2fcd3d4489e410f43e126390d3899361_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2fcd3d4489e410f43e126390d3899361_JaffaCakes118
Size

39KB
MD5

2fcd3d4489e410f43e126390d3899361
SHA1

8452c3f359b4c834898f8608d648aafcdb340cae
SHA256

a14d2e5caa4fed8e5005b608be9483af55527e02b2e3977ab2978ea8f6e5d5bd
SHA512

8e09d3bf1b69eab5735af7aaa5461e2406f2765dcac30932cb8d6dc22a84205aa27948ffda6cb0eed445d6d8141d474792af678392f5e001e29ee850e89af619
SSDEEP

768:SGChJQygiP3PfK9MJfAeWbijChMwRAp7SSpE+zNHlpcRYDIQkyWa6:SGCPQt99uPeiWh4cSpE+RHlpnDfWp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fcd3d4489e410f43e126390d3899361_JaffaCakes118

Files

2fcd3d4489e410f43e126390d3899361_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5a85dc4e8e10d7d806d36371aead7ba4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

hhsetup

?GetId@CLocation@@QBEPADXZ
?SetTitle@CFolder@@QAEXPBG@Z
?SetNextTitle@CTitle@@QAEXPAV1@@Z
??1CCollection@@QAE@XZ
??4CFolder@@QAEAAV0@ABV0@@Z
?GetPath@CLocation@@QAEPADXZ
?SetFirstChildFolder@CFolder@@QAEXPAV1@@Z
?HandleLocation@CCollection@@AAEKPAVCParseXML@@PAD@Z
?Release@CCollection@@AAEKXZ
?DeleteLocation@CCollection@@AAEKPAVCLocation@@@Z
?First@CPointerList@@QAEPAUListItem@@XZ
??4CLocation@@QAEAAV0@ABV0@@Z
?SetSampleLocation@CCollection@@QAEXPBD@Z
?GetParent@CFolder@@QAEPAV1@XZ
?bIsVisable@CFolder@@QAEHXZ
?MergeKeywords@CCollection@@QAEHPAD@Z
?GetFindMergedCHMS@CCollection@@QAEHXZ
?SetSampleLocation@CCollection@@QAEXPBG@Z

msoert2

HrGetMsgParam
CryptFreeFunc
HrIndexOfWeek
ReplaceCharsW
HrCopyStream
FMissingCert
HrGetStreamPos
HrIsStreamUnicode
HrGetCertKeyUsage
DeleteTempFile
CreateNotify
HrRewindStream
FIsValidFileNameCharW
MessageBoxInstW
StrToUintA
PszToANSI
WriteStreamToFileHandle
HrDecodeObject
GetHtmlCharset
HrIStreamToBSTR
IUnknownList_CreateInstance
CleanupGlobalTempFiles
FBuildTempPathW
RicheditStreamIn

mshtml

ShowModelessHTMLDialog
ShowModalDialog
CreateHTMLPropertyPage
ShowHTMLDialog
PrintHTML
ShowHTMLDialogEx
DllEnumClassObjects
DllCanUnloadNow

certcli

CAEnumCertTypesEx
CAGetCertTypeExpiration
DllInstall
CAFindByName
CAOIDGetLdapURL
DllGetClassObject
CAEnumCertTypesForCAEx
CASetCAExpiration
CAFindCertTypeByName
CACertTypeQuery
CAGetCertTypeFlags
CAGetCertTypeExtensions

kernel32

HeapSummary
ReadConsoleW
CommConfigDialogA
GetProcessShutdownParameters
TermsrvAppInstallMode
ConvertThreadToFiber
WriteConsoleInputA
GetProcessAffinityMask
CreateDirectoryExA
GetCurrentThread
GetNumberOfConsoleInputEvents
CreateMailslotA
GetCPInfo
CreateWaitableTimerW
GetPrivateProfileSectionNamesW
QueryPerformanceCounter
GetSystemTime
SetCurrentDirectoryW
GetEnvironmentVariableA
GetConsoleHardwareState
SetFileShortNameA
GetThreadSelectorEntry
lstrlen
SetComputerNameExW
SetConsoleNumberOfCommandsW
GetConsoleCommandHistoryLengthA
LoadLibraryW
GetConsoleSelectionInfo
GetSystemDefaultLCID
FreeResource
GetLocaleInfoW
OpenConsoleW
FindClose
GetModuleHandleW
MapUserPhysicalPages
GetComputerNameExW
SetConsoleNlsMode
Heap32First
GetUserDefaultLangID
GetConsoleTitleA

crypt32

CertAddStoreToCollection
CertVerifyCRLTimeValidity
CertAlgIdToOID
CertRegisterPhysicalStore
CryptMsgVerifyCountersignatureEncoded
CryptDecryptAndVerifyMessageSignature
RegCreateHKCUKeyExU
CertAddEncodedCertificateToStore
CertCreateContext
CertGetEnhancedKeyUsage

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a85dc4e8e10d7d806d36371aead7ba4

Headers

DLL Characteristics

File Characteristics

Imports

hhsetup

msoert2

mshtml

certcli

kernel32

crypt32

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 1KB