390ca0db813d5b0112d0eb7e490bc4be_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

390ca0db813d5b0112d0eb7e490bc4be_JaffaCakes118
Size

23KB
MD5

390ca0db813d5b0112d0eb7e490bc4be
SHA1

b9f3681b212d3ae48e37e535ce5b8b6230c8a6b9
SHA256

2bc9dd69f7d747e769f69e3aefa55bfe19121121c159e6b2a5d77f9844caa871
SHA512

1ba16695c969c93a30a190b306f157acb12fac59c038326ddf1139fce961e69fb1633c4eb96b63eebd0a5c8a7045f922fe50e3600109655db961f0de701037c7
SSDEEP

384:QkNF8Q1uAf5pWvySQ2PK8IbQNu3tanbkzeamPeenHLfJJJGK:Qkx1uAqy8IbQNudabkz1mPRnB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
390ca0db813d5b0112d0eb7e490bc4be_JaffaCakes118

Files

390ca0db813d5b0112d0eb7e490bc4be_JaffaCakes118
.exe windows:5 windows x86 arch:x86

258614b8215cffc8b65626b858bb3575

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

asin
_fputwchar
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
fgetws
_mbsnccnt
??2@YAPAXI@Z
_chkesp
_set_SSE2_enable
_Gettnames
_read
fgetwc
??_Gbad_typeid@@UAEPAXI@Z
_CIacos
getc
towupper
_onexit
_dstbias

comctl32

CreateToolbar
ImageList_Add
DrawStatusText
ImageList_Draw
ImageList_GetDragImage
ImageList_Write
ImageList_SetFilter
DestroyPropertySheetPage
CreateMappedBitmap
_TrackMouseEvent
CreateUpDownControl
ImageList_LoadImageA
InitMUILanguage
ImageList_GetImageCount

crypt32

CertStrToNameA
I_CryptFindLruEntryData
CertCompareIntegerBlob
CertFindCertificateInStore
CryptGetDefaultOIDDllList
CryptMsgCalculateEncodedLength
I_CryptReadTrustedPublisherDWORDValueFromRegistry
CryptMsgSignCTL
RegQueryValueExU
CryptGetOIDFunctionAddress
CertAddSerializedElementToStore
CryptMsgCountersignEncoded
CertCompareCertificate

kernel32

GetConsoleKeyboardLayoutNameA
SetConsolePalette
AddLocalAlternateComputerNameW
IsBadWritePtr
EnumSystemLocalesA
EnumResourceLanguagesW
GetModuleHandleA
VirtualAlloc
InitializeCriticalSection
GetSystemTimeAdjustment
FindNextVolumeMountPointW
GetAtomNameA
GetFileAttributesW

msvcrt20

_tcsncat
??_7ostream@@6B@
_ismbcalnum
?seekp@ostream@@QAEAAV1@JW4seek_dir@ios@@@Z
?sputc@streambuf@@QAEHH@Z
srand
vswprintf
_execlp
_mbctoupper
_ungetch
wcstok
_getcwd

msoert2

IsPrint

user32

PostQuitMessage
DefWindowProcW
RegisterClassW

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 618B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

258614b8215cffc8b65626b858bb3575

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

comctl32

crypt32

kernel32

msvcrt20

msoert2

user32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 1024B - Virtual size: 618B

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 1024B - Virtual size: 618B

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 3KB - Virtual size: 2KB