b82ac44cf054763d4c3fee8e364f809a_JaffaCakes118

General

Target

b82ac44cf054763d4c3fee8e364f809a_JaffaCakes118
Size

49KB
MD5

b82ac44cf054763d4c3fee8e364f809a
SHA1

5a5471539d46643f5ea186fbb6fd76b17ef45785
SHA256

4162eb3501879d25d6ae39ef92717a93f667c89bbf55abb24dd255325231aadb
SHA512

ed1d0e7a046dc389c3c0e7348430a5d71f9ffa9762055ed9aa21de15c7c8d201fdf5efd6d1271d514c5e46a03de57f7e2d0499bdc241f9dc570922bcadcc4b4f
SSDEEP

768:3SXHG+rpC72zQ1tWLybCI7KS42gXc2HQj3r7GYi1wuMyG:3SXHGM2M/LmCI7Kwdqu3rxfuLG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b82ac44cf054763d4c3fee8e364f809a_JaffaCakes118

Files

b82ac44cf054763d4c3fee8e364f809a_JaffaCakes118
.exe windows:9 windows x86 arch:x86

b98e6a199b65320eb6a8d8a3fbf866d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetWindowLongA
SetMenu
WinHelpA
GetClipboardData
SetWindowTextA
LoadMenuA
InvalidateRect
DialogBoxParamA
LoadCursorA
GetSubMenu
IsClipboardFormatAvailable
CreateDialogParamA
OffsetRect
SetFocus
SetDlgItemTextA
CloseClipboard

cryptui

WizardFree
I_CryptUIProtectFailure
CryptUIDlgCertMgr
CryptUIDlgViewSignerInfoA
DllUnregisterServer
CryptUIDlgViewContext
CryptUIDlgSelectCertificateFromStore
CryptUIFreeViewSignaturesPagesA
CryptUIWizSubmitCertRequestNoDS
RetrievePKCS7FromCA
CryptUIWizDigitalSign

kernel32

GetFileAttributesExA
GetStringTypeA
VirtualFree
ExpandEnvironmentStringsA
DeleteFileA
GetSystemTimes
ConnectNamedPipe
InterlockedPushEntrySList
ReadFile
FreeEnvironmentStringsA
PeekNamedPipe
InterlockedPopEntrySList
CloseHandle
ReadFileEx
GetLocalTime
GetEnvironmentStringsA
GetHandleInformation
lstrcmpiA
InterlockedExchange
GetFileAttributesA
DisconnectNamedPipe
TransactNamedPipe
DosDateTimeToFileTime
CreateFileA
VirtualAlloc
SetFilePointer
CreateWaitableTimerA

advpack

FileSaveRestore
AdvInstallFile
GetVersionFromFile
RebootCheckOnInstall
DelNode
GetVersionFromFileEx
ExecuteCab
CloseINFEngine
RegRestoreAll
NeedReboot
FileSaveRestoreOnINF

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 555B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b98e6a199b65320eb6a8d8a3fbf866d4

Headers

DLL Characteristics

File Characteristics

Imports

user32

cryptui

kernel32

advpack

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 1024B - Virtual size: 555B

.rsrc Size: 40KB - Virtual size: 60KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 1024B - Virtual size: 555B

.rsrc
Size: 40KB - Virtual size: 60KB