b2f443a27017b4bd66f98418e599468c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b2f443a27017b4bd66f98418e599468c_JaffaCakes118
Size

1014KB
MD5

b2f443a27017b4bd66f98418e599468c
SHA1

649b8b2b3d8cdc99d75e0b5f98164545fe3a3323
SHA256

bf8ba4ca632aed2e9a609fb4a11ac2fbeee64da3031d541c85d21e455ee0efeb
SHA512

7f76774585ff162c3cb9c75a66b134a64dd85ed989a83ae8d76f4521bbeb20e5e5f8cdc6936cd9d2dcd9f2fc8fbcef1de69b44be1da09a23f5c216071ac85fe1
SSDEEP

24576:gbJs4iPrHaJkjG9A8rH/Fkh0ILZ8GUr1YMn6oD6Uhq:ggPrzSj/FUZ8XG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2f443a27017b4bd66f98418e599468c_JaffaCakes118

Files

b2f443a27017b4bd66f98418e599468c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1f4a23b5fd1a7b79bb5d2432cbff97d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathW
FindResourceExW
GetSystemTime
CloseHandle
SetEndOfFile
ReadFile
GetLastError
GetCurrentThreadId
HeapAlloc
VirtualAlloc
LocalFree
GlobalUnlock
GlobalLock
GetVersion
GetProcAddress
GetStartupInfoW
GetModuleHandleW

crypt32

CryptEnumOIDInfo
CertVerifyCertificateChainPolicy
CryptProtectData
CryptQueryObject
CertGetNameStringW
CertNameToStrW
CryptHashPublicKeyInfo
CertVerifyTimeValidity
CertGetPublicKeyLength
CertGetEnhancedKeyUsage
CertAddEncodedCertificateToStore
CertFreeCRLContext
CertSetCertificateContextProperty
CertFreeCertificateContext
CertCreateCertificateContext
CertCloseStore
CryptDecodeObjectEx
CertOpenStore

ole32

CoTaskMemRealloc

msvcrt

_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

secur32

FreeCredentialsHandle

setupapi

SetupDiGetSelectedDriverW
CM_Locate_DevNodeW
SetupFindNextLine
SetupDiOpenDeviceInterfaceW
SetupDiGetDeviceInterfaceDetailW
SetupDiBuildDriverInfoList
SetupDiEnumDriverInfoW
SetupDiGetClassDevsW
SetupDiGetClassDevsExW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceInstallParamsW
CM_Get_Device_IDW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.05rre5
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eryoc2
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cl0es
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i8ieo3
Size: 361KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f4a23b5fd1a7b79bb5d2432cbff97d3

Headers

File Characteristics

Imports

kernel32

crypt32

ole32

msvcrt

secur32

setupapi

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 7.1MB

.05rre5 Size: 158KB - Virtual size: 158KB

.eryoc2 Size: 247KB - Virtual size: 246KB

.cl0es Size: 201KB - Virtual size: 201KB

.i8ieo3 Size: 361KB - Virtual size: 360KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 7.1MB

.05rre5
Size: 158KB - Virtual size: 158KB

.eryoc2
Size: 247KB - Virtual size: 246KB

.cl0es
Size: 201KB - Virtual size: 201KB

.i8ieo3
Size: 361KB - Virtual size: 360KB

.rsrc
Size: 14KB - Virtual size: 13KB