b9ebf0e64ed9b912746586f81da2a867_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b9ebf0e64ed9b912746586f81da2a867_JaffaCakes118
Size

354KB
MD5

b9ebf0e64ed9b912746586f81da2a867
SHA1

688cd2f2450dca1769510553c61eff5bb49436a1
SHA256

c161a0d48bdb71e8daf66fa06f257f6ec3352c11aac5fe5f06d36484799cf6a8
SHA512

f046103e6793d813c09b267003284e95e032cbdfd6d2283be6f0ff02e0910ed82af1b8c250f437fdf502fd8d5595bb491f382cfbd827eef9fa0b1b29b5afd51f
SSDEEP

6144:+pM+ZDy409R+XGIm2tJUJhsF843puVwPnkogeZUUZvOhH:+pM+Q4kIXcQn3pPPnIyv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9ebf0e64ed9b912746586f81da2a867_JaffaCakes118

Files

b9ebf0e64ed9b912746586f81da2a867_JaffaCakes118
.exe windows:8 windows x86 arch:x86

b98bb08ea12880fae0f482f8c65a9598

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cryptui

DllUnregisterServer
CryptUIDlgViewContext
CryptUIGetViewSignaturesPagesA
CryptUIDlgSelectCertificateFromStore
CryptUIDlgSelectCertificateA
CryptUIFreeViewSignaturesPagesA
I_CryptUIProtect
CryptUIDlgFreeCAContext
CryptUIWizCertRequest
CryptUIWizExport
CryptUIWizQueryCertRequestNoDS
LocalEnrollNoDS
I_CryptUIProtectFailure
CryptUIDlgCertMgr
ACUIProviderInvokeUI
CryptUIDlgViewSignerInfoA
CryptUIWizImport
EnrollmentCOMObjectFactory_getInstance
CryptUIDlgSelectStoreA
CryptUIStartCertMgr
CryptUIDlgViewCertificatePropertiesA
CryptUIGetCertificatePropertiesPagesA
LocalEnroll
CryptUIWizFreeDigitalSignContext
CryptUIDlgViewCertificateA
CryptUIDlgViewCTLA
CryptUIFreeCertificatePropertiesPagesA
WizardFree
CryptUIWizDigitalSign
CryptUIWizFreeCertRequestNoDS
CryptUIDlgSelectCA

advpack

DelNodeRunDLL32
OpenINFEngine
DoInfInstall
NeedReboot
TranslateInfStringEx
RegRestoreAll
UserUnInstStubWrapper
AddDelBackupEntry
RegSaveRestoreOnINF
UserInstStubWrapper
GetVersionFromFileEx
ExtractFiles
DelNode
FileSaveRestore
IsNTAdmin
LaunchINFSectionEx
RegInstall
FileSaveMarkNotExist
NeedRebootInit
FileSaveRestoreOnINF
LaunchINFSection
AdvInstallFile
ExecuteCab
RebootCheckOnInstall
GetVersionFromFile
RunSetupCommand
SetPerUserSecValues

kernel32

InterlockedDecrement
GetEnvironmentVariableA
ReadFileEx
FreeEnvironmentStringsA
CloseHandle
FileTimeToSystemTime
GetProcessHeap
GetFileTime
FileTimeToLocalFileTime
lstrcpynA
InterlockedPopEntrySList
lstrcpyA
GetStringTypeA
ReadFileScatter
GetNamedPipeInfo
GetFirmwareEnvironmentVariableA
SetFirmwareEnvironmentVariableA
IsBadStringPtrA
SetEnvironmentVariableA
lstrcmpA
TransactNamedPipe
InterlockedExchange
DisconnectNamedPipe
HeapAlloc
VirtualAlloc
GetModuleHandleA
HeapSize
GetProcessHeaps
GetEnvironmentStringsA
InterlockedCompareExchange
SystemTimeToFileTime
WriteFileGather
InterlockedExchangeAdd
PeekNamedPipe
SetNamedPipeHandleState
CallNamedPipeA
WriteFileEx
ExpandEnvironmentStringsA
InterlockedIncrement
DosDateTimeToFileTime
ReadFile
GetSystemTimeAdjustment
lstrcmpiA
GetStringTypeExA
ConnectNamedPipe
FileTimeToDosDateTime
CreateFileA
GetSystemTimes
InterlockedFlushSList
GetFileAttributesA
GetLocalTime
InterlockedPushEntrySList
GetSystemTimeAsFileTime
lstrlenA
GetFileAttributesExA
VirtualFree
GetNamedPipeHandleStateA
CompareStringA
SetFilePointer
GetSystemTime

user32

SetDlgItemTextA
LoadStringA
SetFocus
RegisterClassExA
ShowWindow
DestroyMenu
DialogBoxParamA
GetSysColor
GetClientRect
HideCaret
SendMessageA
ScreenToClient
BeginPaint
SetDlgItemInt
TrackPopupMenuEx
IsChild
LoadAcceleratorsA
LoadMenuA
GetMenu
SetMenu
GetSysColorBrush
GetDlgItem
OffsetRect
MessageBoxA
CreateWindowExA
GetWindowTextA
CharNextA
GetMessageA
SetProcessDefaultLayout
MessageBeep
DefWindowProcA
CallWindowProcA
EnableMenuItem
CreateDialogParamA
WinHelpA
UpdateWindow
LoadIconA
TranslateMessage
IsClipboardFormatAvailable
SetCursor
GetSubMenu
SetWindowTextA
DestroyWindow
LoadCursorA
PostQuitMessage
CloseClipboard
InvalidateRect
GetProcessDefaultLayout
EnableWindow
OpenClipboard
GetWindowRect
CheckMenuRadioItem
SetWindowPos
DrawTextA
GetClipboardData
CheckMenuItem
IsDialogMessageA
GetDlgCtrlID
GetDesktopWindow
DispatchMessageA
TranslateAcceleratorA
EndDialog
SystemParametersInfoA

Sections

.text
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 720KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b98bb08ea12880fae0f482f8c65a9598

Headers

DLL Characteristics

File Characteristics

Imports

cryptui

advpack

kernel32

user32

Sections

.text Size: 280KB - Virtual size: 280KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 67KB - Virtual size: 720KB

.text
Size: 280KB - Virtual size: 280KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 67KB - Virtual size: 720KB