25508634d1b865d53f8df32e5d4a54d6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

25508634d1b865d53f8df32e5d4a54d6_JaffaCakes118
Size

68KB
MD5

25508634d1b865d53f8df32e5d4a54d6
SHA1

e8c5a2952ed720b3c4edf1db39f90bd1b44c3b8a
SHA256

d1303646b1e2b268ecef0a8a9bcf28ea60bb77f65723a3abde77e5c9eedea2a4
SHA512

5851e4f2f12854cff80ebb28b0b4d4b52b66c93fa4a3d5aa9e5c0b29094414c57cad724b712adf119ac30c1085d64751f1a1b371536c4c66bbdaf8aa78bf2381
SSDEEP

768:1G8ZgT6vbWtGp9dWK9Ec+9K1MByu+wQR6Wytd/2:1DiT6v1pWKSon246Wq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25508634d1b865d53f8df32e5d4a54d6_JaffaCakes118

Files

25508634d1b865d53f8df32e5d4a54d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea5897ad5a8881bdf62c831a58ffd50f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarUI4FromStr
SysAllocString
VariantCopy
SysFreeString
VariantClear

user32

CharUpperW
CharNextW
CharLowerW

ole32

CoTaskMemRealloc
CoCreateGuid
CoCreateInstance
PropVariantClear
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc

kernel32

HeapReAlloc
RemoveDirectoryW
HeapDestroy
SetFileTime
SetUnhandledExceptionFilter
DeleteCriticalSection
GlobalFree
WaitForSingleObject
VirtualFree
GetModuleHandleW
ReadFile
GetTempFileNameW
CreateSemaphoreW
GetCurrentThreadId
FindFirstFileW
LoadResource
CloseHandle
lstrlenW
SetLastError
ResetEvent
DeleteFileW
LocalAlloc
LockResource
LeaveCriticalSection
FreeLibrary
DisableThreadLibraryCalls
SizeofResource
WriteFile
LoadLibraryExW
GetSystemTimeAsFileTime
CreateEventW
OutputDebugStringW
FindResourceW
lstrcmpiW
RaiseException
FindClose
GetSystemInfo
HeapAlloc
CreateFileW
MoveFileExW
WideCharToMultiByte
GetSystemDefaultLangID
LocalFree
WaitForMultipleObjects
GetTempPathW
GetLocalTime
ReleaseSemaphore
GetProcessHeap
EnterCriticalSection
HeapSize
HeapFree
UnhandledExceptionFilter
SetFileAttributesW
CopyFileW
IsDebuggerPresent
GetFileSize
VirtualAlloc
FindResourceExW
FindNextFileW
GetModuleHandleA

certcli

CAUpdateCA
CAIsCertTypeCurrent
CASetCertTypeFlags
CASetCertTypeExpiration
CAOIDGetLdapURL
CAFreeCertTypeExtensions
CACertTypeUnregisterQuery
CAGetCAFlags
CADeleteLocalAutoEnrollmentObject

atl

AtlModuleUnregisterServerEx
AtlFreeMarshalStream
AtlAxCreateDialogW
AtlModuleUnregisterServer
AtlModuleRegisterTypeLib
AtlUnmarshalPtr
AtlIPersistStreamInit_Load

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ZOUGA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qWzcyeM
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mAldljM
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xzresMp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JiFHgMp
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IHzgrMp
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lrIufMp
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea5897ad5a8881bdf62c831a58ffd50f

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

ole32

kernel32

certcli

atl

Sections

.text Size: 24KB - Virtual size: 23KB

.ZOUGA Size: 2KB - Virtual size: 1KB

.qWzcyeM Size: 3KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 18KB

.mAldljM Size: 4KB - Virtual size: 4KB

.xzresMp Size: 4KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 113KB

.JiFHgMp Size: 2KB - Virtual size: 2KB

.IHzgrMp Size: 512B - Virtual size: 244B

.rsrc Size: 11KB - Virtual size: 11KB

.lrIufMp Size: 3KB - Virtual size: 2KB

.text
Size: 24KB - Virtual size: 23KB

.ZOUGA
Size: 2KB - Virtual size: 1KB

.qWzcyeM
Size: 3KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 18KB

.mAldljM
Size: 4KB - Virtual size: 4KB

.xzresMp
Size: 4KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 113KB

.JiFHgMp
Size: 2KB - Virtual size: 2KB

.IHzgrMp
Size: 512B - Virtual size: 244B

.rsrc
Size: 11KB - Virtual size: 11KB

.lrIufMp
Size: 3KB - Virtual size: 2KB