f4eaee28b8a13f32646b0c88c70e6d5e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f4eaee28b8a13f32646b0c88c70e6d5e_JaffaCakes118
Size

244KB
MD5

f4eaee28b8a13f32646b0c88c70e6d5e
SHA1

4b922d441500609725585db9618680e06c790051
SHA256

189362acfd24254eec62f57d599a47431aba624f218ca8c6a0425c1828793bb0
SHA512

529ba9645c8dd1a0e5ab99d8103ac9b8abad80bca9d1950cf9b52b5740cc679231181e63cffc7d3686e79ed3e3542867e20b9f7e716d54339b3c815105b54250
SSDEEP

3072:TqXyDddDgd5FKseG2eJjHrbFK0DH0KDHbnnZKcWJa4KOlq+0UKPocCq34LR+2Q+I:Tq0bA5FleG2eS0D0KPsd0UKPoW41VSBv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4eaee28b8a13f32646b0c88c70e6d5e_JaffaCakes118

Files

f4eaee28b8a13f32646b0c88c70e6d5e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b0078e09cd01185ca67e6fadd6385a86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

secur32

LsaGetLogonSessionData
LsaEnumerateLogonSessions
LsaFreeReturnBuffer

oleaut32

VariantClear
SysFreeString
VariantInit
SysAllocString

user32

TranslateMessage
PeekMessageW
PostMessageW
DispatchMessageW
GetWindowThreadProcessId
CharNextW
EnumWindows
IsWindow

ole32

CoCreateInstance

kernel32

MoveFileExW
HeapFree
HeapReAlloc
ExpandEnvironmentStringsW
CreateEventW
RaiseException
SetFileAttributesW
lstrlenW
LoadLibraryExW
GetSystemInfo
SetUnhandledExceptionFilter
HeapSize
HeapDestroy
OpenProcess
CreateFileW
CloseHandle
GetFileSize
DisableThreadLibraryCalls
DeleteCriticalSection
LocalAlloc
DeleteFileW
OutputDebugStringW
FindClose
SizeofResource
LoadResource
lstrlenA
FreeLibrary
ReleaseMutex
GetCurrentThreadId
CreateProcessW
WideCharToMultiByte
DeviceIoControl
RemoveDirectoryW
GetLocalTime
ReadFile
UnhandledExceptionFilter
LeaveCriticalSection
SetLastError
GetSystemTimeAsFileTime
FindResourceExW
CreateDirectoryW
GetFileSizeEx
CreateMutexW
LockResource
HeapAlloc
WaitForSingleObject
MoveFileW
FindResourceW
LocalFree
FindNextFileW
GetProcessHeap
FormatMessageW
WriteFile
WTSGetActiveConsoleSessionId
SetEndOfFile
SetFilePointerEx
EnterCriticalSection
FindFirstFileW
IsDebuggerPresent
VirtualAlloc

iphlpapi

GetAdaptersInfo

rpcrt4

UuidCreate

mscms

CreateColorTransformA
SetColorProfileElement
GetColorProfileFromHandle
CreateMultiProfileTransform
RegisterCMMA
CheckBitmapBits
CreateDeviceLinkProfile
GetColorProfileElementTag

shimeng

SE_InstallBeforeInit
SE_IsShimDll
SE_DllUnloaded
SE_DynamicShim
SE_InstallAfterInit

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.fLIVi
Size: 2KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.esr
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Y
Size: 1KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 212KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GedCV
Size: 1KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0078e09cd01185ca67e6fadd6385a86

Headers

DLL Characteristics

File Characteristics

Imports

secur32

oleaut32

user32

ole32

kernel32

iphlpapi

rpcrt4

mscms

shimeng

Sections

.text Size: 19KB - Virtual size: 18KB

.fLIVi Size: 2KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 2KB

.esr Size: 512B - Virtual size: 2KB

.Y Size: 1KB - Virtual size: 18KB

.data Size: 212KB - Virtual size: 397KB

.GedCV Size: 1KB - Virtual size: 11KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 19KB - Virtual size: 18KB

.fLIVi
Size: 2KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 2KB

.esr
Size: 512B - Virtual size: 2KB

.Y
Size: 1KB - Virtual size: 18KB

.data
Size: 212KB - Virtual size: 397KB

.GedCV
Size: 1KB - Virtual size: 11KB

.rsrc
Size: 3KB - Virtual size: 3KB