71ba9d967ee701d0fc04ce065704eceb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

71ba9d967ee701d0fc04ce065704eceb_JaffaCakes118
Size

446KB
MD5

71ba9d967ee701d0fc04ce065704eceb
SHA1

6c7b96b5b35581b99bc505efeafe04b9788810bc
SHA256

330f09d97e535ae604bddd720b011eb8008139ac756c41360dd40fc9eb0aebcb
SHA512

6b46e159e5ab2febea8c3318f9b6f1857cbe8a44dfb6b6938358b8fb78dc445f1710d63029b9d7bffcbfd3c4c458980f2c5b0debd80279a9f5c6784c1c481384
SSDEEP

12288:cMR6Aa9W9GD0a09GoRZuJ2XuJeTtBfAsZ/Q7/:cMR6jQGJ09GQFhBfAsZYb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71ba9d967ee701d0fc04ce065704eceb_JaffaCakes118

Files

71ba9d967ee701d0fc04ce065704eceb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da5cd0f9f7cca4d1133a18910afbacb5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

certcli

CAGetCertTypeExtensions
CAGetCACertificate
CAEnumFirstCA
CAGetCertTypeProperty
CAFindCertTypeByName
CACountCAs
CAGetCertTypePropertyEx
CAEnumNextCA
CAFreeCAProperty
CAEnumNextCertType
CAFreeCertTypeProperty
CAGetCertTypeFlags
CACloseCertType
CAEnumCertTypes
CAGetCAProperty
CACloseCA

ntdsapi

DsUnBindW
DsBindW
DsCrackNamesW
DsFreeNameResultW

advpack

DelNode

kernel32

CompareFileTime
CreateEventW
GetDateFormatW
GlobalUnlock
CreateFileW
FindResourceW
GetCurrentThreadId
MapViewOfFile
ReadFile
SetUnhandledExceptionFilter
OutputDebugStringA
GetProcAddress
VirtualAlloc
lstrcpyW
GetSystemWindowsDirectoryW
IsBadReadPtr
GetUserDefaultLangID
lstrlenW
LoadResource
GetCurrentProcessId
EnterCriticalSection
GetFileTime
GetComputerNameExW
InitializeCriticalSection
FileTimeToLocalFileTime
CreateFileMappingW
MultiByteToWideChar
FileTimeToSystemTime
DeleteCriticalSection
InterlockedDecrement
LoadLibraryW
GetTickCount
UnhandledExceptionFilter
GetModuleHandleA
GlobalLock
LoadLibraryA
SetLastError
GetSystemTimeAsFileTime
LeaveCriticalSection
UnmapViewOfFile
lstrcmpiW
TerminateProcess
ResetEvent
LocalFree
GetShortPathNameW
LocalAlloc
MapViewOfFileEx
WaitForSingleObject
CloseHandle
FreeLibrary
GetLastError
InterlockedIncrement
QueryPerformanceCounter
GetTimeFormatW
GetVersionExW
GetSystemTime
lstrcpynW
SetEvent
GetWindowsDirectoryW
SystemTimeToFileTime
GetModuleFileNameW
GetFileSize
FormatMessageW
GetModuleHandleW
GetCommandLineW
GetCurrentProcess
OpenEventW
GetFileSizeEx
GetComputerNameW
IsBadWritePtr
GlobalAlloc
GlobalFree

user32

EnableWindow
ReleaseDC
ShowWindow
wsprintfW
SystemParametersInfoW
CallNextHookEx
GetCursorPos
GetWindowLongW
InvalidateRect
GetSysColor
DestroyIcon
SetWindowsHookExW
ScreenToClient
SetWindowTextW
EnableMenuItem
GetParent
UnhookWindowsHookEx
LoadStringW
EnumPropsA
SetWindowLongW
DrawStateA
WinHelpW
PostMessageW
GetSystemMetrics
SendMessageW
LoadMenuW
MessageBoxW
GetMenu
GetWindowRect
SetMenu
DlgDirListW
ChildWindowFromPointEx
GetDlgItem
GetDlgCtrlID
GetClientRect
LoadIconW
LoadBitmapW
RegisterClipboardFormatW

gdi32

DeleteObject
GetDeviceCaps
CreateFontIndirectW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 340KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da5cd0f9f7cca4d1133a18910afbacb5

Headers

DLL Characteristics

File Characteristics

Imports

version

certcli

ntdsapi

advpack

kernel32

user32

gdi32

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 26KB - Virtual size: 1.8MB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 340KB - Virtual size: 339KB

.reloc Size: 512B - Virtual size: 28B

.rdata Size: 73KB - Virtual size: 73KB

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 26KB - Virtual size: 1.8MB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 340KB - Virtual size: 339KB

.reloc
Size: 512B - Virtual size: 28B

.rdata
Size: 73KB - Virtual size: 73KB