487dce490be34f8c8aac86a314305507_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

487dce490be34f8c8aac86a314305507_JaffaCakes118
Size

64KB
MD5

487dce490be34f8c8aac86a314305507
SHA1

0459b8287e9eefdbfb201c391f77e4e6ee32a28a
SHA256

e9df4fd8d5584cdc94aac938fbd2a2ada7fa4f42f21c974aeebb034640e86783
SHA512

639b60ab9002bac74811a2483678d69eea9c7907b302fe0719f73460b43276d3beb5b00300f6f560e0964c968345fc9aa1e024f724299d7632d1769c2e22a190
SSDEEP

768:Y0WgsmwhyGPPv0xuIFdSXXRujh/E8gdYNF5Mp4W4PZZ2ECoGRKP1LUlqamEfrEE3:1IDPSEAh/FN7hZ2Zva1gQZE3/WZ5K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
487dce490be34f8c8aac86a314305507_JaffaCakes118

Files

487dce490be34f8c8aac86a314305507_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6d31a4f9bd566779782b71913e27e33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAGetCertTypeExpiration
CASetCertTypeFlagsEx
CACreateLocalAutoEnrollmentObject
DllCanUnloadNow
CASetCertTypeFlags
CAAddCACertificateType
CAFindCertTypeByName
CACertTypeGetSecurity
CACloneCertType
CAGetCAFlags
CAIsCertTypeCurrent
CAOIDFreeProperty
CAGetCertTypeProperty
CAGetCertTypeFlagsEx
DllGetClassObject
CACertTypeAccessCheck
CASetCAProperty

advapi32

RegisterIdleTask
BuildTrusteeWithObjectsAndNameW
GetExplicitEntriesFromAclA
AccessCheckByTypeResultListAndAuditAlarmByHandleA
AbortSystemShutdownW
BuildTrusteeWithObjectsAndSidW
LsaEnumeratePrivileges
SaferiChangeRegistryScope
SaferSetPolicyInformation
DeleteAce
LsaOpenSecret
AddAuditAccessAce
BuildTrusteeWithSidW
CredProfileLoaded
AccessCheckByTypeResultListAndAuditAlarmByHandleW
LookupPrivilegeNameA
CredReadA

kernel32

lstrcatW
ExitProcess
GetCommandLineA
GetCPInfoExW
SetConsoleTitleW
CreateJobObjectA
VirtualAlloc
CancelDeviceWakeupRequest
HeapLock
GetSystemWindowsDirectoryA
SetLocaleInfoW
RaiseException
OpenFile
AllocateUserPhysicalPages
SetClientTimeZoneInformation
GetCurrencyFormatA
GetPrivateProfileStructW

opengl32

glRasterPos2dv
glDepthMask
glCopyTexImage2D
glMultMatrixd
glColor4f
glGetPixelMapusv
glVertex2dv
glGetPolygonStipple
glRectsv
glPrioritizeTextures
glTexCoord2s
glRenderMode
glLightfv
glNormal3dv
glMultMatrixf
glCopyPixels
glRotated

rpcns4

RpcNsGroupDeleteA
RpcNsProfileDeleteA
RpcNsMgmtSetExpAge
RpcNsProfileEltInqBeginA
RpcNsBindingImportDone
RpcNsBindingUnexportW
RpcNsGroupDeleteW
RpcNsMgmtEntryInqIfIdsA
RpcNsEntryObjectInqBeginW
RpcNsMgmtEntryDeleteA
RpcNsMgmtBindingUnexportW
RpcNsGroupMbrRemoveA
RpcNsEntryExpandNameW
RpcNsBindingExportPnPA

user32

GetMenu
GetParent
GetWindowDC

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat_30
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6d31a4f9bd566779782b71913e27e33

Headers

File Characteristics

Imports

certcli

advapi32

kernel32

opengl32

rpcns4

user32

Sections

.text Size: 39KB - Virtual size: 38KB

.rdata Size: 13KB - Virtual size: 12KB

.idat_30 Size: 9KB - Virtual size: 19KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 13KB - Virtual size: 12KB

.idat_30
Size: 9KB - Virtual size: 19KB

.rsrc
Size: 2KB - Virtual size: 2KB