05ad116b4e8220506033530032dfa548_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

05ad116b4e8220506033530032dfa548_JaffaCakes118
Size

265KB
MD5

05ad116b4e8220506033530032dfa548
SHA1

f6cdd6e715c43f5a237d10c43b976f12df2a0288
SHA256

09bbaea8c7a721605c7a66856aa87022c0fd5bdb5c20e25f82502afe5af4a242
SHA512

c076f4d5005fd616f8eb97ee58b5f6b51e39d28da9b10be717bc6b9a11bb189fa98f0f044cdc48c6ad9a304a8bb22c201b80eb4ded51f82e6a0795a754152b53
SSDEEP

6144:pbZ7yfZo7LZpt+ek31mud3g074Sxk3dENCu634Li2eT3008M1:b7j7FLkFzg0Bxen53nT3pN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05ad116b4e8220506033530032dfa548_JaffaCakes118

Files

05ad116b4e8220506033530032dfa548_JaffaCakes118
.exe windows:6 windows x86 arch:x86

dda7030084477ea2b6d03c930bda059b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advpack

FileSaveMarkNotExist
RebootCheckOnInstall
CloseINFEngine
RegSaveRestoreOnINF
RegRestoreAll
GetVersionFromFileEx
TranslateInfString
TranslateInfStringEx
AdvInstallFile

user32

SetProcessDefaultLayout
GetMessageA
SetCursor
ShowWindow
OpenClipboard
DefWindowProcA
GetSysColorBrush
GetSubMenu
CreateWindowExA
SetDlgItemInt
RegisterClassExA
GetMenu
ScreenToClient
SetWindowPos
GetWindowTextA
SetFocus
EnableWindow
TrackPopupMenuEx
SendMessageA
IsClipboardFormatAvailable
LoadMenuA
CheckMenuRadioItem
DispatchMessageA
EndPaint
SetMenu
DialogBoxParamA
GetSysColor
SetWindowLongA
TranslateMessage
DestroyWindow
CheckMenuItem
UpdateWindow
GetClipboardData
CheckDlgButton

kernel32

VirtualFree
ReleaseMutex
InterlockedDecrement
CloseHandle
CreateMutexA
GetVersion
InterlockedPopEntrySList
lstrcpynA
SetFilePointer
CallNamedPipeA
VirtualAllocEx
lstrlenA
ReadFile
DisconnectNamedPipe
CreateSemaphoreA
InterlockedIncrement
IsBadStringPtrA
GetSystemTime
GetLastError
FileTimeToLocalFileTime
CreateFileA
ConnectNamedPipe
FileTimeToDosDateTime
OpenMutexA
InterlockedFlushSList
InterlockedPushEntrySList
DeleteFileA
GetFileTime
InterlockedExchangeAdd

cryptui

CryptUIDlgViewContext
CryptUIDlgSelectCertificateFromStore
CryptUIWizBuildCTL
CryptUIDlgViewCertificateA
DllRegisterServer
CryptUIDlgSelectCA
CryptUIDlgViewCRLA
LocalEnroll
CryptUIWizQueryCertRequestNoDS
CryptUIWizImport
CryptUIDlgViewCTLA
ACUIProviderInvokeUI

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 213KB - Virtual size: 924KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dda7030084477ea2b6d03c930bda059b

Headers

DLL Characteristics

File Characteristics

Imports

advpack

user32

kernel32

cryptui

Sections

.text Size: 46KB - Virtual size: 46KB

.data Size: 5KB - Virtual size: 4KB

.rsrc Size: 213KB - Virtual size: 924KB

.text
Size: 46KB - Virtual size: 46KB

.data
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 213KB - Virtual size: 924KB