cdd84e52f9f107192ddcbcda81759e04_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cdd84e52f9f107192ddcbcda81759e04_JaffaCakes118
Size

129KB
MD5

cdd84e52f9f107192ddcbcda81759e04
SHA1

be1c28da171cb9322a97b2c8bf322f6cc8160d8f
SHA256

350603fd317911b01b1dbcf9c66c0e0ff1c4d1c9603cfe781569c554e733de74
SHA512

9c7b3cbedaadf79164edf632dff8e7b3dfc38aa347e47e1f0bf381a97faf5244e8e769a565db311400c4a6f216680575d17c5483d75aa02e4a756bf279a22e34
SSDEEP

3072:18JJd9D9G3uj4JrdJV0WqO6HZLzFzNKog9WcW/ZgyFXxEN:OJd9keYz65HFNKogQcW4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdd84e52f9f107192ddcbcda81759e04_JaffaCakes118

Files

cdd84e52f9f107192ddcbcda81759e04_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0feda38496316a8e56ad61ab2e77665f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VerLanguageNameW
_hread
GetPrivateProfileStructA
ExpungeConsoleCommandHistoryA
WritePrivateProfileSectionA
OpenJobObjectW
FindNextVolumeA
GetVersion
GetTempPathW
VirtualAlloc
GetProcessTimes
PeekConsoleInputW
DebugSetProcessKillOnExit
Thread32First
EnumDateFormatsA
GetNumaAvailableMemoryNode
Module32Next
RemoveLocalAlternateComputerNameA
UnregisterConsoleIME
MoveFileWithProgressA
FindResourceExW
FindFirstFileExW
GetCurrentDirectoryW
CancelTimerQueueTimer
DuplicateHandle
EnumTimeFormatsA
GetProcessHeap
DeleteVolumeMountPointA
LZCloseFile
EnumSystemCodePagesA
GetProcessHeaps
VirtualQueryEx
EnumSystemCodePagesW
VDMConsoleOperation
GetWindowsDirectoryW
ExitProcess
RequestDeviceWakeup
_llseek
GetComputerNameExW
GetConsoleInputExeNameA
DeleteTimerQueueTimer
HeapAlloc
VirtualProtectEx
lstrcatW
GetVolumePathNameW
SetEndOfFile
DeviceIoControl
FindVolumeClose
SetFileTime
QueryActCtxW
lstrcmpi
LocalAlloc
DosPathToSessionPathA
ExitVDM
Heap32ListFirst
InterlockedExchangeAdd
SetCommState
FindNextVolumeMountPointW
EraseTape
OpenConsoleW
GetSystemInfo
GetFileInformationByHandle
GetEnvironmentStringsW
ScrollConsoleScreenBufferW
LoadLibraryA
LocalCompact
AddLocalAlternateComputerNameA

hid

HidD_GetInputReport
HidD_GetProductString
HidD_FreePreparsedData
HidP_GetScaledUsageValue
HidP_GetExtendedAttributes
HidP_GetSpecificButtonCaps
HidD_GetAttributes
HidD_GetNumInputBuffers
HidD_SetNumInputBuffers
HidD_GetPhysicalDescriptor
HidP_MaxUsageListLength
HidD_GetPreparsedData
HidD_SetFeature
HidD_GetMsGenreDescriptor
HidP_GetData
HidP_GetLinkCollectionNodes

actxprxy

GetProxyDllInfo

cryptui

LocalEnrollNoDS
CryptUIWizBuildCTL
CryptUIDlgViewCTLA
CryptUIDlgViewCertificatePropertiesW
LocalEnroll
CryptUIWizFreeDigitalSignContext
ACUIProviderInvokeUI
CryptUIWizDigitalSign
CryptUIDlgViewSignerInfoA
CryptUIDlgViewCertificateA
CryptUIFreeCertificatePropertiesPagesA
CryptUIDlgViewSignerInfoW
CryptUIGetCertificatePropertiesPagesW
WizardFree
CryptUIWizCreateCertRequestNoDS
I_CryptUIProtect
CryptUIWizImport
RetrievePKCS7FromCA
CryptUIFreeViewSignaturesPagesA
CryptUIDlgSelectCertificateW
CryptUIWizSubmitCertRequestNoDS
CryptUIDlgSelectCertificateA

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0feda38496316a8e56ad61ab2e77665f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

hid

actxprxy

cryptui

Sections

.text Size: 70KB - Virtual size: 70KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 52KB - Virtual size: 198KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 336B

.text
Size: 70KB - Virtual size: 70KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 52KB - Virtual size: 198KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 336B