a4de987ca9b3322e465736ee269b5f76_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a4de987ca9b3322e465736ee269b5f76_JaffaCakes118
Size

273KB
MD5

a4de987ca9b3322e465736ee269b5f76
SHA1

f390d1f8ada0a890279a2c27fda9db2861a2d013
SHA256

8000fe04884d2ec6e060dd9bf6cfe15dd4090040842b9b5c630df8eb64497839
SHA512

eb4f53462d8f2d333c31b8fb0b2a9ce3a81797aa4c210b9fa237046f8f1b503b06776b4a70487b78415f3cefb6fe93f9165fa4e0d3d54b38bf30b44a5f560571
SSDEEP

6144:J8ijJMKGJi7U+aLLvmRjW5ccSWkj7gnzL:J8ij1otJzmUPVn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4de987ca9b3322e465736ee269b5f76_JaffaCakes118

Files

a4de987ca9b3322e465736ee269b5f76_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2931f029b9f3a6f257a5fc7f44328015

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
GetLocalTime
FileTimeToSystemTime
SystemTimeToFileTime
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetProcessHeap
RaiseException
GetACP
GetOEMCP
GetModuleHandleA
TlsAlloc
LoadLibraryW
GetProcAddress

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
CryptDecrypt
CryptImportKey
CryptReleaseContext
CryptDestroyKey
CryptGetUserKey
CryptAcquireContextA
SetThreadToken
RevertToSelf
OpenThreadToken

cryptui

CryptUIDlgSelectCA
CryptUIDlgViewContext
CryptUIDlgViewCRLW
CryptUIFreeViewSignaturesPagesW
WizardFree

cmdial32

RasCustomDeleteEntryNotify
AutoDialFunc
InetDialHandler
CmCustomDialDlg
CmCustomHangUp
RasCustomEntryDlg
CmReConnect

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.s
Size: 2KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.at
Size: 2KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.X
Size: 3KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YLb
Size: 5KB - Virtual size: 644KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.YNoQ
Size: 120KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gbSWe
Size: 4KB - Virtual size: 601KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PTWc
Size: 4KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jh
Size: 1KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qm
Size: 91KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.QN
Size: 5KB - Virtual size: 804KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FcF
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2931f029b9f3a6f257a5fc7f44328015

Headers

File Characteristics

Imports

kernel32

advapi32

cryptui

cmdial32

Sections

.text Size: 14KB - Virtual size: 14KB

.s Size: 2KB - Virtual size: 158KB

.at Size: 2KB - Virtual size: 193KB

.rdata Size: 1KB - Virtual size: 19KB

.X Size: 3KB - Virtual size: 319KB

.YLb Size: 5KB - Virtual size: 644KB

.YNoQ Size: 120KB - Virtual size: 187KB

.gbSWe Size: 4KB - Virtual size: 601KB

.PTWc Size: 4KB - Virtual size: 344KB

.jh Size: 1KB - Virtual size: 183KB

.data Size: 7KB - Virtual size: 34KB

.qm Size: 91KB - Virtual size: 133KB

.QN Size: 5KB - Virtual size: 804KB

.FcF Size: 512B - Virtual size: 16KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 14KB - Virtual size: 14KB

.s
Size: 2KB - Virtual size: 158KB

.at
Size: 2KB - Virtual size: 193KB

.rdata
Size: 1KB - Virtual size: 19KB

.X
Size: 3KB - Virtual size: 319KB

.YLb
Size: 5KB - Virtual size: 644KB

.YNoQ
Size: 120KB - Virtual size: 187KB

.gbSWe
Size: 4KB - Virtual size: 601KB

.PTWc
Size: 4KB - Virtual size: 344KB

.jh
Size: 1KB - Virtual size: 183KB

.data
Size: 7KB - Virtual size: 34KB

.qm
Size: 91KB - Virtual size: 133KB

.QN
Size: 5KB - Virtual size: 804KB

.FcF
Size: 512B - Virtual size: 16KB

.rsrc
Size: 10KB - Virtual size: 10KB