3bb8251e742ce89cf75efb91aec65b5e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3bb8251e742ce89cf75efb91aec65b5e_JaffaCakes118
Size

370KB
MD5

3bb8251e742ce89cf75efb91aec65b5e
SHA1

813e62fc96c004ab5a7c768b64f21085eb5443ef
SHA256

eb8093ad6fc4b9354d65ef7a730d0720fb33a857435402042b0ebe38a0d88518
SHA512

e1518161c1663f1fc6b4573e0446d5b7b2af870ea040057347a346a7b890533da879f547cae133681de9dbf30e506fab03259b32c9d707d7f6a326f7942c1858
SSDEEP

6144:Yr/dw0/g9/bGwjA45S+K04v4sWQOiqHPOfZdLOdgYFVBS3+HHEMKJutE3f7J:Yr/dI/bd5S+KR4/Q14efLIt+oERME31

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SSLCertScanner.exe

Files

3bb8251e742ce89cf75efb91aec65b5e_JaffaCakes118
.rar
SSLCertScanner.exe
.exe windows:5 windows x86 arch:x86

caf2678d3f900524dd3272d95159cf3d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
HeapCreate
VirtualFree
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSize
GetFileType
QueryPerformanceCounter
GetTickCount
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLastError
HeapReAlloc
VirtualAlloc
RaiseException
ExitThread
Sleep
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
RtlUnwind
SetErrorMode
GetOEMCP
GetCPInfo
GetModuleHandleW
FlushFileBuffers
SetFilePointer
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
WritePrivateProfileStringA
InterlockedDecrement
GetModuleFileNameW
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
FreeResource
GlobalFree
GlobalUnlock
FormatMessageA
LocalFree
MultiByteToWideChar
MulDiv
lstrlenA
GetCurrentProcessId
GlobalAddAtomA
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
WriteFile
CreateThread
WaitForSingleObject
TerminateThread
FreeLibrary
CreateFileA
FileTimeToSystemTime
CloseHandle
GetCurrentProcess
GetVersionExA
ExitProcess
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
SetHandleCount

user32

GetSysColorBrush
DestroyMenu
RegisterWindowMessageA
WinHelpA
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
DefWindowProcA
CallWindowProcA
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
SetWindowPos
SetFocus
GetDlgCtrlID
SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
GetWindow
CopyRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
ReleaseDC
GetDC
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
UnregisterClassA
GetKeyState
PeekMessageA
ShowWindow
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetCursorPos
InflateRect
GetNextDlgGroupItem
PostMessageA
GetCapture
ClientToScreen
WindowFromPoint
GetIconInfo
GetWindowLongA
DrawEdge
OffsetRect
SetRectEmpty
DrawStateA
SetWindowLongA
LoadCursorA
SetCursor
ReleaseCapture
GetParent
SetCapture
RedrawWindow
PtInRect
LoadImageA
DestroyIcon
GetSysColor
GetSystemMetrics
LoadIconA
EnableWindow
InvalidateRect
UpdateWindow
GetClientRect
GetWindowRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
IsDialogMessageA

gdi32

DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetStockObject
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
SetStretchBltMode
SetDIBitsToDevice
SelectObject
GetObjectA
CreateFontIndirectA
DeleteObject
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA

comctl32

_TrackMouseEvent

shlwapi

PathFindExtensionA
PathFindFileNameA

oleaut32

VariantClear
VariantChangeType
VariantInit

ws2_32

ntohs
inet_addr
connect
socket
closesocket
WSAStartup
send
recv
htons
WSAGetLastError

crypt32

CertFreeCertificateContext
CertVerifyTimeValidity
CertGetNameStringA
CertCreateCertificateContext

winhttp

WinHttpReceiveResponse
WinHttpOpenRequest
WinHttpReadData
WinHttpCloseHandle
WinHttpConnect
WinHttpOpen
WinHttpQueryDataAvailable
WinHttpSendRequest

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 565KB - Virtual size: 564KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

caf2678d3f900524dd3272d95159cf3d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

ws2_32

crypt32

winhttp

Sections

.text Size: 162KB - Virtual size: 162KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 9KB - Virtual size: 33KB

.rsrc Size: 565KB - Virtual size: 564KB

.text
Size: 162KB - Virtual size: 162KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 9KB - Virtual size: 33KB

.rsrc
Size: 565KB - Virtual size: 564KB