24f52f1dcce72ed6e538ff63890435bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24f52f1dcce72ed6e538ff63890435bb_JaffaCakes118
Size

2.9MB
MD5

24f52f1dcce72ed6e538ff63890435bb
SHA1

0b03406c9377d8de767e3ad03440c79d9fc7533c
SHA256

f5d5475ead0436bbcfbf53cea21b907d84f411662401770e86f52165fa96dde6
SHA512

41abb5d2115128f0ff361e220c7c807d518a424e72cbff17e32529bf6ab507c5f754604d24a0a345c6b9359380a3bb21250eafb982d9a5dd3f5eec22bf1273bb
SSDEEP

24576:1pmG/nC6i28+RJry2XGfc9rftcK5JNucQHl1Xi6x1F:1pLC6i3+bV9jVQ/XiO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24f52f1dcce72ed6e538ff63890435bb_JaffaCakes118

Files

24f52f1dcce72ed6e538ff63890435bb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

17bee0dbaa4d02a886906806322c9654

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertSetCertificateContextProperty
CertGetCertificateContextProperty
CertAddCertificateContextToStore
CertAddStoreToCollection
CertGetPublicKeyLength
CertVerifyTimeValidity
CryptExportPublicKeyInfo
CertCreateCertificateContext
CryptExportPKCS8
CertNameToStrW
CryptProtectData
CertFreeCertificateChain
CryptStringToBinaryW
CryptBinaryToStringW
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
CryptEncodeObjectEx
CryptMsgUpdate
CryptMsgClose
CryptMsgOpenToDecode
CryptFindOIDInfo
CryptDecodeObject
CryptDecodeObjectEx
CryptEncodeObject
CryptAcquireCertificatePrivateKey

kernel32

CreateDirectoryW
CreateFileW
GetFileAttributesW
MultiByteToWideChar
GetStringTypeW
LocalAlloc
VirtualAlloc
HeapAlloc
TlsFree
HeapFree
CloseHandle
SetHandleCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
HeapReAlloc

wininet

InternetOpenUrlW
InternetConnectW
InternetOpenW
InternetCrackUrlW
HttpOpenRequestW

comctl32

FlatSB_GetScrollInfo
FlatSB_SetScrollPos
DestroyPropertySheetPage
ImageList_Create
ImageList_Destroy
ImageList_Replace
ImageList_DrawEx
ImageList_GetIcon
ImageList_LoadImageW
ImageList_Write
ImageList_SetIconSize

shell32

ShellAboutW
SHChangeNotify
DragQueryFileW
DragFinish
DragAcceptFiles
ShellExecuteW
SHFileOperationW
SHGetFileInfoW
SHGetMalloc
SHGetDesktopFolder

user32

MsgWaitForMultipleObjects
WinHelpW
DestroyWindow
SetWindowPos
CreateDialogParamW
GetDlgItemInt
GetNextDlgTabItem
LoadImageW
TrackPopupMenuEx
GetDC
ReleaseDC
ScrollWindow
SetScrollPos
GetPropW
SetCursor
DrawFocusRect
IsRectEmpty
SetWindowLongW
LoadIconW

psapi

EnumDeviceDrivers
GetProcessImageFileNameW
GetModuleFileNameExW

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17bee0dbaa4d02a886906806322c9654

Headers

File Characteristics

Imports

crypt32

kernel32

wininet

comctl32

shell32

user32

psapi

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.data Size: 512B - Virtual size: 64.1MB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 6KB - Virtual size: 8KB

.text
Size: 2.9MB - Virtual size: 2.9MB

.data
Size: 512B - Virtual size: 64.1MB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 6KB - Virtual size: 8KB