f4e7296cdfe6770857143e250beabb97_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f4e7296cdfe6770857143e250beabb97_JaffaCakes118
Size

35KB
MD5

f4e7296cdfe6770857143e250beabb97
SHA1

c80813f3bc900a279906a914f21f2211829ea3fa
SHA256

9be7e11a7ede17bb9301346fb10d6864388d8e2f5cf2974e04d52a3f69cd1779
SHA512

de8a459c0dd47e8ee666bd668444820eeef9e9f47295a4fd8dda0c118367ba9ea3bc747cb073cd988a5ad9309a7ad3ea1704eb77da598b1d0d5afaadab097515
SSDEEP

768:P6eY5SEtTy4fP0rhbNujIEvyHW0scIwFiIRw11bV+BllD6a:SeuPfQkjRvyHrhIwqZszD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4e7296cdfe6770857143e250beabb97_JaffaCakes118

Files

f4e7296cdfe6770857143e250beabb97_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5726db4ae54ebec74a9d02835d33f9dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

DsGetDcNameW
DsRoleFreeMemory
NetServerGetInfo
DsRoleGetPrimaryDomainInformation
NetUserModalsGet
NetApiBufferFree

certcli

CASetCertTypePropertyEx
CAUpdateCertType
CACertTypeGetSecurity
CACertTypeSetSecurity
CACloseCertType
CADeleteCertType
CAGetCertTypePropertyEx
CAOIDDelete
CAOIDAdd
CAOIDCreateNew
CAGetCertTypeKeySpec
CASetCertTypeExtension
CAFreeCertTypeExtensions
CASetCertTypeFlagsEx
CAGetCertTypeExpiration
CAFreeCertTypeProperty
CAOIDGetProperty
CAOIDFreeProperty
CAGetCertTypeProperty
CAGetCertTypeExtensions
CAGetCertTypeFlagsEx
CAInstallDefaultCertType
CAFindCertTypeByName
CAOIDSetProperty
CAIsCertTypeCurrent
CASetCertTypeExpiration
CACloneCertType
CASetCertTypeKeySpec

msvcrt

iswspace
_ultow
wcsncpy
_initterm
strspn
_adjust_fdiv
_onexit
_wcsicmp
mbstowcs
_wcsnicmp
strncmp
wcschr
wcslen
__CxxFrameHandler
atoi
__dllonexit
wcscmp
_except_handler3
strstr
wcscpy
free
_CxxThrowException
malloc
_stricmp
__RTDynamicCast
wcsstr
_purecall

ole32

ReleaseStgMedium
GetHGlobalFromStream
StringFromCLSID
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
StringFromGUID2
CoInitialize
CreateStreamOnHGlobal
CoTaskMemFree

crypt32

CryptFormatObject
CryptEnumOIDInfo
CryptDecodeObject
CertFindExtension
CryptFindOIDInfo

user32

PostMessageW
GetDlgItem
GetParent
SetWindowsHookExW
SendMessageW
SetWindowLongW
GetWindowLongW
LoadIconW
UnhookWindowsHookEx
LoadBitmapW
RegisterClipboardFormatW
SetClipboardData
CallNextHookEx
InsertMenuItemW
ScreenToClient
OpenClipboard
WinHelpW
LoadStringW
GetDlgCtrlID
EnableWindow
CloseClipboard
EmptyClipboard
LoadMenuW
GetSubMenu
MessageBoxW
ChildWindowFromPointEx

usp10

ScriptGetFontProperties

ntdll

RtlInitUnicodeString
RtlCompareUnicodeString

kernel32

GetCurrentThreadId
GetCurrentProcessId
InitializeCriticalSection
GetTickCount
lstrlenW
GetSystemTimeAsFileTime
Sleep
GetVersion
FreeConsole
InterlockedIncrement
CompareFileTime
SetLastError
GlobalLock
VirtualAlloc
MultiByteToWideChar
GetProcAddress
LoadLibraryW
LocalFree
FormatMessageW
CompareStringW
OutputDebugStringA
UnhandledExceptionFilter
IsBadStringPtrW
InterlockedDecrement
CloseHandle
GetLastError
GetModuleHandleW
LocalAlloc
lstrcpynW
GetCurrentThread
DeleteCriticalSection
GetWindowsDirectoryW
GetSystemWindowsDirectoryW
GetFileAttributesW
TerminateProcess
GlobalUnlock
SetUnhandledExceptionFilter
GetModuleFileNameW
lstrcmpiW
QueryPerformanceCounter
GetComputerNameW
GetVersionExW
GetCurrentProcess
WideCharToMultiByte
LoadLibraryA
GetModuleHandleA
GlobalAlloc

shell32

ShellExecuteW

Sections

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5726db4ae54ebec74a9d02835d33f9dd

Headers

File Characteristics

Imports

netapi32

certcli

msvcrt

ole32

crypt32

user32

usp10

ntdll

kernel32

shell32

Sections

.rdata Size: 8KB - Virtual size: 7KB

.text Size: 512B - Virtual size: 432B

.idata Size: 5KB - Virtual size: 4KB

.data Size: - Virtual size: 160KB

.rsrc Size: 21KB - Virtual size: 20KB

.rdata
Size: 8KB - Virtual size: 7KB

.text
Size: 512B - Virtual size: 432B

.idata
Size: 5KB - Virtual size: 4KB

.data
Size: - Virtual size: 160KB

.rsrc
Size: 21KB - Virtual size: 20KB