d54355f887073c318800d4637d60c1df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d54355f887073c318800d4637d60c1df_JaffaCakes118
Size

292KB
MD5

d54355f887073c318800d4637d60c1df
SHA1

612125fc6f23a1c1164ebee7bd2f5dff2e616b4b
SHA256

47d24c6d7009fb6d62336b3cb2d499e4b9d67a84dd6a406444a1660acf106c19
SHA512

dd59cc84d23b655808e344f236e42d5a70d48e9c97fb569fb1d43e9a456ba61d72f9604d38b2bc19113eed816f6a407061f1633a13dd5e7b84f4a64a06784527
SSDEEP

6144:zp8XByVKbZzX2MYRec3EEYY8e2a94mNQz7aV6Vw2UU1JOr5tFacVcfti:zWMVK1zGMYw7E9X94lSV6VweGtxCFi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d54355f887073c318800d4637d60c1df_JaffaCakes118

Files

d54355f887073c318800d4637d60c1df_JaffaCakes118
.exe windows:2 windows x86 arch:x86

00f04e1d3c2c59106763af120889f0e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cryptui

CryptUIDlgSelectCertificateFromStore
CryptUIDlgViewCTLA
CryptUIDlgSelectCA
CryptUIDlgViewContext
DllUnregisterServer
RetrievePKCS7FromCA
CryptUIWizImport
DllRegisterServer
CryptUIFreeViewSignaturesPagesA
CryptUIWizCertRequest
CryptUIDlgFreeCAContext
LocalEnroll
CryptUIDlgViewCertificateA
I_CryptUIProtect
CryptUIWizSubmitCertRequestNoDS
CryptUIFreeCertificatePropertiesPagesA
CryptUIDlgViewCertificatePropertiesA
CryptUIDlgViewCRLA
WizardFree
CryptUIDlgViewSignerInfoA
CryptUIGetViewSignaturesPagesA
CryptUIDlgSelectStoreA
CryptUIWizExport
LocalEnrollNoDS
CryptUIGetCertificatePropertiesPagesA
I_CryptUIProtectFailure
CryptUIDlgSelectCertificateA
ACUIProviderInvokeUI
CryptUIWizQueryCertRequestNoDS
CryptUIWizBuildCTL
CryptUIDlgCertMgr
EnrollmentCOMObjectFactory_getInstance
CryptUIWizDigitalSign
CryptUIWizFreeCertRequestNoDS

advpack

NeedReboot
RegisterOCX
RunSetupCommand
NeedRebootInit
CloseINFEngine
GetVersionFromFile
IsNTAdmin
LaunchINFSectionEx
FileSaveRestore
ExecuteCab
AdvInstallFile
FileSaveRestoreOnINF
TranslateInfStringEx
RegSaveRestoreOnINF
FileSaveMarkNotExist
UserInstStubWrapper
ExtractFiles
DelNodeRunDLL32
SetPerUserSecValues
OpenINFEngine
RegSaveRestore
RegRestoreAll
RegInstall
UserUnInstStubWrapper
DelNode
LaunchINFSection
TranslateInfString
AddDelBackupEntry
GetVersionFromFileEx

kernel32

FreeEnvironmentStringsA
SetNamedPipeHandleState
ReadFileScatter
ExpandEnvironmentStringsA
DeleteFileA
DisconnectNamedPipe
WriteFileEx
InterlockedFlushSList
GetFileAttributesExA
GetSystemTimes
GetStringTypeExA
GetFileTime
ReadFile
VirtualAlloc
lstrcmpA
TransactNamedPipe
SetEnvironmentVariableA
InterlockedExchange
GetStringTypeA
FileTimeToSystemTime
GetSystemTime
GetLocalTime
CreateFileA
WaitNamedPipeA
GetEnvironmentStringsA
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetProcessHeap
InterlockedExchangeAdd
IsBadStringPtrA
InterlockedPopEntrySList
InterlockedIncrement
InterlockedPushEntrySList
WriteFile
GetModuleHandleA
VirtualFree
lstrcmpiA
DosDateTimeToFileTime
FileTimeToLocalFileTime
SetFilePointerEx
WriteFileGather
GetNamedPipeHandleStateA
lstrcatA
lstrcpynA
ConnectNamedPipe
SystemTimeToFileTime
FileTimeToDosDateTime
SetFirmwareEnvironmentVariableA
CompareStringA
InterlockedDecrement
lstrlenA
HeapSize
InterlockedCompareExchange
SetFilePointer
lstrcpyA
GetFirmwareEnvironmentVariableA
GetFileAttributesA
CloseHandle
HeapAlloc
GetProcessHeaps
CallNamedPipeA

user32

DispatchMessageA
CheckMenuRadioItem
DrawTextA
InvalidateRect
CloseClipboard
CreateWindowExA
EnableMenuItem
GetWindowTextA
ScreenToClient
GetDlgItem
OffsetRect
PostQuitMessage
DialogBoxParamA
IsDialogMessageA
EnableWindow
BeginPaint
ShowWindow
CreateDialogParamA
LoadStringA
RegisterClassExA
GetDlgCtrlID
TrackPopupMenuEx
TranslateMessage
SetWindowPos
GetMenu
SetWindowTextA
MessageBoxA
IsChild
GetClientRect
SetDlgItemInt
DefWindowProcA
GetSysColorBrush
TranslateAcceleratorA
EndDialog
GetClipboardData
SetCursor
UpdateWindow
DestroyWindow
GetSysColor
SetMenu
LoadCursorA
CheckDlgButton
ChildWindowFromPoint
SendMessageA
SetWindowLongA
GetDesktopWindow
LoadIconA
CheckMenuItem
SystemParametersInfoA
GetSubMenu
OpenClipboard
SetProcessDefaultLayout
GetMessageA
HideCaret
GetProcessDefaultLayout
CheckRadioButton
DestroyMenu
GetWindowRect
WinHelpA
LoadAcceleratorsA
IsClipboardFormatAvailable
MapWindowPoints
SetDlgItemTextA
CallWindowProcA
CharNextA
LoadMenuA
EndPaint
SetFocus
GetWindowLongA
MessageBeep

Sections

.text
Size: 281KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00f04e1d3c2c59106763af120889f0e5

Headers

DLL Characteristics

File Characteristics

Imports

cryptui

advpack

kernel32

user32

Sections

.text Size: 281KB - Virtual size: 281KB

.data Size: 5KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 696KB

.text
Size: 281KB - Virtual size: 281KB

.data
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 696KB