cfe547651f81fddf754cf142c7ceaa36_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cfe547651f81fddf754cf142c7ceaa36_JaffaCakes118
Size

294KB
MD5

cfe547651f81fddf754cf142c7ceaa36
SHA1

d742f417be2064db5bc3f52336e3e3428e5fd608
SHA256

1ca338a814a1983d7c574311932bd6d274cc6511e1556c07b173147ec774d78f
SHA512

b0953cfcc54bec26431936d052594565f6de732b3931d99cbd2e331f80d33796bdb182dd615928e55f5dd02bc43ff9e6448cefb569b06dbdc7c9f07151a9ab01
SSDEEP

6144:io6qddR6+lW8M/DMy6JSWkpnKNTxE+83x44yIwxrUG3m2J53R1Y3bnjD:io6zQK4LJSXBKNTxE+uXlwxr7jJT12j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfe547651f81fddf754cf142c7ceaa36_JaffaCakes118

Files

cfe547651f81fddf754cf142c7ceaa36_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4c9d6ccbf6b8f5d8d6814fb30ed87e47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetSystemTimeAsFileTime
VirtualAlloc
ReadFileScatter
GetProcessHeaps
HeapAlloc
DosDateTimeToFileTime
FileTimeToDosDateTime
SetEnvironmentVariableA
GetEnvironmentStringsA
WriteFileGather
GetStringTypeExA
CloseHandle
InterlockedExchange
FileTimeToLocalFileTime
FreeEnvironmentStringsA
lstrcmpA
GetFileTime
SetFirmwareEnvironmentVariableA
SetFilePointer
GetFileAttributesExA
IsBadStringPtrA
lstrcpyA
DisconnectNamedPipe
GetProcessHeap
GetNamedPipeHandleStateA
InterlockedDecrement
GetNamedPipeInfo
GetStringTypeA
WaitNamedPipeA
CreateFileA
lstrcpynA
VirtualFree
GetModuleHandleA
InterlockedPopEntrySList
ReadFileEx
GetSystemTime
CallNamedPipeA
lstrcatA
GetLocalTime
InterlockedCompareExchange
GetFileAttributesA
GetSystemTimeAdjustment
GetSystemTimes
CompareStringA
HeapSize
SetNamedPipeHandleState
WriteFile
InterlockedIncrement
WriteFileEx
ExpandEnvironmentStringsA
lstrlenA
ConnectNamedPipe
FileTimeToSystemTime
lstrcmpiA
InterlockedExchangeAdd
PeekNamedPipe
SystemTimeToFileTime
TransactNamedPipe
SetFilePointerEx
InterlockedPushEntrySList
ReadFile
GetFirmwareEnvironmentVariableA
GetEnvironmentVariableA
InterlockedFlushSList
DeleteFileA

user32

EnableWindow
SetFocus
SendMessageA
TranslateAcceleratorA
TrackPopupMenuEx
IsDialogMessageA
TranslateMessage
EndPaint
IsChild
GetSysColor
SetDlgItemInt
LoadIconA
MessageBoxA
DispatchMessageA
GetDlgCtrlID
DialogBoxParamA
GetWindowTextA
HideCaret
SetWindowPos
SetWindowTextA
SetMenu
EndDialog
DestroyMenu
GetDlgItem
CharNextA
WinHelpA
PostQuitMessage
UpdateWindow
IsClipboardFormatAvailable
GetDesktopWindow
ScreenToClient
GetClientRect
DefWindowProcA
GetSysColorBrush
ChildWindowFromPoint
CreateWindowExA
SetDlgItemTextA
SetWindowLongA
MessageBeep
OpenClipboard
MapWindowPoints
GetWindowLongA
GetMenu
DestroyWindow
LoadStringA
CheckMenuRadioItem
CloseClipboard
GetWindowRect
BeginPaint
CheckDlgButton
RegisterClassExA
GetClipboardData
GetMessageA
LoadAcceleratorsA
CreateDialogParamA
CheckRadioButton
SetCursor
CheckMenuItem
ShowWindow
LoadCursorA
EnableMenuItem
InvalidateRect
OffsetRect
DrawTextA
GetSubMenu
GetProcessDefaultLayout
CallWindowProcA
SystemParametersInfoA
SetProcessDefaultLayout
LoadMenuA

advpack

ExtractFiles
GetVersionFromFileEx
NeedRebootInit
CloseINFEngine
AddDelBackupEntry
FileSaveRestoreOnINF
RegInstall
TranslateInfString
RebootCheckOnInstall
LaunchINFSection
FileSaveRestore
DelNode
RegisterOCX
TranslateInfStringEx
UserUnInstStubWrapper
UserInstStubWrapper
FileSaveMarkNotExist
DelNodeRunDLL32
GetVersionFromFile
RunSetupCommand
NeedReboot
OpenINFEngine
LaunchINFSectionEx
RegSaveRestoreOnINF
AdvInstallFile
SetPerUserSecValues
RegSaveRestore
ExecuteCab
IsNTAdmin
RegRestoreAll
DoInfInstall

cryptui

CryptUIDlgViewSignerInfoA
DllRegisterServer
CryptUIDlgViewCertificatePropertiesA
CryptUIWizCertRequest
CryptUIDlgSelectStoreA
CryptUIDlgViewCRLA
CryptUIFreeCertificatePropertiesPagesA
CryptUIGetViewSignaturesPagesA
CryptUIDlgSelectCertificateFromStore
WizardFree
CryptUIDlgSelectCA
RetrievePKCS7FromCA
CryptUIFreeViewSignaturesPagesA
CryptUIWizImport
CryptUIDlgCertMgr
CryptUIGetCertificatePropertiesPagesA
CryptUIWizDigitalSign
I_CryptUIProtect
ACUIProviderInvokeUI
CryptUIWizBuildCTL
DllUnregisterServer
CryptUIWizCreateCertRequestNoDS
EnrollmentCOMObjectFactory_getInstance
CryptUIWizSubmitCertRequestNoDS
CryptUIWizQueryCertRequestNoDS
CryptUIStartCertMgr
CryptUIDlgSelectCertificateA
CryptUIDlgViewCertificateA
CryptUIDlgViewContext
CryptUIDlgViewCTLA
CryptUIDlgFreeCAContext
LocalEnroll
CryptUIWizFreeDigitalSignContext
CryptUIWizFreeCertRequestNoDS
LocalEnrollNoDS
I_CryptUIProtectFailure
CryptUIWizExport

Sections

.text
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c9d6ccbf6b8f5d8d6814fb30ed87e47

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advpack

cryptui

Sections

.text Size: 282KB - Virtual size: 282KB

.data Size: 6KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 744KB

.text
Size: 282KB - Virtual size: 282KB

.data
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 744KB