a483aac5ad279e525d0cd741769a886c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a483aac5ad279e525d0cd741769a886c_JaffaCakes118
Size

213KB
MD5

a483aac5ad279e525d0cd741769a886c
SHA1

87fb81d102b6fc21dbe7a0f7de19ce6634a5d0b1
SHA256

9abe67ce8e4db7ba78e3987a3b97d7f57743998c178a3e1e980baf2493176f7e
SHA512

7bf2742788c0c655c078e888cd7f79d45018c6daa689ede6705ce4eecd17524c5108bd2f2cb396bcf423a1aea4ab19ca6a4dbcf3fc3213444f19bb629392e07e
SSDEEP

6144:nsWbGLgYCHM7R9hqR6a1zCBDcC42jhLFHAWMDi:noLgNHM7o6a1OljhLFHAc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a483aac5ad279e525d0cd741769a886c_JaffaCakes118

Files

a483aac5ad279e525d0cd741769a886c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2f4b14917c261c97cce20d5669405a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiOpenClassRegKeyExW
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiOpenDevRegKey
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInfo
SetupDiOpenDeviceInfoW

user32

EnumPropsA
DlgDirListComboBoxA

kernel32

BackupRead
GetLastError
AddConsoleAliasA
VirtualAlloc

wininet

InternetGetCookieW

esent

JetBackup

crypt32

CryptProtectData
CryptMsgUpdate
CertCreateCertificateContext
CryptSignMessage
CertVerifyCertificateChainPolicy
CertFreeCertificateContext
CertDuplicateCertificateChain
CryptStringToBinaryW
CertDuplicateCertificateContext
CertGetNameStringW
CertGetCertificateContextProperty
CertAddCertificateContextToStore
CertCloseStore
CryptVerifyDetachedMessageSignature
CertOpenStore
CryptDecodeObject
CryptBinaryToStringW
CertGetEnhancedKeyUsage
CertGetCertificateChain
CryptMsgClose
CertFindCertificateInStore
CertCompareCertificate
CertFindExtension
CertVerifySubjectCertificateContext
CertFreeCertificateChain
CryptMsgOpenToDecode

shell32

DragQueryFileW
ExtractIconW
SHAppBarMessage
SHFileOperationW
Shell_NotifyIconW

credui

CredUIParseUserNameW
CredUIPromptForCredentialsW

wtsapi32

WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

msimg32

GradientFill

cryptui

CryptUIDlgViewCertificateW

winmm

waveOutGetVolume
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
waveOutSetVolume
waveOutOpen
waveOutGetPitch
waveOutClose
waveOutReset

secur32

FreeCredentialsHandle
DecryptMessage
GetUserNameExW
QuerySecurityPackageInfoW
AcquireCredentialsHandleW
DeleteSecurityContext
InitializeSecurityContextW
FreeContextBuffer
EncryptMessage

ws2_32

WSALookupServiceEnd
WSALookupServiceBeginW
WSALookupServiceNextW
freeaddrinfo
WSANSPIoctl
WSAIoctl
getaddrinfo

urlmon

CopyStgMedium

rpcrt4

NdrOleAllocate
MesDecodeBufferHandleCreate
NdrDllGetClassObject
NdrCStdStubBuffer_Release
CStdStubBuffer_Connect
MesHandleFree
CStdStubBuffer_Invoke
NdrDllRegisterProxy
NdrDllCanUnloadNow
IUnknown_QueryInterface_Proxy
NdrMesTypeFree2
CStdStubBuffer_DebugServerRelease
IUnknown_AddRef_Proxy
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs
NdrDllUnregisterProxy
NdrMesTypeDecode2
CStdStubBuffer_AddRef
IUnknown_Release_Proxy
CStdStubBuffer_QueryInterface
CStdStubBuffer_Disconnect
NdrOleFree
MesEncodeDynBufferHandleCreate
NdrMesTypeEncode2

iphlpapi

GetBestInterfaceEx

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 400KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c2f4b14917c261c97cce20d5669405a5

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

user32

kernel32

wininet

esent

crypt32

shell32

credui

wtsapi32

msimg32

cryptui

winmm

secur32

ws2_32

urlmon

rpcrt4

iphlpapi

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 13KB - Virtual size: 12KB

.reloc Size: 512B - Virtual size: 28B

.rsrc Size: 22KB - Virtual size: 21KB

.idata Size: 4KB - Virtual size: 4KB

.data Size: 400KB - Virtual size: 1.8MB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 13KB - Virtual size: 12KB

.reloc
Size: 512B - Virtual size: 28B

.rsrc
Size: 22KB - Virtual size: 21KB

.idata
Size: 4KB - Virtual size: 4KB

.data
Size: 400KB - Virtual size: 1.8MB