450c03cf35af9bfc94b3d74e8c3897ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

450c03cf35af9bfc94b3d74e8c3897ea_JaffaCakes118
Size

303KB
MD5

450c03cf35af9bfc94b3d74e8c3897ea
SHA1

b12aa135d665505b2ae41c4b3770285ea630fd12
SHA256

1a45c292ab4a417e30f2c178608c4d3afdba345a5c2c192aa795bb0949efd5ba
SHA512

9ef1529f602af1adaa8e3b4120b480b0c00116ab059faaa82206122b29834ec77a14d10d0456c0995f49dc714efa8d628a889ecceb4e65f3fc85f8a0cb30f079
SSDEEP

6144:2r7TlCicTLbaeq93g2mIpuP2rZ15dw/w63ZXLUi7yI5CQFXFkrH:ykicXB4+IZ9dAXH7yx6FG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
450c03cf35af9bfc94b3d74e8c3897ea_JaffaCakes118

Files

450c03cf35af9bfc94b3d74e8c3897ea_JaffaCakes118
.exe windows:1 windows x86 arch:x86

5481c00a9df8e180a164e3480cdd802f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetWindowLongA
SetDlgItemTextA
DialogBoxParamA
TranslateMessage
CallWindowProcA
OffsetRect
GetClipboardData
IsChild
LoadMenuA
SetMenu
IsClipboardFormatAvailable
TranslateAcceleratorA
GetMessageA
SetWindowPos
DefWindowProcA
SetCursor
CloseClipboard
MapWindowPoints
WinHelpA
TrackPopupMenuEx
HideCaret
CharNextA
MessageBeep
DrawTextA
GetDlgCtrlID
LoadStringA
LoadAcceleratorsA
DestroyMenu
EnableWindow
RegisterClassExA
GetDesktopWindow
GetWindowTextA
CreateWindowExA
CheckRadioButton
DestroyWindow
SetDlgItemInt
ChildWindowFromPoint
CheckMenuRadioItem
ScreenToClient
CheckMenuItem
LoadIconA
SetWindowTextA
SystemParametersInfoA
GetClientRect
SetWindowLongA
GetProcessDefaultLayout
CreateDialogParamA
PostQuitMessage
IsDialogMessageA
UpdateWindow
ShowWindow
DispatchMessageA
MessageBoxA
GetSysColorBrush
GetWindowRect
EndPaint
EndDialog
GetSubMenu
EnableMenuItem
LoadCursorA
InvalidateRect
GetMenu
OpenClipboard
SendMessageA
SetProcessDefaultLayout
CheckDlgButton
SetFocus
GetDlgItem
GetSysColor
BeginPaint

advpack

DelNode
TranslateInfStringEx
LaunchINFSectionEx
DelNodeRunDLL32
RebootCheckOnInstall
GetVersionFromFile
SetPerUserSecValues
RegisterOCX
RegSaveRestoreOnINF
NeedRebootInit
LaunchINFSection
FileSaveRestore
RegSaveRestore
IsNTAdmin
UserUnInstStubWrapper
RegInstall
OpenINFEngine
GetVersionFromFileEx
TranslateInfString
AdvInstallFile
AddDelBackupEntry
DoInfInstall
RegRestoreAll
FileSaveMarkNotExist
UserInstStubWrapper
FileSaveRestoreOnINF
RunSetupCommand
ExtractFiles
NeedReboot
ExecuteCab
CloseINFEngine

kernel32

GetSystemTimes
InterlockedPopEntrySList
GetProcessHeaps
TransactNamedPipe
GetStringTypeA
GetStringTypeExA
lstrcpyA
GetSystemTime
FileTimeToSystemTime
GetNamedPipeHandleStateA
GetEnvironmentStringsA
CallNamedPipeA
InterlockedIncrement
FreeEnvironmentStringsA
FileTimeToLocalFileTime
lstrcatA
GetFileAttributesExA
InterlockedCompareExchange
GetFirmwareEnvironmentVariableA
WriteFileGather
PeekNamedPipe
ReadFileScatter
SetEnvironmentVariableA
InterlockedDecrement
CompareStringA
InterlockedExchangeAdd
SetNamedPipeHandleState
DosDateTimeToFileTime
VirtualFree
ReadFileEx
CloseHandle
GetLocalTime
SetFirmwareEnvironmentVariableA
lstrlenA
InterlockedExchange
VirtualAlloc
lstrcmpA
GetNamedPipeInfo
GetProcessHeap
GetEnvironmentVariableA
ConnectNamedPipe
WriteFile
WriteFileEx
IsBadStringPtrA
ReadFile
CreateFileA
DisconnectNamedPipe
FileTimeToDosDateTime
lstrcmpiA
SystemTimeToFileTime
GetSystemTimeAdjustment
SetFilePointer
GetFileAttributesA
HeapSize
lstrcpynA
GetSystemTimeAsFileTime
HeapAlloc
InterlockedFlushSList
InterlockedPushEntrySList
ExpandEnvironmentStringsA
SetFilePointerEx
DeleteFileA
WaitNamedPipeA
GetFileTime

cryptui

LocalEnrollNoDS
CryptUIDlgCertMgr
LocalEnroll
CryptUIWizSubmitCertRequestNoDS
EnrollmentCOMObjectFactory_getInstance
CryptUIWizDigitalSign
CryptUIDlgFreeCAContext
CryptUIFreeViewSignaturesPagesA
CryptUIStartCertMgr
CryptUIGetViewSignaturesPagesA
CryptUIWizCertRequest
CryptUIWizQueryCertRequestNoDS
CryptUIDlgViewCRLA
CryptUIWizCreateCertRequestNoDS
CryptUIWizImport
CryptUIDlgSelectStoreA
ACUIProviderInvokeUI
RetrievePKCS7FromCA
CryptUIWizBuildCTL
CryptUIDlgViewCTLA
CryptUIDlgSelectCertificateA
CryptUIWizExport
CryptUIWizFreeDigitalSignContext
CryptUIDlgSelectCA
CryptUIDlgViewContext
CryptUIDlgViewCertificateA
DllUnregisterServer
CryptUIDlgSelectCertificateFromStore
I_CryptUIProtect
DllRegisterServer
CryptUIGetCertificatePropertiesPagesA
WizardFree
CryptUIDlgViewSignerInfoA
CryptUIDlgViewCertificatePropertiesA
CryptUIFreeCertificatePropertiesPagesA
CryptUIWizFreeCertRequestNoDS
I_CryptUIProtectFailure

Sections

.text
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5481c00a9df8e180a164e3480cdd802f

Headers

DLL Characteristics

File Characteristics

Imports

user32

advpack

kernel32

cryptui

Sections

.text Size: 254KB - Virtual size: 254KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 44KB - Virtual size: 744KB

.text
Size: 254KB - Virtual size: 254KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 44KB - Virtual size: 744KB