8e75205fd40e5676a1eb1f5d1868e33a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8e75205fd40e5676a1eb1f5d1868e33a_JaffaCakes118
Size

1.0MB
MD5

8e75205fd40e5676a1eb1f5d1868e33a
SHA1

3ce92b021f4b33119653c5c299c6750da21d92be
SHA256

980ada584bc79632ecb99b31409df7fa7684a65a55d9bbd76f04af75dfb141ea
SHA512

8bdecd96223350d08bb283e25f2ff7a7538daa5b221f5d03575dc0dab9fdfe480a8aa0ef410146d1fa348f981a61d43ec3e2aff279b9a75dbbbc6f3f497420cf
SSDEEP

12288:b8y1MbdWFX6GzdUBkJRRo0I264XMB9am0/xRg6tg8/dobBvH75kRJC59kFqP:NMsFqAUSaA6MMsR9t/doN5iw5yk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e75205fd40e5676a1eb1f5d1868e33a_JaffaCakes118

Files

8e75205fd40e5676a1eb1f5d1868e33a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bb9c6cf1ba1d5a6275cbaa0a687b5f02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wintrust

CryptCATAdminCalcHashFromFileHandle
CryptCATAdminEnumCatalogFromHash
CryptCATAdminReleaseCatalogContext
CryptCATAdminReleaseContext
WTHelperGetProvCertFromChain

msvcrt

_controlfp
_except_handler3
_exit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter

crypt32

CertGetCertificateChain
CryptStringToBinaryW
CertFreeCertificateChain
CertGetNameStringW
CryptExportPKCS8
CryptExportPublicKeyInfo
CertFindExtension
CertVerifyTimeValidity
CertFreeCRLContext
CertEnumCertificatesInStore
CryptDecodeObject
CryptEncodeObject

kernel32

GetStdHandle
GetFileSize
SetHandleCount
ReleaseSemaphore
WriteFile
EnterCriticalSection
GetLastError
GetCurrentThreadId
ExitProcess
MulDiv
TlsAlloc
OutputDebugStringW
GetTempPathW
GetFileAttributesW
FindFirstFileW
FindNextFileW
QueryPerformanceCounter
CompareStringW
DeleteCriticalSection
GetModuleHandleW
GetStartupInfoW
LeaveCriticalSection
GetVersion
GlobalFree
LocalFree
VirtualAlloc

user32

SetParent
SetWindowsHookExW
LoadIconW
CopyIcon
EqualRect
ExitWindowsEx
RegisterClassExW
IsChild
GetDlgItem
RegisterClipboardFormatW
CharUpperW
GetActiveWindow
LoadMenuW
CreateMenu
CheckMenuItem
GetMenuItemCount
RemoveMenu
DeleteMenu
DrawIcon
GetDC
LockWindowUpdate
ScrollWindow
ShowScrollBar
ScreenToClient
UnionRect

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.h383er
Size: 678KB - Virtual size: 677KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lad6h
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb9c6cf1ba1d5a6275cbaa0a687b5f02

Headers

File Characteristics

Imports

wintrust

msvcrt

crypt32

kernel32

user32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 6.9MB

.h383er Size: 678KB - Virtual size: 677KB

.lad6h Size: 294KB - Virtual size: 293KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 6.9MB

.h383er
Size: 678KB - Virtual size: 677KB

.lad6h
Size: 294KB - Virtual size: 293KB

.rsrc
Size: 13KB - Virtual size: 13KB