0870556591fbd4b6e9184805dd4f590f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0870556591fbd4b6e9184805dd4f590f_JaffaCakes118
Size

855KB
MD5

0870556591fbd4b6e9184805dd4f590f
SHA1

ac4b96451999dfc1d3b8e87feb91874d26cc8c25
SHA256

701664b95a2e05e592311743c4c4e564a50cd0574bc58ecdbbc09e13e4919540
SHA512

23e7def8b92013d10d16664d41bde0a37eaeb276029019d5003e3984dd7836261ef9ce997c9a31a6e89ac566a193bac09aeff83e70626fc8d4e4442cd0a42f3f
SSDEEP

24576:BdK6NbHF9NwopvLrE62tIytIGMXBaGOasvMbdRery8kBTALa:PNZ3wopv/eOGyIBDYk1WM+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0870556591fbd4b6e9184805dd4f590f_JaffaCakes118

Files

0870556591fbd4b6e9184805dd4f590f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09af1f45a7f7a5411d68cb5a626fbf77

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AssignProcessToJobObject
GetModuleFileNameA
OpenFile
HeapUnlock
SetFileApisToANSI
RemoveDirectoryA
CloseHandle
GetCommModemStatus
GetSystemWindowsDirectoryA
EnumCalendarInfoExA
GetPrivateProfileIntW
GetVolumeNameForVolumeMountPointW
EnumCalendarInfoW
GetPrivateProfileStringW
SetVolumeMountPointW
QueueUserAPC
FindAtomA
EnumResourceLanguagesW
BuildCommDCBA
ExpungeConsoleCommandHistoryA
DosDateTimeToFileTime
CreateFileW
LZOpenFileA
SearchPathA
WriteProcessMemory
FlushFileBuffers
HeapAlloc
SetProcessPriorityBoost
DeleteFileA
LocalCompact
IsValidLanguageGroup
GetSystemWow64DirectoryA
VirtualAlloc
SetThreadPriorityBoost
EnumSystemLocalesA
WriteConsoleOutputCharacterA
InitializeCriticalSection
FindResourceExW
BindIoCompletionCallback
ReadFileEx
GetCurrencyFormatA
SetConsoleFont
GetSystemTime
GlobalAlloc
SetCommMask
GetBinaryTypeA
GetProcessTimes
GetDevicePowerState
BackupSeek
InterlockedIncrement
GetCurrentDirectoryW
GetComputerNameExW
Process32FirstW
GetAtomNameA
GlobalWire
UnregisterConsoleIME
GetVolumeNameForVolumeMountPointA
GetLocaleInfoW
FindFirstVolumeMountPointA
CreateFileMappingA
TlsSetValue
GetACP
LoadLibraryA
GetOEMCP
GetSystemInfo
GetConsoleInputExeNameA
TryEnterCriticalSection
GlobalDeleteAtom
PeekConsoleInputA
GetBinaryType

gdi32

GetRegionData
DdEntry23
GetLogColorSpaceA
StartFormPage
CreateFontA
DdEntry25
ExtCreatePen
ExtTextOutW
PlayEnhMetaFile
StartDocA
FONTOBJ_pvTrueTypeFontFile
bMakePathNameW
SetRelAbs
DdEntry47
DdEntry4
GdiEntry3
DdEntry9
BRUSHOBJ_pvGetRbrush
GetCharABCWidthsFloatW
GetMetaFileA
SetDIBits
GetETM
PATHOBJ_vGetBounds
DdEntry13
GetCharABCWidthsFloatA
GdiCleanCacheDC
EngQueryEMFInfo

cryptui

CryptUIDlgViewCTLA
CryptUIWizExport
I_CryptUIProtectFailure
CryptUIDlgViewCRLA
CryptUIDlgSelectStoreW
CryptUIFreeCertificatePropertiesPagesA
CryptUIWizCertRequest
RetrievePKCS7FromCA
I_CryptUIProtect
CryptUIGetCertificatePropertiesPagesW
CryptUIStartCertMgr
CryptUIDlgSelectCertificateFromStore
CryptUIDlgViewCTLW
CryptUIDlgSelectCA
CryptUIWizFreeCertRequestNoDS
CryptUIDlgViewCertificatePropertiesA
CryptUIWizImport
CryptUIDlgSelectCertificateW
CryptUIFreeViewSignaturesPagesA
CryptUIGetViewSignaturesPagesW
CryptUIWizFreeDigitalSignContext
CryptUIDlgSelectStoreA
CryptUIWizDigitalSign
CryptUIFreeViewSignaturesPagesW
CryptUIDlgViewSignerInfoW
CryptUIWizBuildCTL
ACUIProviderInvokeUI

Sections

.text
Size: 337KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09af1f45a7f7a5411d68cb5a626fbf77

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

cryptui

Sections

.text Size: 337KB - Virtual size: 337KB

.rdata Size: 362KB - Virtual size: 362KB

.data Size: 152KB - Virtual size: 1.6MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 337KB - Virtual size: 337KB

.rdata
Size: 362KB - Virtual size: 362KB

.data
Size: 152KB - Virtual size: 1.6MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B