064880ffa3f1750504328e0f7c66e110_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

064880ffa3f1750504328e0f7c66e110_JaffaCakes118
Size

849KB
MD5

064880ffa3f1750504328e0f7c66e110
SHA1

aa620663ee4334e07d097f4d8aa7a8ff983b7bd9
SHA256

845e796c578f3ba2d63c271598f4f092e638d9cb985a1c03cb334ba4062d9ae6
SHA512

89d113a042a6860d68b2be1e28e59357ada4f26669c86df5bf8650c16353270b91ebe2e5c56242e1e79dedb883262daecf595321e079a91bdea93fb51f61eba3
SSDEEP

12288:4vOyntaiSuhNZnjIsig609rh6j0+dxOXAeh40JGiVGwEFfpCU+a3juEUSQQYHC:yOyn0u1ncsg66jXsyK3Yv0eQQYi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
064880ffa3f1750504328e0f7c66e110_JaffaCakes118

Files

064880ffa3f1750504328e0f7c66e110_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0087e49c8c83a4f65e8da086417b1f39

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetAppCompatFlags2
MapVirtualKeyA
LoadStringW
EnumDesktopsA
EndDeferWindowPos
RegisterClassW
FrameRect
GetForegroundWindow
DlgDirListW
EndMenu
LoadMenuIndirectW
EditWndProc
SwapMouseButton
GetMonitorInfoA
DefDlgProcW
GetClipboardOwner
GetWindowModuleFileNameA
BringWindowToTop

cryptui

CryptUIDlgViewContext
CryptUIDlgViewCertificatePropertiesW
CryptUIStartCertMgr
CryptUIFreeCertificatePropertiesPagesW
CryptUIDlgSelectCA
CryptUIGetCertificatePropertiesPagesA
WizardFree
RetrievePKCS7FromCA
I_CryptUIProtectFailure
LocalEnrollNoDS
CryptUIDlgViewCRLW
CryptUIFreeViewSignaturesPagesA
CryptUIWizImport
ACUIProviderInvokeUI
CryptUIWizFreeDigitalSignContext
CryptUIFreeCertificatePropertiesPagesA
CryptUIWizCertRequest

crypt32

CertSetCRLContextProperty
CryptVerifyDetachedMessageHash
I_CryptUninstallOssGlobal
RegEnumValueU
CertStrToNameW
CertSetEnhancedKeyUsage
CryptGetOIDFunctionAddress
RegSetValueExU
CertVerifyCTLUsage
CryptCreateAsyncHandle
CertAddEncodedCertificateToStore
CryptSetProviderU
CertFindExtension
CryptRegisterDefaultOIDFunction
I_CryptSetTls
CryptHashCertificate
CryptMsgGetAndVerifySigner
CertGetValidUsages
CryptEnumOIDInfo
CryptEncryptMessage

kernel32

GetDiskFreeSpaceA
FindResourceExW
SetTimerQueueTimer
GetModuleHandleW
IsBadHugeReadPtr
FindFirstVolumeA
GetComputerNameA
QueueUserAPC
GetFullPathNameW
_lopen
FindNextFileW
lstrcpyA
_lcreat
InitializeCriticalSection
SetConsoleNumberOfCommandsA
HeapCreate
LoadLibraryA
GetCalendarInfoA
GlobalGetAtomNameA
FatalAppExitA
FindResourceExA
OpenWaitableTimerA
VirtualAlloc
GetDriveTypeA
IsWow64Process

comdlg32

PrintDlgA
dwOKSubclass
CommDlgExtendedError
ReplaceTextW
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameW
PrintDlgExA
PageSetupDlgA
ChooseColorW
LoadAlterBitmap
WantArrows
PrintDlgExW
GetOpenFileNameW
FindTextA
FindTextW
GetFileTitleW
GetSaveFileNameA

dhcpsapi

DhcpServerQueryAttribute
DhcpEnumOptionsV5
DhcpRemoveOptionV5
DhcpServerSetConfig
DhcpServerQueryAttributes
DhcpEnumSubnetClientsV4
DhcpDeleteClass
DhcpSetOptionValues
DhcpDsClearHostServerEntries
DhcpServerRestoreDatabase
DhcpDeleteSubnet
DhcpSetOptionInfo
DhcpScanMDatabase
DhcpGetOptionInfo
DhcpSetClientInfo
DhcpAddMScopeElement
DhcpEnumSubnetClients

Sections

.text
Size: 757KB - Virtual size: 757KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0087e49c8c83a4f65e8da086417b1f39

Headers

DLL Characteristics

File Characteristics

Imports

user32

cryptui

crypt32

kernel32

comdlg32

dhcpsapi

Sections

.text Size: 757KB - Virtual size: 757KB

.rdata Size: 83KB - Virtual size: 82KB

.data Size: 5KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 757KB - Virtual size: 757KB

.rdata
Size: 83KB - Virtual size: 82KB

.data
Size: 5KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB