ac368c004de8bdbf0e00882687e84a31_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ac368c004de8bdbf0e00882687e84a31_JaffaCakes118
Size

109KB
MD5

ac368c004de8bdbf0e00882687e84a31
SHA1

30bbd57c33fb6a6473730e72ba34a5e5cf4b477a
SHA256

5ad1828369a16eb0de0234e407bc89db69ae95fa7c5956818661d74740c99b72
SHA512

0dbf6bd69cdac21e7f8823a788f86fa396a6c200305bb05ffb28f7bb897b95bff5e426ee085a1147200b5407844a77108581ee4066c5db7dd5a1799573f98171
SSDEEP

1536:FkBArRuFTpOw6mCdMku7OV/J5F11y4aBeVc9CCuPMt3NGKiPwx0uHSSQ+eJUFcmt:a8Y6zd4O5F1zaBehMvT04qmc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac368c004de8bdbf0e00882687e84a31_JaffaCakes118

Files

ac368c004de8bdbf0e00882687e84a31_JaffaCakes118
.exe windows:6 windows x86 arch:x86

053f548fd89ce8799562ea0841d8aa6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetACP
GetLastError
GetHandleInformation
CloseHandle
GetCurrentThreadId
FileTimeToSystemTime
CreateWaitableTimerA
VirtualFree
GlobalReAlloc
InterlockedExchange
GlobalAlloc
GlobalFree
SetErrorMode
VirtualAlloc
GetModuleHandleA
SetUnhandledExceptionFilter
FileTimeToLocalFileTime
GetFileTime

advpack

LaunchINFSectionEx
RebootCheckOnInstall
SetPerUserSecValues
RegSaveRestoreOnINF
NeedReboot

ole32

CoCreateInstance
CoInitialize
CoUninitialize

gdiplus

GdipGetImageEncodersSize
GdipFree
GdipCreateBitmapFromFile

user32

MessageBoxA
TranslateMessage
GetKeyboardLayout
IsDialogMessageA
SendMessageA
DestroyCaret
LoadStringA
GetCaretPos
GetDesktopWindow
UpdateWindow
ScreenToClient
DestroyWindow
DefWindowProcA
ValidateRect
TranslateAcceleratorA
GetUpdateRect
InvalidateRect
GetDlgItemInt
CreateCaret
GetFocus
IsWindowVisible
GetMessageA
IsWindow
GetSysColor
SetWindowLongA
LoadCursorA
ShowWindow
CallWindowProcA
CreateWindowExA
FillRect
MapWindowPoints
RegisterClassExA
CheckMenuItem
DispatchMessageA
DialogBoxParamA

cryptui

CryptUIStartCertMgr
CryptUIWizFreeCertRequestNoDS
CryptUIDlgSelectStoreA
CryptUIDlgSelectCertificateA
EnrollmentCOMObjectFactory_getInstance
CryptUIDlgSelectCA
CryptUIWizSubmitCertRequestNoDS

gdi32

BitBlt
ExtFloodFill
CreateHalftonePalette
GetDIBits
CreatePatternBrush
LineTo
CreateCompatibleBitmap
SetMapMode
GetStockObject
GetDeviceCaps
SetStretchBltMode
SetViewportExtEx
FillRgn

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

053f548fd89ce8799562ea0841d8aa6b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advpack

ole32

gdiplus

user32

cryptui

gdi32

Sections

.text Size: 22KB - Virtual size: 22KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 84KB - Virtual size: 88KB

.text
Size: 22KB - Virtual size: 22KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 84KB - Virtual size: 88KB