961b392ede4cbf2419e10d52a604fc91_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

961b392ede4cbf2419e10d52a604fc91_JaffaCakes118
Size

348KB
MD5

961b392ede4cbf2419e10d52a604fc91
SHA1

64174d7335f2170efaba3292a3e9fb80c4596787
SHA256

0c69bf5e3b9b030a5484458dfd843c7f45d3ffa15a1080fe3cee0e4110525fa9
SHA512

d8bb521e6f130febce631bca2b9f61ca482c372f514e89e9d1871742920227b0a043fe4205f1c45a2ea31730a43a7c7ff6c25ae80e408a3de1fe06dc3a3e0c34
SSDEEP

6144:bayjTIGzMXj6rKNnfwVUcgJalGy3Z+MzOpM:bayjTIGNOZfkAJUnM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
961b392ede4cbf2419e10d52a604fc91_JaffaCakes118

Files

961b392ede4cbf2419e10d52a604fc91_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6f3d338757f5e3d2e57cdcd740d11a66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

EWJtCompositionWinwreQQQQQQQQQQQQQQQQQQQQQQ####.pdb

Imports

pdh

PdhEnumObjectsW
PdhBrowseCountersW

advapi32

GetSecurityDescriptorLength
ReadEncryptedFileRaw
RegSetValueW
TreeResetNamedSecurityInfoW
CreateRestrictedToken
ObjectDeleteAuditAlarmW
ChangeServiceConfig2A
CryptGetHashParam

kernel32

GetCommandLineA
GetCommandLineW
GetStringScripts
EscapeCommFunction
ReOpenFile
SetThreadPriorityBoost
GetProcessHeap
SetThreadPriority
RaiseException
GlobalFindAtomA
GetModuleHandleA
GetFileSize
PeekConsoleInputA
FoldStringW
HeapAlloc
FindFirstChangeNotificationA
AddVectoredExceptionHandler
ResumeThread
OutputDebugStringW

msvcrt

qsort
localeconv

comdlg32

PrintDlgExW

crypt32

CertGetStoreProperty
CryptUnregisterOIDFunction
CryptHashCertificate
CertCreateSelfSignCertificate

iphlpapi

GetTcpStatistics
GetAdaptersInfo

rpcrt4

RpcBindingToStringBindingA
UuidCreateSequential
RpcAsyncCompleteCall
I_RpcAsyncAbortCall
RpcSmDestroyClientContext

wininet

HttpSendRequestW

netapi32

NetApiBufferSize

rasapi32

RasEnumConnectionsW
RasEnumEntriesW

gdi32

CreateBitmap
CloseMetaFile
GetSystemPaletteEntries
DeleteColorSpace
EndPage

setupapi

SetupDiGetClassInstallParamsW
SetupCloseLog
CM_Get_DevNode_Registry_PropertyW
SetupDiGetDriverInfoDetailA

winspool.drv

XcvDataW

ole32

OleCreateEmbeddingHelper
GetClassFile
MkParseDisplayName

shlwapi

StrCSpnIW

oleaut32

SafeArrayDestroyDescriptor
VARIANT_UserUnmarshal

mprapi

MprAdminMIBEntryGetFirst
MprInfoDelete
MprAdminInterfaceGetHandle

user32

ShowWindowAsync
TranslateMessage
CreateIconFromResourceEx
GetClientRect
GetPriorityClipboardFormat
EnumThreadWindows

version

VerFindFileW

winmm

mixerGetLineInfoW
waveInGetPosition

wintrust

WintrustGetRegPolicyFlags

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Y
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f3d338757f5e3d2e57cdcd740d11a66

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

pdh

advapi32

kernel32

msvcrt

comdlg32

crypt32

iphlpapi

rpcrt4

wininet

netapi32

rasapi32

gdi32

setupapi

winspool.drv

ole32

shlwapi

oleaut32

mprapi

user32

version

winmm

wintrust

Sections

.text Size: 119KB - Virtual size: 118KB

.data Size: 109KB - Virtual size: 115KB

.idata Size: 3KB - Virtual size: 3KB

Y Size: 97KB - Virtual size: 96KB

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 119KB - Virtual size: 118KB

.data
Size: 109KB - Virtual size: 115KB

.idata
Size: 3KB - Virtual size: 3KB

Y
Size: 97KB - Virtual size: 96KB

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 17KB - Virtual size: 17KB