c290fd866a030fd92e3a7ce5dc1f95aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c290fd866a030fd92e3a7ce5dc1f95aa_JaffaCakes118
Size

136KB
MD5

c290fd866a030fd92e3a7ce5dc1f95aa
SHA1

e7064abfa77db969469ea6a3f3ed4a05bae89322
SHA256

0a83087cc2933d4ccec23e61b3ef852f6ffb1fe51fd000a04c55fc4e257874c2
SHA512

7daaeb84679f06ec75c2a076931546de5827bd0b95a506e4fc7bf9376fcee3d06c5efeb11431002876b4d406501812a935faf161511c699cb6e6b0e1388c2ef0
SSDEEP

3072:id+Qs3xx3dVzpcUiU9fVGjPp9FaLsOHboD5jRI7e2XEcmZ7tBVgr4bKgpOFZ2eIy:c+x3xx3dVzpcUiU9fVGjPp9FaLsOHboU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c290fd866a030fd92e3a7ce5dc1f95aa_JaffaCakes118

Files

c290fd866a030fd92e3a7ce5dc1f95aa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6d8ea37cdbbb99ead97e070cb8cf70de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

thhd47.UYXX

Imports

clusapi

ClusterRegDeleteValue
OpenClusterResource

oleaut32

CreateErrorInfo
VariantInit
SysStringLen

setupapi

SetupOpenFileQueue

shlwapi

PathStripToRootW
StrToIntExW
SHStrDupA
StrCmpNW
StrChrNW

wintrust

CryptCATCDFEnumAttributes

gdi32

GetCharWidthFloatA
PolyPolygon
GetColorAdjustment
GetTextCharset
CreateEnhMetaFileW

advapi32

CryptEnumProvidersW
LogonUserW
QueryServiceConfigW
GetTokenInformation
AccessCheckAndAuditAlarmA
CryptCreateHash
SetServiceBits
CryptVerifySignatureW

pdh

PdhGetLogFileSize

winmm

midiInMessage
waveInPrepareHeader

rasapi32

RasEnumEntriesW

msvcrt

isdigit
qsort
wcstod
strcspn

powrprof

GetCurrentPowerPolicies

esent

JetIndexRecordCount

kernel32

Sleep
GetCommandLineA
GetNamedPipeServerProcessId
GetTimeZoneInformation
FindFirstFileNameW
ClosePrivateNamespace
GetConsoleWindow
DebugBreak
GetProcessVersion
IsBadHugeWritePtr
GetVolumeNameForVolumeMountPointW
DeleteFileA

mprapi

MprConfigInterfaceEnum
MprConfigServerConnect

user32

GetWindow
GetClipboardOwner
WindowFromPhysicalPoint
ScrollDC
UnregisterClassW
IsWindowEnabled
CopyAcceleratorTableW
LoadKeyboardLayoutA
MessageBoxA
InvalidateRect
GetUpdateRgn
DestroyAcceleratorTable
SetLayeredWindowAttributes
ChangeWindowMessageFilter
PackDDElParam
SetWindowRgn
SetForegroundWindow
GetSubMenu
WindowFromDC
GetMenuContextHelpId

crypt32

CryptMemAlloc
CertNameToStrA

rpcrt4

RpcErrorEndEnumeration
RpcMgmtEpEltInqBegin
I_RpcMapWin32Status

ole32

HDC_UserFree
CLIPFORMAT_UserFree

Sections

F
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d8ea37cdbbb99ead97e070cb8cf70de

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

clusapi

oleaut32

setupapi

shlwapi

wintrust

gdi32

advapi32

pdh

winmm

rasapi32

msvcrt

powrprof

esent

kernel32

mprapi

user32

crypt32

rpcrt4

ole32

Sections

F Size: 16KB - Virtual size: 12KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 4KB

.CRT Size: 84KB - Virtual size: 82KB

text Size: 8KB - Virtual size: 5KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 4KB - Virtual size: 452B

F
Size: 16KB - Virtual size: 12KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 4KB

.CRT
Size: 84KB - Virtual size: 82KB

text
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 4KB - Virtual size: 452B