256fd260950d9d0410284132b7a040b3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

256fd260950d9d0410284132b7a040b3_JaffaCakes118
Size

1.2MB
MD5

256fd260950d9d0410284132b7a040b3
SHA1

6de3cb3b59564a2da26fb7a3295df61fc2096397
SHA256

901e088e7e94f7c01e8e3e21114930b5d51ad869fb2e1fb1e28cf865335abe15
SHA512

7f3a003afd5f931d9570c2cd54ce4d70dc530a2883c31567dfff85ae513eadb27e2309e5f2f8f039aca3e90f209657334f80d14ca7653fcbb2171b35e008b6f0
SSDEEP

24576:EB3OrATRS2DRnq+GG1hjiAfbaCghgPuEPyJORN/3lO:mVdhFGGjGGPdaI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
256fd260950d9d0410284132b7a040b3_JaffaCakes118

Files

256fd260950d9d0410284132b7a040b3_JaffaCakes118
.exe windows:9 windows x86 arch:x86

4d301afe7620ae1417cd046d89e3bd75

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

TranslateMessage
TrackPopupMenuEx
CheckRadioButton
GetClientRect
SetFocus
EnableMenuItem
GetDlgCtrlID
SetWindowLongA
CloseClipboard
SetDlgItemInt
CheckMenuRadioItem
GetProcessDefaultLayout
SetWindowTextA
SetMenu
BeginPaint
DrawTextA
GetClipboardData
DefWindowProcA
MessageBoxA
SetCursor
CheckMenuItem
GetSysColor
IsClipboardFormatAvailable
EnableWindow
SystemParametersInfoA
SetWindowPos
CheckDlgButton
GetDlgItem
CallWindowProcA
GetWindowLongA
EndDialog
LoadCursorA
DialogBoxParamA
GetDesktopWindow
PostQuitMessage
CharNextA
GetWindowRect
LoadStringA
ShowWindow
DestroyWindow
DestroyMenu
HideCaret
LoadIconA
GetWindowTextA
SendMessageA
EndPaint
SetDlgItemTextA
InvalidateRect
ChildWindowFromPoint
CreateWindowExA
GetMessageA
WinHelpA
MessageBeep
GetMenu
OpenClipboard
LoadAcceleratorsA
UpdateWindow
RegisterClassExA
CreateDialogParamA
OffsetRect
ScreenToClient
DispatchMessageA
TranslateAcceleratorA
GetSubMenu
MapWindowPoints
SetProcessDefaultLayout
GetSysColorBrush
IsDialogMessageA
IsChild
LoadMenuA

advpack

ExecuteCab
TranslateInfStringEx
RegInstall
TranslateInfString
LaunchINFSection
NeedRebootInit
RunSetupCommand
DelNode
NeedReboot
SetPerUserSecValues
ExtractFiles
AddDelBackupEntry
DoInfInstall
CloseINFEngine
DelNodeRunDLL32
FileSaveMarkNotExist
UserUnInstStubWrapper
RegRestoreAll
RegSaveRestoreOnINF
UserInstStubWrapper
AdvInstallFile
RegSaveRestore
FileSaveRestoreOnINF
GetVersionFromFileEx
OpenINFEngine
RebootCheckOnInstall
GetVersionFromFile
FileSaveRestore
RegisterOCX
IsNTAdmin
LaunchINFSectionEx

cryptui

EnrollmentCOMObjectFactory_getInstance
CryptUIDlgViewCertificatePropertiesA
CryptUIGetViewSignaturesPagesA
CryptUIDlgViewCertificateA
CryptUIWizExport
CryptUIDlgViewCRLA
CryptUIDlgViewContext
CryptUIDlgFreeCAContext
CryptUIFreeViewSignaturesPagesA
CryptUIWizCertRequest
LocalEnrollNoDS
CryptUIDlgViewCTLA
CryptUIWizDigitalSign
I_CryptUIProtectFailure
CryptUIDlgSelectCA
ACUIProviderInvokeUI
CryptUIFreeCertificatePropertiesPagesA
CryptUIDlgSelectStoreA
DllRegisterServer
CryptUIDlgSelectCertificateA
LocalEnroll
RetrievePKCS7FromCA
CryptUIDlgSelectCertificateFromStore
CryptUIWizSubmitCertRequestNoDS
CryptUIWizCreateCertRequestNoDS
CryptUIGetCertificatePropertiesPagesA
CryptUIWizImport
WizardFree
DllUnregisterServer
I_CryptUIProtect
CryptUIDlgViewSignerInfoA
CryptUIWizFreeCertRequestNoDS
CryptUIWizFreeDigitalSignContext
CryptUIStartCertMgr
CryptUIWizQueryCertRequestNoDS
CryptUIWizBuildCTL
CryptUIDlgCertMgr

kernel32

InterlockedDecrement
CompareStringA
GetStringTypeA
CreateFileA
ConnectNamedPipe
SystemTimeToFileTime
GetNamedPipeHandleStateA
WaitNamedPipeA
WriteFileEx
lstrlenA
SetFilePointerEx
FileTimeToDosDateTime
lstrcpynA
FileTimeToLocalFileTime
InterlockedPushEntrySList
GetSystemTimeAdjustment
FileTimeToSystemTime
CallNamedPipeA
TransactNamedPipe
InterlockedExchange
GetLastError
SetEnvironmentVariableA
GetFileTime
lstrcatA
ReadFileEx
GetFileAttributesExA
PeekNamedPipe
CloseHandle
GetEnvironmentStringsA
OpenMutexA
GetLocalTime
WriteFile
ReadFile
GetNamedPipeInfo
lstrcpyA
InterlockedIncrement
GetStringTypeExA
VirtualAlloc
GetEnvironmentVariableA
ReadFileScatter
GetSystemTimes
InterlockedCompareExchange
GetProcessHeaps
ReleaseMutex
DosDateTimeToFileTime
InterlockedFlushSList
SetNamedPipeHandleState
IsBadStringPtrA
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
WriteFileGather
InterlockedExchangeAdd
SetFilePointer
FreeEnvironmentStringsA
GetSystemTime
DeleteFileA
SetFirmwareEnvironmentVariableA
GetCurrentProcessId
CreateMutexA
InterlockedPopEntrySList
VirtualFree
DisconnectNamedPipe
GetSystemTimeAsFileTime
GetFileAttributesA
GetFirmwareEnvironmentVariableA
HeapCreate

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d301afe7620ae1417cd046d89e3bd75

Headers

DLL Characteristics

File Characteristics

Imports

user32

advpack

cryptui

kernel32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.data Size: 38KB - Virtual size: 38KB

.rsrc Size: 91KB - Virtual size: 3.2MB

.text
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 38KB - Virtual size: 38KB

.rsrc
Size: 91KB - Virtual size: 3.2MB