3941a94cf974a5b26fdb317bbe6ed97b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3941a94cf974a5b26fdb317bbe6ed97b_JaffaCakes118
Size

141KB
MD5

3941a94cf974a5b26fdb317bbe6ed97b
SHA1

c44862c00689bac63f191ae709bcc66855a9b56e
SHA256

789541e519e42371a174b0d737ed82a81908e23935c6a046c7c9bb71bcc99d29
SHA512

17c47be35dd594fda22a5f0637563de399ac5be48f41b2beecc30527f9fbc2c14b451d1a45a36315f255cf44f8524eba009a5b9323317248d6261aaa0044d94c
SSDEEP

3072:9cECekj7/v/sxp8z4fDAr2YKex6FYH7Qd3S:KXee7/sxo4bABiSH7QZS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3941a94cf974a5b26fdb317bbe6ed97b_JaffaCakes118

Files

3941a94cf974a5b26fdb317bbe6ed97b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d33cece5ddb19893fc88a0687f82b27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

SetSecurityInfoExA
QueryAllTracesW
RegOpenUserClassesRoot
RegDeleteValueA
ControlService
RegUnLoadKeyA
QueryServiceConfigW
GetTokenInformation
CloseTrace
OpenProcessToken
LsaCreateTrustedDomainEx
RegisterServiceCtrlHandlerExW
LockServiceDatabase
InitiateSystemShutdownExW
ChangeServiceConfigW
RegNotifyChangeKeyValue
CryptExportKey
SetEntriesInAclW
SetPrivateObjectSecurityEx
SystemFunction019

kernel32

SetThreadExecutionState
CreateWaitableTimerA
GetEnvironmentStringsW
GetThreadPriority
CreateEventA
GetSystemDefaultUILanguage
BuildCommDCBW
OutputDebugStringW
GetComputerNameExW
FatalAppExitW
GetConsoleCommandHistoryLengthW
SetTapePosition
WritePrivateProfileStructA
SystemTimeToFileTime
VirtualAlloc
SetComputerNameExW
IsBadHugeReadPtr
GlobalReAlloc
GetProcessHeap
SetEndOfFile
GetPriorityClass
GlobalGetAtomNameA
GlobalAddAtomW
AllocConsole
PrivCopyFileExW
lstrcpynA
FindFirstFileExW
WritePrivateProfileStringA
CreateTimerQueue
SetLocalTime
GetNamedPipeHandleStateA
ResumeThread
lstrcmpiA
WaitForSingleObject
FindFirstChangeNotificationW
lstrcpynW
OpenEventA
lstrlen
InterlockedDecrement
Process32Next

crypt32

CertCloseStore
CryptVerifyCertificateSignatureEx
I_CryptReleaseLruEntry
CertFindCTLInStore
CertDuplicateCRLContext
CertGetNameStringW
CertSetCertificateContextProperty
I_CryptGetDefaultCryptProv
PFXVerifyPassword
CertFreeCTLContext
CertIsValidCRLForCertificate
CertFreeCertificateContext
CryptSignCertificate
I_CryptSetTls
CryptUnprotectData
CertAddSerializedElementToStore
I_CryptInstallAsn1Module
I_CryptGetTls
CryptVerifyCertificateSignature
CertEnumCertificateContextProperties
CertAddEnhancedKeyUsageIdentifier
CryptDecodeObject
CertCreateSelfSignCertificate
CertEnumCTLsInStore
I_CryptAddSmartCardCertToStore
CertSetEnhancedKeyUsage
CertGetSubjectCertificateFromStore
CryptImportPublicKeyInfo
CryptHashPublicKeyInfo
CreateFileU

gdi32

CancelDC
GetMetaFileBitsEx
GetCharWidthInfo
SetBitmapBits
EnumFontFamiliesExA
TextOutW
GetCharWidthFloatA
STROBJ_bEnumPositionsOnly
EngComputeGlyphSet
RemoveFontResourceW
GdiEntry3
CreateMetaFileA
SetTextJustification
ExtTextOutW
GdiRealizationInfo
SetBoundsRect
StretchDIBits
GetBitmapDimensionEx
CreateEnhMetaFileA
CreateEnhMetaFileW
XLATEOBJ_cGetPalette
GetTextFaceW
GetTextMetricsA
GetEnhMetaFileDescriptionA
GetCharABCWidthsW
GetEnhMetaFileW
EnumObjects

Sections

.bss
Size: 41KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CRT
Size: 33KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 26KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d33cece5ddb19893fc88a0687f82b27

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

crypt32

gdi32

Sections

.bss Size: 41KB - Virtual size: 104KB

CRT Size: 33KB - Virtual size: 98KB

.data Size: 26KB - Virtual size: 40KB

.text Size: 8KB - Virtual size: 7KB

.rsrc Size: 32KB - Virtual size: 31KB

.bss
Size: 41KB - Virtual size: 104KB

CRT
Size: 33KB - Virtual size: 98KB

.data
Size: 26KB - Virtual size: 40KB

.text
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 32KB - Virtual size: 31KB