89ffea87852283029f58f71321cbad4b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

89ffea87852283029f58f71321cbad4b_JaffaCakes118
Size

22KB
MD5

89ffea87852283029f58f71321cbad4b
SHA1

9147c7931c8d79d37a1da0d33ae9d64f5b280d43
SHA256

fd716e2d90dd704dcbbcd7c3e5d8dbfde8246bd227e4f9d7e937dad2664e41e2
SHA512

0d6ef69ff14e655a26b94f896716e1f36435ecb86125a561e62062eb0acf8ca0b88cae215ccd6c3c082235c0270b4e68a570cb548d2332ec72ad68aa1c37b24f
SSDEEP

384:hpvfST+AEuR0v5W5bqK1E8FSPiF7BxTWlvxwb4:+yuMN6SW7svxwb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89ffea87852283029f58f71321cbad4b_JaffaCakes118

Files

89ffea87852283029f58f71321cbad4b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7c8ead23ff6b14122fcf466d4a49f898

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

usp10

ScriptGetFontProperties

crypt32

CryptFindOIDInfo
CryptDecodeObject
CreateFileU
CryptEnumOIDInfo
CryptFormatObject

certcli

CACertTypeGetSecurity
CAFindCertTypeByName
CAGetCertTypeKeySpec
CAGetCertTypeExtensions
CAGetCertTypeFlagsEx
CACloseCertType
CAOIDDelete
CAGetCertTypeProperty
CAFreeCertTypeExtensions
CASetCertTypePropertyEx
CACloneCertType
CAGetCertTypeExpiration
CASetCertTypeExpiration
CAFreeCertTypeProperty
CADeleteCertType
CAOIDFreeProperty
CAOIDGetProperty
CAOIDCreateNew
CAInstallDefaultCertType
CASetCertTypeKeySpec
CAOIDSetProperty
CASetCertTypeFlagsEx
CASetCertTypeExtension
CAGetCertTypePropertyEx
CAUpdateCertType
CAIsCertTypeCurrent
CAOIDAdd
CACertTypeSetSecurity

kernel32

VirtualAlloc
FreeConsole
GetLastError

netapi32

NetUserModalsGet
DsRoleGetPrimaryDomainInformation
DsGetDcNameW
NetApiBufferFree
NetServerGetInfo
DsRoleFreeMemory

shell32

ShellExecuteW

user32

ScreenToClient
SetClipboardData
SendMessageW
PostMessageW
MessageBoxW
OpenClipboard
SetWindowLongW
GetSubMenu
LoadIconW
WinHelpW
GetWindowLongW
InsertMenuItemW
ChildWindowFromPointEx
EnableWindow
UnhookWindowsHookEx
GetParent
LoadMenuW
GetDlgCtrlID
RegisterClipboardFormatW
LoadStringW
CallNextHookEx
SetWindowsHookExW
LoadBitmapW
EmptyClipboard
CloseClipboard
GetDlgItem

msvcrt

_initterm
_wcsnicmp
atoi
_stricmp
wcscmp
__dllonexit
_ultow
_onexit
_wcsicmp
strspn
strncmp
strstr
wcsstr
wcschr
_except_handler3
wcscpy
_adjust_fdiv
iswspace
malloc
wcsncpy
_purecall
wcslen
__RTDynamicCast
__CxxFrameHandler
_CxxThrowException
free
mbstowcs

ole32

CoInitialize
CreateStreamOnHGlobal
CoTaskMemFree
StringFromGUID2
StringFromCLSID
GetHGlobalFromStream
ReleaseStgMedium
CoUninitialize
CoTaskMemAlloc
CoCreateInstance

Sections

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c8ead23ff6b14122fcf466d4a49f898

Headers

DLL Characteristics

File Characteristics

Imports

usp10

crypt32

certcli

kernel32

netapi32

shell32

user32

msvcrt

ole32

Sections

.rdata Size: 5KB - Virtual size: 4KB

.text Size: 512B - Virtual size: 464B

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 12KB - Virtual size: 11KB

.data Size: - Virtual size: 80KB

.rdata
Size: 5KB - Virtual size: 4KB

.text
Size: 512B - Virtual size: 464B

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 12KB - Virtual size: 11KB

.data
Size: - Virtual size: 80KB