db0dd0a201cfd21cef28992c8db8a8a1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

db0dd0a201cfd21cef28992c8db8a8a1_JaffaCakes118
Size

845KB
MD5

db0dd0a201cfd21cef28992c8db8a8a1
SHA1

bd660df2e58eae1c721c5d5c1b5bb6df661bd51e
SHA256

5edd6590544bcb5c5f2ab95fd398436de18452007364d8cf8662cd85b4d49a0a
SHA512

554aa21a48088f57d30677569b6be5230841c43a99fad70c6a87d8e0d1b9c5a622549119d4c47b8c492d0364b57583c116e7edaee1e0448465e3b73c209c2254
SSDEEP

24576:tPVxEo0QzTZX+2+E+sGjLNkbFt+X9WkbFd+44FyuwS10gXGFB:bxEnmXH4sG2qUkJ044F5Mj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db0dd0a201cfd21cef28992c8db8a8a1_JaffaCakes118

Files

db0dd0a201cfd21cef28992c8db8a8a1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

27176ad07273c1b694c889ebe3ecc7f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateStreamOnHGlobal
StringFromCLSID
CoGetMalloc

user32

DdeAddData
DdeEnableCallback
DdeConnect
GetWindowInfo
SystemParametersInfoW
MapDialogRect
GetTopWindow
SetRectEmpty
FrameRect
ShowCursor
GetMenuItemInfoW
TrackPopupMenuEx
HiliteMenuItem
SetFocus
AttachThreadInput
DispatchMessageW

crypt32

CertNameToStrW
CryptAcquireCertificatePrivateKey
CertVerifyTimeValidity
CertFreeCTLContext
CertFreeCRLContext
CertEnumCertificatesInStore
CryptMsgGetParam
CryptMsgClose
CryptMsgOpenToDecode
CryptDecodeObject
CertGetCertificateChain

kernel32

InterlockedDecrement
GetStringTypeW
GetStringTypeA
LCMapStringW
InterlockedIncrement
MultiByteToWideChar
LoadLibraryA
GetProcAddress
LCMapStringA
ExitProcess
GlobalAlloc
GlobalLock
LocalAlloc
VirtualAlloc
HeapSize
CreateFiberEx
GetCurrentThreadId
GetLastError
InitializeCriticalSectionAndSpinCount
GetFileType
CloseHandle
lstrcmpiW
GetModuleFileNameW
GetModuleHandleW
ExpandEnvironmentStringsW
FindResourceW
GetTempPathW
GetDiskFreeSpaceW
GetFullPathNameW
GetCompressedFileSizeW
GetOEMCP
GetUserDefaultLCID
GetConsoleWindow
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
HeapAlloc

winspool.drv

EnumFormsW
AddMonitorW
EndDocPrinter

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.e6cr
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1hh6hm
Size: 603KB - Virtual size: 602KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27176ad07273c1b694c889ebe3ecc7f1

Headers

File Characteristics

Imports

ole32

user32

crypt32

kernel32

winspool.drv

Sections

.text Size: 40KB - Virtual size: 39KB

.data Size: 12KB - Virtual size: 6.7MB

.idata Size: 3KB - Virtual size: 2KB

.e6cr Size: 177KB - Virtual size: 177KB

.1hh6hm Size: 603KB - Virtual size: 602KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 40KB - Virtual size: 39KB

.data
Size: 12KB - Virtual size: 6.7MB

.idata
Size: 3KB - Virtual size: 2KB

.e6cr
Size: 177KB - Virtual size: 177KB

.1hh6hm
Size: 603KB - Virtual size: 602KB

.rsrc
Size: 8KB - Virtual size: 7KB