHashFromFileHandle
CryptCATCatalogInfoFromContext

kernel32

RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
CloseHandle
WriteConsoleW
SetFilePointerEx
GlobalFree
LocalAlloc
LocalSize
VirtualAlloc
ExitProcess
GetModuleHandleW
CreateProcessW
GetCommandLineW
IsValidCodePage
GetOEMCP
GetLocaleInfoW
GetSystemDefaultUILanguage
GetStringTypeExW
EnumSystemCodePagesW
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetModuleHandleExW
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
IsDebuggerPresent
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetProcessHeap
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetStartupInfoW
GetStdHandle
GetFileType
CreateFileW
DeleteCriticalSection

user32

DdeQueryConvInfo
GetParent
EqualRect
UnionRect
InflateRect
CopyRect
GetClientRect
GetPropW
GetScrollRange
LockWindowUpdate
TrackPopupMenu
CreateMenu
LoadMenuW
EnableWindow
ReleaseCapture
IsCharAlphaW
GetNextDlgTabItem
GetDlgItemTextW
GetDlgItemInt
IsZoomed
GetWindowPlacement
ExitWindowsEx
PeekMessageW
DispatchMessageW
DrawFrameControl
GetProcessWindowStation
GetKeyboardLayout
GetCursor

advapi32

RegQueryValueExW
RegSetValueExW
RegCloseKey

setupapi

CM_Locate_DevNodeW
CM_Get_Parent_Ex
CM_Get_DevNode_Registry_Property_ExW
CM_Get_Device_IDW
SetupDiSetDeviceInstallParamsW
SetupDiGetSelectedDriverW
SetupDiBuildDriverInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceInstanceIdW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInfoListDetailW
SetupDiCreateDeviceInfoList
SetupInstallFromInfSectionW
SetupCloseFileQueue
SetupOpenFileQueue
SetupGetFieldCount
SetupGetLineCountW
SetupFindFirstLineW
SetupDiSetDeviceRegistryPropertyW

crypt32

CertOpenStore
CryptFindOIDInfo
CryptEnumOIDInfo
CryptMsgUpdate
CryptMsgOpenToDecode
CertEnumCertificatesInStore
CertFreeCertificateContext
CertSetCertificateContextProperty
CertFreeCTLContext
CertControlStore
CertGetPublicKeyLength
CryptHashCertificate
CertVerifyTimeValidity
CryptBinaryToStringW
CertGetCertificateChain
CertGetNameStringW
CertNameToStrW

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 506KB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rcaan
Size: 477KB - Virtual size: 476KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.186d6
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.b7ou5
Size: 387KB - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.6rn1y
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42484b7510ee56aa241101bcb3d80d0f

Headers

File Characteristics

Imports

oleaut32

wintrust

kernel32

user32

advapi32

setupapi

crypt32

Sections

.text Size: 130KB - Virtual size: 130KB

.data Size: 506KB - Virtual size: 7.7MB

.idata Size: 4KB - Virtual size: 4KB

.xdata Size: 1024B - Virtual size: 724B

.rcaan Size: 477KB - Virtual size: 476KB

.186d6 Size: 140KB - Virtual size: 140KB

.b7ou5 Size: 387KB - Virtual size: 386KB

.6rn1y Size: 280KB - Virtual size: 279KB

.rsrc Size: 100KB - Virtual size: 99KB

.text
Size: 130KB - Virtual size: 130KB

.data
Size: 506KB - Virtual size: 7.7MB

.idata
Size: 4KB - Virtual size: 4KB

.xdata
Size: 1024B - Virtual size: 724B

.rcaan
Size: 477KB - Virtual size: 476KB

.186d6
Size: 140KB - Virtual size: 140KB

.b7ou5
Size: 387KB - Virtual size: 386KB

.6rn1y
Size: 280KB - Virtual size: 279KB

.rsrc
Size: 100KB - Virtual size: 99KB