3f5e647c5861a8bb947bbef3ce85b1fb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f5e647c5861a8bb947bbef3ce85b1fb_JaffaCakes118
Size

835KB
MD5

3f5e647c5861a8bb947bbef3ce85b1fb
SHA1

a1ab3e15dd6f4f09c67e329233ac00d6dbd2f69b
SHA256

76cf57a44a6cc03c8e18c6e2d6531c3451c40353978e24ffb69ce5a9b19d278a
SHA512

560a9480f84428525a40cbd62d36df4f4c72c5bef373dc69befb8123bef8fbc26d51a2899c64d9dc5635c5ee03d12a82e203d4c62b73ea81e3060483de1dd5b7
SSDEEP

12288:H6j7AnO4aPWte1MM3LethB5MNfemJ9C4YAr6K2B0Nx0GG+p2m2LtK/1j1:ykcWtjMOhSemJfYAbbLG+pt2Lt21j1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f5e647c5861a8bb947bbef3ce85b1fb_JaffaCakes118

Files

3f5e647c5861a8bb947bbef3ce85b1fb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1148a60ca49afb12ff849957687f1ea7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleSetClipboard
DllDebugObjectRPCHook
CoInitializeSecurity
CLIPFORMAT_UserMarshal
StgGetIFillLockBytesOnILockBytes
HBITMAP_UserUnmarshal
HWND_UserFree
MonikerRelativePathTo
HPALETTE_UserFree
CoIsOle1Class
CoFreeAllLibraries
CoAddRefServerProcess
IsValidPtrIn
OleSetContainedObject
CoDisconnectObject
StgConvertVariantToProperty
OleCreateEmbeddingHelper
CoInitializeWOW
HMETAFILE_UserMarshal
CoDisableCallCancellation

iphlpapi

_PfAddGlobalFilterToInterface@8
GetIpStatistics
_PfBindInterfaceToIndex@16
GetIcmpStatistics
Icmp6SendEcho2
GetIfEntry
Icmp6ParseReplies
GetInterfaceInfo
_PfRemoveFilterHandles@12
GetAdaptersAddresses
InternalSetIpStats
CreateProxyArpEntry
_PfRemoveFiltersFromInterface@20
_PfDeleteLog@0
NotifyAddrChange
GetUdpTable
NTTimeToNTPTime
IcmpCreateFile
Icmp6CreateFile
_PfAddFiltersToInterface@24
SetIfEntry
IcmpSendEcho2
SetIpForwardEntry
FlushIpNetTable
GetTcpStatistics
UnenableRouter
CreateIpNetEntry
InternalDeleteIpForwardEntry
AllocateAndGetIpAddrTableFromStack
GetAdaptersInfo
GetIpErrorString

kernel32

LoadLibraryW
FindNextVolumeMountPointW
UnregisterWait
ReadFileScatter
SetHandleCount
FindFirstFileW
FoldStringW
IsValidCodePage
EnumDateFormatsA
SetLocaleInfoW
GetVolumeInformationW
GetUserDefaultLCID
MoveFileExA
GetCommandLineW
GetNumaAvailableMemoryNode
QueueUserWorkItem
ReleaseMutex
CompareStringW
GetProcAddress
GetTickCount
GlobalAlloc
EnterCriticalSection
InitializeCriticalSection
LZRead

crypt32

RegCreateKeyExU
CryptInstallDefaultContext
RegDeleteValueU
CryptGetMessageCertificates
CryptHashCertificate
CryptVerifyDetachedMessageSignature
I_CryptRemoveLruEntry
CryptExportPublicKeyInfo
CryptHashToBeSigned
CryptMsgGetParam
CertGetCertificateContextProperty

ssdpapi

CleanupCache
RegisterService
FindServicesCallback
FreeSsdpMessage
GetNextService
DHSetICSOff
FindServicesCancel
RegisterNotification
FindServicesClose
DeregisterNotification
GetFirstService
DHSetICSInterfaces
SsdpCleanup
SsdpStartup
FindServices
DeregisterService

oleacc

GetRoleTextA
DllRegisterServer
AccessibleObjectFromPoint
IID_IAccessible
AccessibleChildren
IID_IAccessibleHandler
CreateStdAccessibleProxyW
GetStateTextW
LresultFromObject
AccessibleObjectFromEvent
CreateStdAccessibleProxyA
WindowFromAccessibleObject

Sections

.text
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 165KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1148a60ca49afb12ff849957687f1ea7

Headers

DLL Characteristics

File Characteristics

Imports

ole32

iphlpapi

kernel32

crypt32

ssdpapi

oleacc

Sections

.text Size: 362KB - Virtual size: 361KB

.rdata Size: 97KB - Virtual size: 96KB

.data Size: 165KB - Virtual size: 1.6MB

.rsrc Size: 209KB - Virtual size: 208KB

.reloc Size: 1024B - Virtual size: 960B

.text
Size: 362KB - Virtual size: 361KB

.rdata
Size: 97KB - Virtual size: 96KB

.data
Size: 165KB - Virtual size: 1.6MB

.rsrc
Size: 209KB - Virtual size: 208KB

.reloc
Size: 1024B - Virtual size: 960B