c1102bcd640b5dd5cad2f0f56a3a2167_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c1102bcd640b5dd5cad2f0f56a3a2167_JaffaCakes118
Size

157KB
MD5

c1102bcd640b5dd5cad2f0f56a3a2167
SHA1

d53d5a4cb2bd9999cb4b8e405462ed30ba167d95
SHA256

223530bc14734f3d556ce3cb73eb8e4febcd616860909abb06c319dca0f53437
SHA512

49288f1f5221896a1d09151d8a8c0650c1872ba8d44674df953dd36d374779ee5f8fc49be2a9d7e4bfe4bfc4c175b906d4eddbd1704ea0c908297bde40575b8e
SSDEEP

3072:5SMGJ7GPorNDcu8eLk1QAQYtuz0W0DlJeSikIjmqhhKjvjm:5lGJ7Gg5rAQYU8DvPCmMhAjm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1102bcd640b5dd5cad2f0f56a3a2167_JaffaCakes118

Files

c1102bcd640b5dd5cad2f0f56a3a2167_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d33cece5ddb19893fc88a0687f82b27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

SetSecurityInfoExA
QueryAllTracesW
RegOpenUserClassesRoot
RegDeleteValueA
ControlService
RegUnLoadKeyA
QueryServiceConfigW
GetTokenInformation
CloseTrace
OpenProcessToken
LsaCreateTrustedDomainEx
RegisterServiceCtrlHandlerExW
LockServiceDatabase
InitiateSystemShutdownExW
ChangeServiceConfigW
RegNotifyChangeKeyValue
CryptExportKey
SetEntriesInAclW
SetPrivateObjectSecurityEx
SystemFunction019

kernel32

SetThreadExecutionState
CreateWaitableTimerA
GetEnvironmentStringsW
GetThreadPriority
CreateEventA
GetSystemDefaultUILanguage
BuildCommDCBW
OutputDebugStringW
GetComputerNameExW
FatalAppExitW
GetConsoleCommandHistoryLengthW
SetTapePosition
WritePrivateProfileStructA
SystemTimeToFileTime
VirtualAlloc
SetComputerNameExW
IsBadHugeReadPtr
GlobalReAlloc
GetProcessHeap
SetEndOfFile
GetPriorityClass
GlobalGetAtomNameA
GlobalAddAtomW
AllocConsole
PrivCopyFileExW
lstrcpynA
FindFirstFileExW
WritePrivateProfileStringA
CreateTimerQueue
SetLocalTime
GetNamedPipeHandleStateA
ResumeThread
lstrcmpiA
WaitForSingleObject
FindFirstChangeNotificationW
lstrcpynW
OpenEventA
lstrlen
InterlockedDecrement
Process32Next

crypt32

CertCloseStore
CryptVerifyCertificateSignatureEx
I_CryptReleaseLruEntry
CertFindCTLInStore
CertDuplicateCRLContext
CertGetNameStringW
CertSetCertificateContextProperty
I_CryptGetDefaultCryptProv
PFXVerifyPassword
CertFreeCTLContext
CertIsValidCRLForCertificate
CertFreeCertificateContext
CryptSignCertificate
I_CryptSetTls
CryptUnprotectData
CertAddSerializedElementToStore
I_CryptInstallAsn1Module
I_CryptGetTls
CryptVerifyCertificateSignature
CertEnumCertificateContextProperties
CertAddEnhancedKeyUsageIdentifier
CryptDecodeObject
CertCreateSelfSignCertificate
CertEnumCTLsInStore
I_CryptAddSmartCardCertToStore
CertSetEnhancedKeyUsage
CertGetSubjectCertificateFromStore
CryptImportPublicKeyInfo
CryptHashPublicKeyInfo
CreateFileU

gdi32

CancelDC
GetMetaFileBitsEx
GetCharWidthInfo
SetBitmapBits
EnumFontFamiliesExA
TextOutW
GetCharWidthFloatA
STROBJ_bEnumPositionsOnly
EngComputeGlyphSet
RemoveFontResourceW
GdiEntry3
CreateMetaFileA
SetTextJustification
ExtTextOutW
GdiRealizationInfo
SetBoundsRect
StretchDIBits
GetBitmapDimensionEx
CreateEnhMetaFileA
CreateEnhMetaFileW
XLATEOBJ_cGetPalette
GetTextFaceW
GetTextMetricsA
GetEnhMetaFileDescriptionA
GetCharABCWidthsW
GetEnhMetaFileW
EnumObjects

Sections

.bss
Size: 46KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CRT
Size: 39KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 31KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d33cece5ddb19893fc88a0687f82b27

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

crypt32

gdi32

Sections

.bss Size: 46KB - Virtual size: 109KB

CRT Size: 39KB - Virtual size: 104KB

.data Size: 31KB - Virtual size: 45KB

.text Size: 8KB - Virtual size: 7KB

.rsrc Size: 32KB - Virtual size: 31KB

.bss
Size: 46KB - Virtual size: 109KB

CRT
Size: 39KB - Virtual size: 104KB

.data
Size: 31KB - Virtual size: 45KB

.text
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 32KB - Virtual size: 31KB