1252fe3218c5519256a140440474b836_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1252fe3218c5519256a140440474b836_JaffaCakes118
Size

795KB
MD5

1252fe3218c5519256a140440474b836
SHA1

1ddb13a447e01a386413b8c0d26b024477b5e76b
SHA256

a4064d1821177bfffee47d3d4352482f8914d9db97b665640fdb0216bd4a6cde
SHA512

d9aad962863229e51e89c5dfd90db16a95f7fa0a710cbda476359f90933bce85d83dfb0645aa180749a765265b2c83b4d59fe29c5483e70ac68609a765fc0aed
SSDEEP

24576:tEzjkB8PWfwi0CsuAsqkMJViTWna/hZjQUzP:K0B8PSwiZPuXnktQuP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1252fe3218c5519256a140440474b836_JaffaCakes118

Files

1252fe3218c5519256a140440474b836_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b6c3897b0b3aae85d7fa347d8f164dc9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CACountCAs
CAOIDGetProperty
CASetCAExpiration
CAGetCertTypeFlagsEx
CACertTypeQuery
CASetCertTypeKeySpec
CAGetCACertificate
CAOIDGetLdapURL
DllInstall
CAOIDFreeProperty
CACreateNewCA
CACertTypeGetSecurity
CAInstallDefaultCertType
CAUpdateCA
CAEnumNextCertType
CACountCertTypes

kernel32

lstrcmpA
GetProcessHeap
ContinueDebugEvent
HeapDestroy
GlobalFindAtomA
lstrcmp
EnumSystemLocalesA
BuildCommDCBA
LocalLock
GetCurrentProcessId
DeleteFileA
QueryDosDeviceW
IsValidLocale
RemoveDirectoryA
_hwrite
BaseInitAppcompatCacheSupport
ResumeThread
ReadConsoleInputExA
GetEnvironmentStringsA
EnumTimeFormatsW
VirtualAlloc
LoadLibraryA
CloseHandle

msasn1

ASN1BERDecObjectIdentifier2
ASN1BEREncChar32String
ASN1BEREncMultibyteString
ASN1CEREncBitString
ASN1objectidentifier_cmp
ASN1CEREncChar16String
ASN1_Decode
ASN1BEREncOpenType
ASN1utf8string_free
ASN1BEREncObjectIdentifier
ASN1DecRealloc
ASN1BERDecObjectIdentifier
ASN1BEREncEoid
ASN1octetstring_cmp
ASN1BEREncCheck
ASN1BERDecPeekTag
ASN1ztchar16string_free
ASN1BERDecOpenType2
ASN1BEREoid_free
ASN1CEREncGeneralizedTime
ASN1utctime_cmp
ASN1intx_sub
ASN1BERDecZeroCharString
ASN1ztchar32string_free

ntdll

NtCallbackReturn
RtlUnicodeStringToAnsiString
NtTestAlert
ZwQueryOpenSubKeys
LdrVerifyImageMatchesChecksum
ZwLockProductActivationKeys
NtCreateKey
__isascii
NtUnmapViewOfSection
NtQueryDefaultUILanguage
ZwCreateEvent
ZwAccessCheckByTypeResultList
towupper
RtlAcquireResourceExclusive
NtReplaceKey
RtlRealSuccessor
ZwReleaseKeyedEvent
NtQueryPortInformationProcess

msvcirt

?close@fstream@@QAEXXZ
??_Eostream_withassign@@UAEPAXI@Z
??5istream@@QAEAAV0@AAN@Z
?seekp@ostream@@QAEAAV1@JW4seek_dir@ios@@@Z
??0ofstream@@QAE@ABV0@@Z
??_8stdiostream@@7Bostream@@@
??6ostream@@QAEAAV0@P6AAAVios@@AAV1@@Z@Z
?clog@@3Vostream_withassign@@A
?doallocate@strstreambuf@@MAEHXZ
?write@ostream@@QAEAAV1@PBCH@Z
?lockptr@ios@@IAEPAU_CRT_CRITICAL_SECTION@@XZ
??_Gifstream@@UAEPAXI@Z
??_Gistream_withassign@@UAEPAXI@Z
??_8ofstream@@7B@
?get@istream@@QAEAAV1@AAVstreambuf@@D@Z
?unlock@ios@@QAAXXZ

crtdll

iswlower
_ltow
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
vswprintf
_msize
getc
ctime
fflush
_putw
_scalb
_execl
_mbsbtype
_ismbcupper
_findnext
iscntrl
__fpecode
_mkdir
_y1
isalpha
rename
memchr

Sections

.text
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 286KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6c3897b0b3aae85d7fa347d8f164dc9

Headers

DLL Characteristics

File Characteristics

Imports

certcli

kernel32

msasn1

ntdll

msvcirt

crtdll

Sections

.text Size: 252KB - Virtual size: 252KB

.rdata Size: 252KB - Virtual size: 252KB

.data Size: 286KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 252KB - Virtual size: 252KB

.rdata
Size: 252KB - Virtual size: 252KB

.data
Size: 286KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB