fbf1edca9759c3252fade90efdc4babc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fbf1edca9759c3252fade90efdc4babc_JaffaCakes118
Size

1.4MB
MD5

fbf1edca9759c3252fade90efdc4babc
SHA1

d02f0d0d8571e6d0f540fc9e115c38e8a29aa748
SHA256

c65658f8bf290235eb8e7bf796e7e16ebc44c4e6a2bbece4bf8a37328497cba0
SHA512

d65b91261e1d14f121451abebc5b6ed9e27825294cf4bd593552330708dce4501b33cbd4702574ae7748531696119193d6860d1886d1fb589e2072fb392f48d5
SSDEEP

24576:V6QX9lpos7ejdpF9v7xkLRkh5Hv3EV2/lM35/ZGc25mwY:sQNlsjvLNAkh8S6ZZb2dY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbf1edca9759c3252fade90efdc4babc_JaffaCakes118

Files

fbf1edca9759c3252fade90efdc4babc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8771d13f5d6a5209a72f41ba1241fe15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Locate_DevNodeW
CM_Get_Parent
CM_Get_DevNode_Status
CM_Get_DevNode_Registry_Property_ExW
CM_Get_Device_ID_ExW
CM_Get_Device_IDW
SetupDiGetActualSectionToInstallW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiOpenDevRegKey
SetupDiCallClassInstaller
SetupDiGetClassDevsExW
SetupDiGetClassDevsW
SetupDiGetDriverInfoDetailW
SetupDiBuildDriverInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceInstanceIdW
SetupDiOpenDeviceInfoW
SetupDiCreateDeviceInfoListExW
SetupInstallFromInfSectionW
SetupCloseFileQueue
SetupOpenFileQueue
SetupGetIntField
SetupGetStringFieldW
SetupGetFieldCount
SetupFindFirstLineW
SetupCloseInfFile
SetupOpenInfFileW

comdlg32

GetOpenFileNameW
GetFileTitleW

crypt32

CryptProtectData
CertNameToStrW
CryptHashPublicKeyInfo
CryptExportPKCS8
CryptAcquireCertificatePrivateKey
CryptExportPublicKeyInfo
CertVerifyTimeValidity
CryptHashCertificate
CertAddStoreToCollection
CertVerifyCertificateChainPolicy
CertSetCertificateContextProperty
CertCreateCertificateContext
CertEnumCertificatesInStore
CertCloseStore
CryptMsgUpdate
CryptMsgClose
CryptMsgOpenToDecode
CryptEnumOIDInfo
CryptFindOIDInfo
CryptEncodeObject
CryptStringToBinaryW
CertGetCertificateContextProperty
CryptBinaryToStringW

kernel32

GetOEMCP
GetCPInfo
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryExW
RtlUnwind
OutputDebugStringW
HeapReAlloc
GetStringTypeW
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CreateFileW
GetACP
FileTimeToSystemTime
GetProcAddress
VirtualAlloc
HeapDestroy
HeapAlloc
HeapFree
GetCurrentProcessId
GetEnvironmentStringsW
GetCurrentThreadId
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WaitForMultipleObjects
FindClose
CloseHandle
GetSystemTimeAsFileTime
GetSystemInfo
FormatMessageW
CreateFileMappingW
GetModuleHandleW
GetCommandLineW
ExpandEnvironmentStringsW
GetSystemDirectoryW
FindFirstFileW
MultiByteToWideChar
GetCommandLineA
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameA
WriteFile
GetModuleFileNameW
QueryPerformanceCounter
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree

userenv

ExpandEnvironmentStringsForUserW
RegisterGPNotification
LoadUserProfileW

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 942KB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8771d13f5d6a5209a72f41ba1241fe15

Headers

File Characteristics

Imports

setupapi

comdlg32

crypt32

kernel32

userenv

Sections

.text Size: 77KB - Virtual size: 76KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 942KB - Virtual size: 7.8MB

.rsrc Size: 364KB - Virtual size: 364KB

.text
Size: 77KB - Virtual size: 76KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 942KB - Virtual size: 7.8MB

.rsrc
Size: 364KB - Virtual size: 364KB