88759f2a49a8ac1681544ecc98081944_JaffaCakes118

General

Target

88759f2a49a8ac1681544ecc98081944_JaffaCakes118
Size

24KB
MD5

88759f2a49a8ac1681544ecc98081944
SHA1

8e2c36acd68dabce317b5931d52ca892f8efe92d
SHA256

c4e6e3e1158196ad85be391e3b6cf1c575c344ce096ff05e856f9db98afe56d8
SHA512

4a3d97f4d48316690d286d45ada1a920219f2d21ece0f4b7274ec93b51f83cfaa8e885f54deb73d0a8aa05aa7bff0cd1fc2536a455e80a184c4e70aecc0f54a3
SSDEEP

384:KE15J87AsjW3FHHUvgQhjQrNnxCqJBrI78OfCiCcduMyVq:KEH27BK3FHHUvgQOhMI2DCiLYMy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88759f2a49a8ac1681544ecc98081944_JaffaCakes118

Files

88759f2a49a8ac1681544ecc98081944_JaffaCakes118
.exe windows:0 windows x86 arch:x86

3f9e7caeb87f71e03fd88453fd0dd523

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

WinHelpA
SendMessageA
CloseClipboard
CheckMenuItem
CheckDlgButton
EnableMenuItem
DestroyWindow
UpdateWindow
MapWindowPoints
GetMenu
SetFocus
DialogBoxParamA
GetDesktopWindow
ShowWindow
CreateDialogParamA
LoadAcceleratorsA
LoadStringA
GetDlgCtrlID
PostQuitMessage
SetCursor
CreateWindowExA
GetMessageA
DefWindowProcA
DispatchMessageA
TranslateMessage
RegisterClassExA

kernel32

CreateFileA
PeekNamedPipe
ReleaseSemaphore
FreeEnvironmentStringsA
ReadFile
OpenMutexA
FileTimeToSystemTime
GetEnvironmentStringsA
ReadFileScatter
GetLastError
SetFirmwareEnvironmentVariableA
InterlockedIncrement
GetFileTime
GetStringTypeA
lstrcpyA
DosDateTimeToFileTime
CreateMutexA
SetNamedPipeHandleState
FileTimeToDosDateTime
DeleteFileA
TransactNamedPipe
GetEnvironmentVariableA
lstrcmpiA
SetFilePointer
CloseHandle
VirtualAllocEx
GetFirmwareEnvironmentVariableA
FileTimeToLocalFileTime
GetFileAttributesA
CreateSemaphoreW
InterlockedDecrement
lstrcpynA
VirtualFree
ConnectNamedPipe
ReleaseMutex
GetVersion
ExpandEnvironmentStringsA

cryptui

RetrievePKCS7FromCA
LocalEnroll
CryptUIDlgViewCRLA
CryptUIWizExport
CryptUIStartCertMgr
I_CryptUIProtect
LocalEnrollNoDS
CryptUIDlgViewCertificateA
CryptUIDlgViewContext

advpack

ExtractFiles
RebootCheckOnInstall
FileSaveRestore
NeedRebootInit
RegSaveRestoreOnINF
IsNTAdmin
DelNodeRunDLL32

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 145B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f9e7caeb87f71e03fd88453fd0dd523

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

cryptui

advpack

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 145B

.rsrc Size: 17KB - Virtual size: 20KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 145B

.rsrc
Size: 17KB - Virtual size: 20KB