d0c1ed719480b1fd19fb277b30bc0817_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d0c1ed719480b1fd19fb277b30bc0817_JaffaCakes118
Size

157KB
MD5

d0c1ed719480b1fd19fb277b30bc0817
SHA1

b9d81a2f9fc9f1190dfd6e65cc179f8cb13520cb
SHA256

92be0953deaa7196544bb90da1003a01609d8aab34d3b6d63149819aad469b63
SHA512

4698198a5bc3aedb784282326dc7df6c12e1330ea489264dbcbcc3fdbf26304c27eebe82d7bb46133a21ce31adc73d88c37981190b176d04b73200da97ccc00a
SSDEEP

3072:5SMGJ7GPorNDcu8eLk1QAQYtuz0W0DlJeSikIjmqhhvy+u:5lGJ7Gg5rAQYU8DvPCmMHu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0c1ed719480b1fd19fb277b30bc0817_JaffaCakes118

Files

d0c1ed719480b1fd19fb277b30bc0817_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d33cece5ddb19893fc88a0687f82b27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

SetSecurityInfoExA
QueryAllTracesW
RegOpenUserClassesRoot
RegDeleteValueA
ControlService
RegUnLoadKeyA
QueryServiceConfigW
GetTokenInformation
CloseTrace
OpenProcessToken
LsaCreateTrustedDomainEx
RegisterServiceCtrlHandlerExW
LockServiceDatabase
InitiateSystemShutdownExW
ChangeServiceConfigW
RegNotifyChangeKeyValue
CryptExportKey
SetEntriesInAclW
SetPrivateObjectSecurityEx
SystemFunction019

kernel32

SetThreadExecutionState
CreateWaitableTimerA
GetEnvironmentStringsW
GetThreadPriority
CreateEventA
GetSystemDefaultUILanguage
BuildCommDCBW
OutputDebugStringW
GetComputerNameExW
FatalAppExitW
GetConsoleCommandHistoryLengthW
SetTapePosition
WritePrivateProfileStructA
SystemTimeToFileTime
VirtualAlloc
SetComputerNameExW
IsBadHugeReadPtr
GlobalReAlloc
GetProcessHeap
SetEndOfFile
GetPriorityClass
GlobalGetAtomNameA
GlobalAddAtomW
AllocConsole
PrivCopyFileExW
lstrcpynA
FindFirstFileExW
WritePrivateProfileStringA
CreateTimerQueue
SetLocalTime
GetNamedPipeHandleStateA
ResumeThread
lstrcmpiA
WaitForSingleObject
FindFirstChangeNotificationW
lstrcpynW
OpenEventA
lstrlen
InterlockedDecrement
Process32Next

crypt32

CertCloseStore
CryptVerifyCertificateSignatureEx
I_CryptReleaseLruEntry
CertFindCTLInStore
CertDuplicateCRLContext
CertGetNameStringW
CertSetCertificateContextProperty
I_CryptGetDefaultCryptProv
PFXVerifyPassword
CertFreeCTLContext
CertIsValidCRLForCertificate
CertFreeCertificateContext
CryptSignCertificate
I_CryptSetTls
CryptUnprotectData
CertAddSerializedElementToStore
I_CryptInstallAsn1Module
I_CryptGetTls
CryptVerifyCertificateSignature
CertEnumCertificateContextProperties
CertAddEnhancedKeyUsageIdentifier
CryptDecodeObject
CertCreateSelfSignCertificate
CertEnumCTLsInStore
I_CryptAddSmartCardCertToStore
CertSetEnhancedKeyUsage
CertGetSubjectCertificateFromStore
CryptImportPublicKeyInfo
CryptHashPublicKeyInfo
CreateFileU

gdi32

CancelDC
GetMetaFileBitsEx
GetCharWidthInfo
SetBitmapBits
EnumFontFamiliesExA
TextOutW
GetCharWidthFloatA
STROBJ_bEnumPositionsOnly
EngComputeGlyphSet
RemoveFontResourceW
GdiEntry3
CreateMetaFileA
SetTextJustification
ExtTextOutW
GdiRealizationInfo
SetBoundsRect
StretchDIBits
GetBitmapDimensionEx
CreateEnhMetaFileA
CreateEnhMetaFileW
XLATEOBJ_cGetPalette
GetTextFaceW
GetTextMetricsA
GetEnhMetaFileDescriptionA
GetCharABCWidthsW
GetEnhMetaFileW
EnumObjects

Sections

.bss
Size: 46KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CRT
Size: 39KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 31KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d33cece5ddb19893fc88a0687f82b27

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

crypt32

gdi32

Sections

.bss Size: 46KB - Virtual size: 109KB

CRT Size: 39KB - Virtual size: 104KB

.data Size: 31KB - Virtual size: 45KB

.text Size: 8KB - Virtual size: 7KB

.rsrc Size: 32KB - Virtual size: 31KB

.bss
Size: 46KB - Virtual size: 109KB

CRT
Size: 39KB - Virtual size: 104KB

.data
Size: 31KB - Virtual size: 45KB

.text
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 32KB - Virtual size: 31KB