f9e2fbeba5722b617ccf3b70c9c95aed_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f9e2fbeba5722b617ccf3b70c9c95aed_JaffaCakes118
Size

353KB
MD5

f9e2fbeba5722b617ccf3b70c9c95aed
SHA1

8e78be587f6224f98e7b03e88c2c400b4e230990
SHA256

45d42a69af6981db0d747ead52fe64672205ba8cb0055cbd4a413e3ec2048d84
SHA512

41a2fb396b186b28711a62d7279c0f98d954a0b3c919fea5b963e3f6c493d2c30f18ce40ffa1fb8a27d72de3905bdc13d00736c94ec0e873cecad87021fda932
SSDEEP

6144:DCcDwwzpmNsF4gBMk831pHmu6fFgesKpVUjz7/spdxFHIJTRfQz/3tjkXXHEAvYP:nwwzsNso6u6eUVU37/spdDHIJ5nYP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9e2fbeba5722b617ccf3b70c9c95aed_JaffaCakes118

Files

f9e2fbeba5722b617ccf3b70c9c95aed_JaffaCakes118
.exe windows:8 windows x86 arch:x86

2c92f3ef8ec67e3aa364012735c7bc14

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cryptui

CryptUIWizImport
RetrievePKCS7FromCA
CryptUIWizFreeDigitalSignContext
EnrollmentCOMObjectFactory_getInstance
CryptUIStartCertMgr
CryptUIGetCertificatePropertiesPagesA
CryptUIFreeCertificatePropertiesPagesA
I_CryptUIProtectFailure
CryptUIDlgSelectCertificateFromStore
CryptUIDlgViewCRLA
CryptUIFreeViewSignaturesPagesA
CryptUIDlgSelectCertificateA
CryptUIDlgViewCertificateA
CryptUIGetViewSignaturesPagesA
CryptUIWizFreeCertRequestNoDS
LocalEnrollNoDS
CryptUIWizBuildCTL
DllRegisterServer
CryptUIDlgViewCertificatePropertiesA
CryptUIDlgViewSignerInfoA
CryptUIDlgSelectStoreA
CryptUIWizCertRequest
CryptUIDlgViewCTLA
WizardFree
CryptUIDlgViewContext
LocalEnroll
ACUIProviderInvokeUI
DllUnregisterServer
CryptUIDlgSelectCA
CryptUIDlgCertMgr
CryptUIDlgFreeCAContext
CryptUIWizCreateCertRequestNoDS
I_CryptUIProtect
CryptUIWizExport

user32

CreateWindowExA
GetWindowTextA
EnableMenuItem
OpenClipboard
GetWindowLongA
TranslateMessage
SetMenu
OffsetRect
GetDlgItem
CharNextA
PostQuitMessage
GetMenu
SetWindowLongA
SetFocus
DrawTextA
IsChild
MessageBeep
CheckMenuItem
CloseClipboard
WinHelpA
LoadAcceleratorsA
BeginPaint
CallWindowProcA
HideCaret
GetSysColor
ShowWindow
LoadStringA
IsClipboardFormatAvailable
CheckDlgButton
DialogBoxParamA
CheckRadioButton
SetProcessDefaultLayout
RegisterClassExA
SetDlgItemTextA
ScreenToClient
ChildWindowFromPoint
GetWindowRect
GetMessageA
GetSysColorBrush
SendMessageA
SetWindowTextA
CheckMenuRadioItem
UpdateWindow
MapWindowPoints
DispatchMessageA
GetProcessDefaultLayout
SetCursor
TranslateAcceleratorA
MessageBoxA
LoadMenuA
DestroyMenu
InvalidateRect
EnableWindow
SetDlgItemInt
DefWindowProcA
SetWindowPos
LoadIconA
EndPaint
GetDesktopWindow
TrackPopupMenuEx
GetSubMenu
DestroyWindow
SystemParametersInfoA
CreateDialogParamA
GetDlgCtrlID

advpack

RunSetupCommand
RebootCheckOnInstall
CloseINFEngine
ExecuteCab
AddDelBackupEntry
TranslateInfStringEx
RegSaveRestore
OpenINFEngine
LaunchINFSectionEx
SetPerUserSecValues
NeedRebootInit
FileSaveMarkNotExist
GetVersionFromFileEx
DoInfInstall
NeedReboot
RegInstall
LaunchINFSection
GetVersionFromFile
UserUnInstStubWrapper
AdvInstallFile
FileSaveRestoreOnINF
UserInstStubWrapper
ExtractFiles
DelNode
RegRestoreAll
RegSaveRestoreOnINF

kernel32

VirtualAlloc
GetFileAttributesExA
GetFileTime
SystemTimeToFileTime
SetFirmwareEnvironmentVariableA
CreateFileA
lstrcmpA
ExpandEnvironmentStringsA
WriteFileEx
SetFilePointer
DisconnectNamedPipe
HeapSize
CompareStringA
CloseHandle
lstrlenA
GetFirmwareEnvironmentVariableA
InterlockedPushEntrySList
lstrcatA
InterlockedDecrement
WriteFileGather
GetStringTypeA
DeleteFileA
SetEnvironmentVariableA
lstrcpyA
GetEnvironmentStringsA
GetNamedPipeInfo
GetSystemTime
GetNamedPipeHandleStateA
ReadFile
GetSystemTimes
GetProcessHeap
DosDateTimeToFileTime
InterlockedPopEntrySList
GetFileAttributesA
InterlockedIncrement
PeekNamedPipe
GetSystemTimeAdjustment
InterlockedExchange
ReadFileScatter
lstrcmpiA
WriteFile
GetModuleHandleA
WaitNamedPipeA
GetEnvironmentVariableA
GetProcessHeaps
GetSystemTimeAsFileTime
GetLocalTime
FreeEnvironmentStringsA
VirtualFree
HeapAlloc
GetStringTypeExA
SetNamedPipeHandleState
ReadFileEx
lstrcpynA
InterlockedFlushSList
ConnectNamedPipe
InterlockedExchangeAdd

Sections

.text
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 728KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c92f3ef8ec67e3aa364012735c7bc14

Headers

DLL Characteristics

File Characteristics

Imports

cryptui

user32

advpack

kernel32

Sections

.text Size: 278KB - Virtual size: 278KB

.data Size: 9KB - Virtual size: 9KB

.rsrc Size: 64KB - Virtual size: 728KB

.text
Size: 278KB - Virtual size: 278KB

.data
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 64KB - Virtual size: 728KB