ce528fe9df1db321f5d23b739e6b8408_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ce528fe9df1db321f5d23b739e6b8408_JaffaCakes118
Size

859KB
MD5

ce528fe9df1db321f5d23b739e6b8408
SHA1

9634c8f99e7c297a60352cf05890bb7ac96ca34d
SHA256

6d27a607c4b7811bea9720a4e2f2eb654834bba48c572b9d7ef59efa83f536cf
SHA512

24bda1b50ae80fe51801202015a46998635f807f63160af5f74a8880602bfc2e3fad0314bc66a933c6e018fd3a666f1fb9dbdddf9d80f3e30bcb2cc563511210
SSDEEP

24576:19PlJ7n5FLlM0bvjR1PrnZOPA8vifXenonXe0:rPl9BMOjHrZOPFAX8oXX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce528fe9df1db321f5d23b739e6b8408_JaffaCakes118

Files

ce528fe9df1db321f5d23b739e6b8408_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6c976b9437c90efdf284b14bc3b81e58

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLCID
VirtualFreeEx
GetProcAddress
SetConsoleInputExeNameA
InvalidateConsoleDIBits
GlobalWire
VirtualAlloc
GetProcessIoCounters
QueryDosDeviceW
GetBinaryType
GetUserDefaultLCID
GetGeoInfoW
GlobalFlags
RemoveDirectoryW
CreateActCtxA
SizeofResource
OutputDebugStringA
OpenMutexA
IsDebuggerPresent
lstrcpyn
GetSystemPowerStatus
SetConsoleCursor
CloseProfileUserMapping
DosDateTimeToFileTime
LZDone
CancelDeviceWakeupRequest
VerLanguageNameA
SearchPathW
SetThreadUILanguage
GetPrivateProfileSectionNamesW
GetSystemDirectoryW
BaseCleanupAppcompatCacheSupport
IsValidCodePage
GetCurrentDirectoryA
LockFile
GlobalFindAtomA
WaitForSingleObjectEx
GlobalDeleteAtom
SetFirmwareEnvironmentVariableW
GetConsoleDisplayMode
AddLocalAlternateComputerNameW
CreateJobSet
ResetWriteWatch
GetMailslotInfo
HeapWalk
SleepEx
IsValidLocale
SetConsoleNlsMode
AttachConsole
lstrcmpiW
LeaveCriticalSection
LoadLibraryA
ExpungeConsoleCommandHistoryA
FindNextVolumeMountPointW
GetComputerNameExW
GetSystemDefaultLangID
GetConsoleInputExeNameW
EnterCriticalSection
SetTimerQueueTimer
GetPrivateProfileIntA
HeapReAlloc
FindNextVolumeMountPointA
FormatMessageA
PrivCopyFileExW
MulDiv
SetThreadContext
GetModuleFileNameA
FindFirstVolumeMountPointW
SetVolumeMountPointA
SetConsoleFont
QueueUserWorkItem

msvcrt

exit
__p__commode
__set_app_type
__getmainargs

security

DecryptMessage
ApplyControlToken
ImportSecurityContextA
QuerySecurityPackageInfoA
AcquireCredentialsHandleA
DeleteSecurityPackageA
QueryCredentialsAttributesA
DeleteSecurityContext
ImpersonateSecurityContext
EnumerateSecurityPackagesA
QuerySecurityPackageInfoW
AcceptSecurityContext
ImportSecurityContextW
RevertSecurityContext
EnumerateSecurityPackagesW
DeleteSecurityPackageW
AddSecurityPackageA
AddSecurityPackageW
FreeCredentialsHandle
QueryContextAttributesW
CompleteAuthToken
QueryContextAttributesA
SealMessage
MakeSignature
ExportSecurityContext
InitSecurityInterfaceW
VerifySignature
QueryCredentialsAttributesW
QuerySecurityContextToken

lz32

LZCopy
LZCreateFileW
LZClose
LZCloseFile
LZRead
GetExpandedNameW
LZDone
LZSeek
LZOpenFileW
GetExpandedNameA
CopyLZFile
LZOpenFileA
LZStart
LZInit

perfts

CloseTSObject
CollectTSObjectData
OpenTSObject

mdminst

ClassInstall32

Sections

.text
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 519KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c976b9437c90efdf284b14bc3b81e58

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

security

lz32

perfts

mdminst

Sections

.text Size: 147KB - Virtual size: 147KB

.rdata Size: 519KB - Virtual size: 519KB

.data Size: 189KB - Virtual size: 1.6MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 147KB - Virtual size: 147KB

.rdata
Size: 519KB - Virtual size: 519KB

.data
Size: 189KB - Virtual size: 1.6MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1KB - Virtual size: 1KB