d3d53da06b3efaefe075cb17ee90d34b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d3d53da06b3efaefe075cb17ee90d34b_JaffaCakes118
Size

2.3MB
MD5

d3d53da06b3efaefe075cb17ee90d34b
SHA1

cc6ae64236326a69b6ce522929fea20669754e5c
SHA256

6a2403020313f3d32464922dad56853df67e20293d0e84866208ddaad52161de
SHA512

11265660dc0c2258179cf11af037190db1c64dfd7de4d77d904f012df87226924368fa2b876c8f07eb8b48f2dd5e8c3b6583ddf6ce1eb2f75ffa2e7b0876961c
SSDEEP

12288:V39/jcTksa0YhAmsvceMa7/d15LCM6gIcG81a37WzfNes+r7og92XxWf4+CVW3JV:VZjc809aCtCdbIfNVo7ojUiOJ999rRAy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3d53da06b3efaefe075cb17ee90d34b_JaffaCakes118

Files

d3d53da06b3efaefe075cb17ee90d34b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

82628f9d230252cb331e5682528741b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnableScrollBar
PostThreadMessageW
GetPriorityClipboardFormat
GetRegisteredRawInputDevices
CheckMenuRadioItem
FillRect
GetCursorPos
SetCursor
RemovePropW
GetKeyboardLayoutList
ShowScrollBar
LockWindowUpdate
SetForegroundWindow
IsWindowUnicode
MapVirtualKeyExW
CharUpperW

ole32

CLSIDFromString
CoGetMalloc

crypt32

CryptStringToBinaryW
CertVerifyCertificateChainPolicy
CryptProtectData
CryptQueryObject
CertGetNameStringW
CryptHashPublicKeyInfo
CryptExportPKCS8
CertVerifyTimeValidity
CertGetEnhancedKeyUsage
CertControlStore
CertAddStoreToCollection
CertFreeCTLContext
CertFreeCertificateContext
CryptEncodeObjectEx
CryptEncodeObject
CryptDecodeObjectEx
CryptFindOIDInfo
CryptMsgOpenToDecode
CertCloseStore
CertCreateCertificateContext

advapi32

OpenSCManagerW
RegQueryValueExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey

kernel32

OutputDebugStringW
HeapAlloc
HeapReAlloc
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
CreateFileW
GlobalFree
VirtualAlloc
GetEnvironmentStringsW
GetLastError
SetHandleCount
GetLocalTime
GetSystemInfo
LoadLibraryW
GetModuleHandleExW
GetTempPathW
GetFullPathNameW
FindNextFileW
FindVolumeMountPointClose
IsValidCodePage
GetStringTypeW
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
GetCommandLineW
RaiseException
EncodePointer
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsProcessorFeaturePresent
IsDebuggerPresent
GetACP
RtlUnwind

mprapi

MprConfigServerConnect
MprConfigGetFriendlyName
MprConfigInterfaceTransportEnum
MprConfigInterfaceDelete
MprConfigTransportDelete
MprConfigTransportCreate

ntdsapi

DsFreeNameResultW

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 922KB - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.e3ttai
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.de42t
Size: 451KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5785
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.6376
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82628f9d230252cb331e5682528741b1

Headers

File Characteristics

Imports

user32

ole32

crypt32

advapi32

kernel32

mprapi

ntdsapi

Sections

.text Size: 92KB - Virtual size: 92KB

.data Size: 922KB - Virtual size: 7.1MB

.idata Size: 4KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.e3ttai Size: 314KB - Virtual size: 313KB

.de42t Size: 451KB - Virtual size: 451KB

.5785 Size: 189KB - Virtual size: 189KB

.6376 Size: 239KB - Virtual size: 238KB

.rsrc Size: 100KB - Virtual size: 99KB

.text
Size: 92KB - Virtual size: 92KB

.data
Size: 922KB - Virtual size: 7.1MB

.idata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.e3ttai
Size: 314KB - Virtual size: 313KB

.de42t
Size: 451KB - Virtual size: 451KB

.5785
Size: 189KB - Virtual size: 189KB

.6376
Size: 239KB - Virtual size: 238KB

.rsrc
Size: 100KB - Virtual size: 99KB