d4eac797e2c80c2542f9eb3ed0e7c9d4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d4eac797e2c80c2542f9eb3ed0e7c9d4_JaffaCakes118
Size

1.0MB
MD5

d4eac797e2c80c2542f9eb3ed0e7c9d4
SHA1

06e63fdd8f0b87ffea6fe1b05a2043bda70aa5d1
SHA256

11369354f9c52e9d4d2a34778032658aa24dddc294a3cdb8cee70b177e999a8c
SHA512

9b002c471ece8cea3ebd30e11b502e906c09ccad396767c7d23e4f7afaf8bbedf70dfa28de0ae10620df65d09c1292c2337432a96cc36bef6cd231dc4aca81a4
SSDEEP

24576:lXoYNL3MjheWCVwVttsdfktiC2XaFYbRD9:1sh1CZdhF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4eac797e2c80c2542f9eb3ed0e7c9d4_JaffaCakes118

Files

d4eac797e2c80c2542f9eb3ed0e7c9d4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4a2741519f3c508d7e820da06c098d89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_controlfp
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_initterm

uxtheme

GetThemePartSize
GetThemeSysColor
DrawThemeParentBackground
CloseThemeData

crypt32

CertVerifyTimeValidity
CertGetPublicKeyLength
CertGetEnhancedKeyUsage
CertAddStoreToCollection
CertAddCertificateContextToStore
CertGetCertificateContextProperty
CertSetCertificateContextProperty
CertFreeCertificateContext
CertCreateCertificateContext
CertEnumCertificatesInStore
CertCloseStore
CryptMsgGetParam
CryptBinaryToStringW
CryptStringToBinaryW
CertVerifyCertificateChainPolicy
CryptProtectData
CertGetNameStringW
CertNameToStrW
CryptHashPublicKeyInfo
CryptExportPKCS8
CryptEncodeObject
CryptFindOIDInfo
CryptMsgOpenToDecode
CryptMsgUpdate
CertFindExtension

user32

CheckDlgButton
EnableScrollBar
SetWindowTextW
GetClientRect
DrawIcon
UnionRect
FindWindowW
DrawIconEx
AppendMenuW
GetMenuItemCount
EnableMenuItem
CreatePopupMenu
LoadAcceleratorsW
MsgWaitForMultipleObjects
GetFocus
GetCursorPos
SetFocus
IsWindow
GetClassInfoExW
RegisterClassExW
CallWindowProcW
DispatchMessageW
GetKeyboardLayout
GetUpdateRect

psapi

GetMappedFileNameW
EnumDeviceDrivers
GetDeviceDriverBaseNameW
GetModuleFileNameExW

shell32

ExtractIconExW
SHGetSpecialFolderLocation
SHBindToParent

kernel32

GetProcAddress
LocalFree
VirtualAlloc
HeapReAlloc
LeaveCriticalSection
CloseHandle
lstrcmpW
LoadLibraryW
CreateProcessW
GetModuleHandleW
GetStartupInfoW

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 552KB - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5anoc9
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a2741519f3c508d7e820da06c098d89

Headers

File Characteristics

Imports

msvcrt

uxtheme

crypt32

user32

psapi

shell32

kernel32

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 552KB - Virtual size: 7.6MB

.5anoc9 Size: 350KB - Virtual size: 350KB

.rsrc Size: 111KB - Virtual size: 111KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 552KB - Virtual size: 7.6MB

.5anoc9
Size: 350KB - Virtual size: 350KB

.rsrc
Size: 111KB - Virtual size: 111KB