aeff0d72a64900582b0d3d4d5f4d5011_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aeff0d72a64900582b0d3d4d5f4d5011_JaffaCakes118
Size

845KB
MD5

aeff0d72a64900582b0d3d4d5f4d5011
SHA1

809dbd28201b558e1ea3b1bf1964a3b34d4f1ff5
SHA256

c302bdf90b6fabe951a0e74d75d816de1c74fbe86dc53eda2e9a12ef4e0486e5
SHA512

d9bee481d27fd13ece84e23d54af83db77ff78f9fe345b34033043b81bdaa7e4c5f956d4ab5f657265d48770947bfcbdaef75bd3e20396145f516e6706f27838
SSDEEP

24576:tPTXD0p4mAwoyRo4ael/GywEBJbFd+44FyuwS10gXGwSB:VXDYToy6UOGvJ044F5MB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aeff0d72a64900582b0d3d4d5f4d5011_JaffaCakes118

Files

aeff0d72a64900582b0d3d4d5f4d5011_JaffaCakes118
.exe windows:5 windows x86 arch:x86

27176ad07273c1b694c889ebe3ecc7f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateStreamOnHGlobal
StringFromCLSID
CoGetMalloc

user32

DdeAddData
DdeEnableCallback
DdeConnect
GetWindowInfo
SystemParametersInfoW
MapDialogRect
GetTopWindow
SetRectEmpty
FrameRect
ShowCursor
GetMenuItemInfoW
TrackPopupMenuEx
HiliteMenuItem
SetFocus
AttachThreadInput
DispatchMessageW

crypt32

CertNameToStrW
CryptAcquireCertificatePrivateKey
CertVerifyTimeValidity
CertFreeCTLContext
CertFreeCRLContext
CertEnumCertificatesInStore
CryptMsgGetParam
CryptMsgClose
CryptMsgOpenToDecode
CryptDecodeObject
CertGetCertificateChain

kernel32

InterlockedDecrement
GetStringTypeW
GetStringTypeA
LCMapStringW
InterlockedIncrement
MultiByteToWideChar
LoadLibraryA
GetProcAddress
LCMapStringA
ExitProcess
GlobalAlloc
GlobalLock
LocalAlloc
VirtualAlloc
HeapSize
CreateFiberEx
GetCurrentThreadId
GetLastError
InitializeCriticalSectionAndSpinCount
GetFileType
CloseHandle
lstrcmpiW
GetModuleFileNameW
GetModuleHandleW
ExpandEnvironmentStringsW
FindResourceW
GetTempPathW
GetDiskFreeSpaceW
GetFullPathNameW
GetCompressedFileSizeW
GetOEMCP
GetUserDefaultLCID
GetConsoleWindow
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
HeapAlloc

winspool.drv

EnumFormsW
AddMonitorW
EndDocPrinter

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.e6cr
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1hh6hm
Size: 603KB - Virtual size: 602KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27176ad07273c1b694c889ebe3ecc7f1

Headers

File Characteristics

Imports

ole32

user32

crypt32

kernel32

winspool.drv

Sections

.text Size: 40KB - Virtual size: 39KB

.data Size: 12KB - Virtual size: 6.7MB

.idata Size: 3KB - Virtual size: 2KB

.e6cr Size: 177KB - Virtual size: 177KB

.1hh6hm Size: 603KB - Virtual size: 602KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 40KB - Virtual size: 39KB

.data
Size: 12KB - Virtual size: 6.7MB

.idata
Size: 3KB - Virtual size: 2KB

.e6cr
Size: 177KB - Virtual size: 177KB

.1hh6hm
Size: 603KB - Virtual size: 602KB

.rsrc
Size: 8KB - Virtual size: 7KB