de01c16622a37b04d8cecb96fe2dfa00_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

de01c16622a37b04d8cecb96fe2dfa00_JaffaCakes118
Size

1.2MB
MD5

de01c16622a37b04d8cecb96fe2dfa00
SHA1

3cba8e30b78928d11bbad728e5c1a8402ba2634d
SHA256

c639be00013afb1630656617773fc9fbf998aeb710f4a4419dd029ad340574b2
SHA512

b429d9133868840e7329a643dff7928fe40819cc8c043a32944129a3fd55070b78376f48d8736433ed7d8a045c472a1d8e1d3b489499a78cd07cd0c56f78d118
SSDEEP

24576:XbkJ+aHjeyzyIcehoAC+ZOcTyUiQYTJ4fJR/0CZV:Xbo+Ujey9ceh9C6OxPTmfJd3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de01c16622a37b04d8cecb96fe2dfa00_JaffaCakes118

Files

de01c16622a37b04d8cecb96fe2dfa00_JaffaCakes118
.exe windows:5 windows x86 arch:x86

556c35b36755917c03de6ebcd9901b49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertVerifyCertificateChainPolicy
CertFreeCertificateChain
CryptQueryObject
CertNameToStrW
CryptExportPKCS8
CryptAcquireCertificatePrivateKey
CryptExportPublicKeyInfo
CertFindExtension
CertVerifyTimeValidity
CertAddCertificateContextToStore
CryptEncodeObjectEx
CertFreeCertificateContext
CertEnumCertificatesInStore
CertCloseStore
CryptFindOIDInfo
CryptEncodeObject

kernel32

LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleW
LoadLibraryW
CreateEventW
lstrcmpW
FileTimeToSystemTime
GetSystemTime
CloseHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
GetCurrentThreadId
VirtualAlloc
LocalFree
GlobalUnlock
GlobalLock
GetProcAddress
SetFilePointerEx
CreateFileW
HeapSize
GetStringTypeW
HeapReAlloc
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
HeapFree
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryExW
RtlUnwind
OutputDebugStringW
HeapAlloc

setupapi

SetupDiOpenDevRegKey
SetupCloseInfFile
SetupFindNextLine
SetupDiGetDeviceInterfaceDetailW
SetupDiBuildDriverInfoList
CM_Locate_DevNodeW
CM_Get_DevNode_Registry_Property_ExW
SetupDiGetDeviceInstallParamsW
SetupDiGetSelectedDriverW
SetupDiCallClassInstaller
SetupOpenInfFileW

comctl32

ImageList_Create
ImageList_Destroy
ImageList_Add
ImageList_ReplaceIcon
ImageList_GetBkColor
ImageList_SetOverlayImage
ImageList_Draw
ImageList_AddMasked
ImageList_DrawIndirect
ImageList_Remove
ImageList_LoadImageW
ImageList_Copy
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_SetScrollPos
FlatSB_GetScrollInfo
CreateStatusWindowW
ImageList_GetIconSize
ImageList_Read
CreatePropertySheetPageW

userenv

EnterCriticalPolicySection
LeaveCriticalPolicySection
UnregisterGPNotification
GetUserProfileDirectoryW
LoadUserProfileW

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bso1n
Size: 420KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wvy5h
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.6olh
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 379KB - Virtual size: 378KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

556c35b36755917c03de6ebcd9901b49

Headers

File Characteristics

Imports

crypt32

kernel32

setupapi

comctl32

userenv

Sections

.text Size: 87KB - Virtual size: 86KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 6.9MB

.bso1n Size: 420KB - Virtual size: 420KB

.wvy5h Size: 64KB - Virtual size: 64KB

.6olh Size: 248KB - Virtual size: 248KB

.rsrc Size: 379KB - Virtual size: 378KB

.text
Size: 87KB - Virtual size: 86KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 6.9MB

.bso1n
Size: 420KB - Virtual size: 420KB

.wvy5h
Size: 64KB - Virtual size: 64KB

.6olh
Size: 248KB - Virtual size: 248KB

.rsrc
Size: 379KB - Virtual size: 378KB