ff5b0e72c84f9fa2a15b7cdfc006cfb2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ff5b0e72c84f9fa2a15b7cdfc006cfb2_JaffaCakes118
Size

2.1MB
MD5

ff5b0e72c84f9fa2a15b7cdfc006cfb2
SHA1

3f84f240df25530fa5d7ef0d3073db960bfc934d
SHA256

b929fa88145f184832b75d85b2b44559664dbce8d248a611ecfcf86ce07b997a
SHA512

bfd8bb96b8558d57b743c44ed1f60201b2450e546a8371da00fe7c5c6b184b159cb97f4f6d6227a7d16c9d6d32f1359481ac7f137cfe750ef1ee1328b6438046
SSDEEP

24576:qnxvkrY10HQsl+qGpszgS2wpVFfRjJ/XFKM2sKMMLtg92lf3g:exLgQoRJpVdRVvEM23MMo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff5b0e72c84f9fa2a15b7cdfc006cfb2_JaffaCakes118

Files

ff5b0e72c84f9fa2a15b7cdfc006cfb2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e45f48820c299ff8678b2393aab6290f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalFree
VirtualAlloc
GetCommState
GetSystemTime
GetSystemTimeAsFileTime
lstrcmpW
CreateEventW
CreateFileMappingW
GetModuleHandleW
GetModuleHandleExW
OutputDebugStringW
GetSystemDirectoryW
GetFileAttributesExW
MapViewOfFileEx
GetCPInfo
MultiByteToWideChar
GetThreadLocale
GetUserDefaultLCID
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetProcAddress
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
EnterCriticalSection
LeaveCriticalSection
HeapFree
LoadLibraryExW
RtlUnwind
GetStringTypeW
HeapAlloc
HeapReAlloc
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
CreateFileW

wintrust

WTHelperGetProvCertFromChain

user32

DrawFrameControl
CreateDialogParamW
GetDlgItem
CheckDlgButton
RegisterClipboardFormatW
IsClipboardFormatAvailable
ReleaseCapture
MsgWaitForMultipleObjects
CreateAcceleratorTableW
DrawEdge
DestroyMenu
TrackPopupMenu
BeginPaint
ScrollWindow
GetClientRect
ScreenToClient
FindWindowExW
GetTopWindow
DrawIconEx
GetKeyboardLayout
GetMenuState

rasapi32

RasGetEntryPropertiesW

ntdsapi

DsCrackNamesW

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 510KB - Virtual size: 7.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ut6be0
Size: 445KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tnsbr
Size: 418KB - Virtual size: 417KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uhni
Size: 537KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e45f48820c299ff8678b2393aab6290f

Headers

File Characteristics

Imports

kernel32

wintrust

user32

rasapi32

ntdsapi

Sections

.text Size: 137KB - Virtual size: 136KB

.data Size: 510KB - Virtual size: 7.4MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.ut6be0 Size: 445KB - Virtual size: 444KB

.tnsbr Size: 418KB - Virtual size: 417KB

.uhni Size: 537KB - Virtual size: 536KB

.rsrc Size: 107KB - Virtual size: 106KB

.text
Size: 137KB - Virtual size: 136KB

.data
Size: 510KB - Virtual size: 7.4MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.ut6be0
Size: 445KB - Virtual size: 444KB

.tnsbr
Size: 418KB - Virtual size: 417KB

.uhni
Size: 537KB - Virtual size: 536KB

.rsrc
Size: 107KB - Virtual size: 106KB