31355a2fd07427d238fc409d359c2ed9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

31355a2fd07427d238fc409d359c2ed9_JaffaCakes118
Size

291KB
MD5

31355a2fd07427d238fc409d359c2ed9
SHA1

a283cea6551b2106bcc17d76afac5cc43459b59c
SHA256

c8112d79228d3e141f28a0a8af6de0cd2bdfa8039af167922c045edd9db94ae4
SHA512

f7abc9c41e46bc953db14a63998f7aef03bdd005859715e8307b8d886256abea28c2049037af5964583ccc2a6de2e4ec646b2445579aafbe59f5950f03893ea8
SSDEEP

6144:SpUfMzVYkl5NxQF1jveCixP3IV+ROLh+Ns5EOwyotHQG:SpvzVYklPxQF1jva3IgRO9iYRwygHL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31355a2fd07427d238fc409d359c2ed9_JaffaCakes118

Files

31355a2fd07427d238fc409d359c2ed9_JaffaCakes118
.exe windows:1 windows x86 arch:x86

2595669bfa471aa7def871c20904916a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ShowWindow
GetProcessDefaultLayout
TranslateMessage
GetSysColor
OffsetRect
CheckRadioButton
SetDlgItemTextA
BeginPaint
TrackPopupMenuEx
LoadIconA
CreateWindowExA
LoadStringA
GetDlgItem
GetWindowLongA
SetDlgItemInt
CheckMenuRadioItem
GetDesktopWindow
TranslateAcceleratorA
UpdateWindow
EndPaint
DefWindowProcA
SetWindowPos
CallWindowProcA
GetWindowTextA
DispatchMessageA
CheckMenuItem
GetClipboardData
EnableMenuItem
OpenClipboard
IsClipboardFormatAvailable
GetMenu
IsChild
RegisterClassExA
LoadCursorA
WinHelpA
SystemParametersInfoA
CharNextA
CreateDialogParamA
SetWindowLongA
ScreenToClient
DialogBoxParamA
CloseClipboard
EndDialog
DestroyWindow
SetWindowTextA
MapWindowPoints
LoadMenuA
SetFocus
CheckDlgButton
MessageBeep
ChildWindowFromPoint
HideCaret
SetCursor
LoadAcceleratorsA
EnableWindow
GetSubMenu
SetMenu
GetClientRect
SetProcessDefaultLayout
DrawTextA
GetDlgCtrlID
GetWindowRect
IsDialogMessageA
GetMessageA
SendMessageA

kernel32

GetSystemTime
GetModuleHandleA
GetProcessHeap
SetFilePointerEx
GetNamedPipeHandleStateA
FileTimeToLocalFileTime
PeekNamedPipe
CallNamedPipeA
GetProcessHeaps
CreateFileA
InterlockedPopEntrySList
HeapSize
WaitNamedPipeA
InterlockedDecrement
DeleteFileA
WriteFileEx
InterlockedIncrement
ExpandEnvironmentStringsA
InterlockedExchange
InterlockedCompareExchange
GetFileAttributesA
InterlockedExchangeAdd
ReadFileScatter
lstrcmpA
CloseHandle
GetNamedPipeInfo
WriteFileGather
InterlockedFlushSList
TransactNamedPipe
DisconnectNamedPipe
FileTimeToDosDateTime
lstrcpyA
GetFileTime
SetFirmwareEnvironmentVariableA
SetFilePointer
HeapAlloc
WriteFile
DosDateTimeToFileTime
ConnectNamedPipe
CompareStringA
lstrcpynA
VirtualAlloc
GetSystemTimeAsFileTime
ReadFile
ReadFileEx
lstrcatA
lstrlenA
FreeEnvironmentStringsA
GetEnvironmentStringsA
GetLocalTime
GetFileAttributesExA
GetStringTypeExA
IsBadStringPtrA
lstrcmpiA
GetFirmwareEnvironmentVariableA
VirtualFree
GetSystemTimeAdjustment
GetSystemTimes
FileTimeToSystemTime
InterlockedPushEntrySList
SetNamedPipeHandleState
SystemTimeToFileTime
GetStringTypeA
SetEnvironmentVariableA

advpack

RegSaveRestore
NeedRebootInit
NeedReboot
DoInfInstall
DelNode
RegInstall
LaunchINFSectionEx
RunSetupCommand
GetVersionFromFileEx
GetVersionFromFile
DelNodeRunDLL32
LaunchINFSection
RegisterOCX
ExtractFiles
FileSaveMarkNotExist
RegSaveRestoreOnINF
RegRestoreAll
FileSaveRestoreOnINF
RebootCheckOnInstall
SetPerUserSecValues
UserUnInstStubWrapper
AdvInstallFile
ExecuteCab
TranslateInfString
TranslateInfStringEx
IsNTAdmin

cryptui

CryptUIFreeViewSignaturesPagesA
CryptUIDlgSelectCertificateFromStore
I_CryptUIProtectFailure
CryptUIDlgViewCTLA
CryptUIWizBuildCTL
CryptUIDlgSelectCertificateA
CryptUIWizQueryCertRequestNoDS
CryptUIWizImport
LocalEnroll
CryptUIDlgViewCertificatePropertiesA
DllRegisterServer
CryptUIGetCertificatePropertiesPagesA
CryptUIWizDigitalSign
CryptUIFreeCertificatePropertiesPagesA
CryptUIDlgSelectStoreA
CryptUIWizFreeDigitalSignContext
CryptUIStartCertMgr
CryptUIDlgViewContext
ACUIProviderInvokeUI
I_CryptUIProtect
LocalEnrollNoDS
CryptUIWizSubmitCertRequestNoDS
DllUnregisterServer
CryptUIDlgViewSignerInfoA
CryptUIWizCreateCertRequestNoDS
WizardFree
RetrievePKCS7FromCA
CryptUIDlgViewCRLA
CryptUIDlgFreeCAContext

Sections

.text
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 712KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2595669bfa471aa7def871c20904916a

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advpack

cryptui

Sections

.text Size: 271KB - Virtual size: 271KB

.data Size: 14KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 712KB

.text
Size: 271KB - Virtual size: 271KB

.data
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 712KB