cc94464bca98871ff87df36a2c4c88dc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cc94464bca98871ff87df36a2c4c88dc_JaffaCakes118
Size

261KB
MD5

cc94464bca98871ff87df36a2c4c88dc
SHA1

1ba6dfd01bfe0a17c9aa66f9d5c5a18d894d47dc
SHA256

f02c04c4fecd9ad4387c8c2c631dc76cddb289119e87a368e498f930c7177a49
SHA512

5eabd949cd314d2e5e346f06779612266372587e705b66fa219ca0c74838a58d41d6ad38194353ceda396cbcb95a5cab4c4e624202dc0af0e9fbcf3f1f6b6554
SSDEEP

6144:/poqkPtoYJJgs7vBcIizR/7S0/Qg4gZdvmcwWt:/poqkVH/96fF4V+mIt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc94464bca98871ff87df36a2c4c88dc_JaffaCakes118

Files

cc94464bca98871ff87df36a2c4c88dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1dd2d6cf26a743c6f23a4cf254dd4d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExW
EnumProcessModules

kernel32

EnterCriticalSection
LocalFree
GetProcessHeap
GetSystemDirectoryW
SetThreadPriority
OpenFileMappingW
ReleaseSemaphore
GetModuleHandleW
PulseEvent
HeapAlloc
SetUnhandledExceptionFilter
WideCharToMultiByte
UnhandledExceptionFilter
CreateThread
GetFileSize
GetPriorityClass
CreateSemaphoreW
TlsSetValue
SetProcessWorkingSetSize
GetDateFormatW
FindCloseChangeNotification
lstrcmpW
TryEnterCriticalSection
SetPriorityClass
LoadLibraryExW
GetTempFileNameW
UnmapViewOfFile
OpenEventW
GetSystemInfo
CreateMutexW
CompareFileTime
SetLastError
TlsFree
CreateProcessW
CloseHandle
GetSystemTimeAsFileTime
CreateFileMappingW
FindNextChangeNotification
ExpandEnvironmentStringsW
HeapReAlloc
GetDriveTypeW
SystemTimeToFileTime
DeviceIoControl
lstrcpyW
ReleaseMutex
DeleteCriticalSection
FlushFileBuffers
FindFirstChangeNotificationW
GetSystemTime
WaitForSingleObject
TlsAlloc
GetLocalTime
GetWindowsDirectoryW
GetFileTime
SetFilePointer
GetCurrentDirectoryW
OpenSemaphoreW
GetPrivateProfileIntW
GetQueuedCompletionStatus
ResumeThread
MapViewOfFile
CreateFileW
LocalAlloc
RaiseException
DeleteFileW
SetEndOfFile
CreateEventW
lstrlenW
HeapFree
OutputDebugStringW
GetCurrentThreadId
LeaveCriticalSection
lstrcpynW
FindFirstFileW
FindNextFileW
GetPrivateProfileStringW
OpenMutexW
GetComputerNameW
lstrcatW
GetTempPathW
OpenProcess
lstrcmpA
WriteFile
IsDebuggerPresent
FindClose
SetCurrentDirectoryW
TlsGetValue
ResetEvent
TerminateThread
DuplicateHandle
CreateIoCompletionPort
SetErrorMode
lstrlenA
FreeLibrary
FormatMessageW
GetTimeFormatW
VirtualAllocEx

user32

MessageBoxW
wsprintfW
MsgWaitForMultipleObjects
DispatchMessageW
LoadStringW
FindWindowW
PeekMessageW

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyW
SetSecurityDescriptorDacl
RegQueryValueExW
QueryServiceStatus
GetTokenInformation
OpenServiceW
RegDeleteValueW
RegSetValueExW
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenSCManagerW
RegOpenKeyA
StartServiceW
ControlService
CloseServiceHandle
CreateProcessAsUserW
InitializeSecurityDescriptor
EnumDependentServicesW
RegOpenKeyExW

mscms

RegisterCMMA
UnregisterCMMA
InternalGetDeviceConfig
RegisterCMMW
ConvertIndexToColorName
SelectCMM
InstallColorProfileA
CreateProfileFromLogColorSpaceW
InternalGetPS2ColorSpaceArray

iedkcs32

BrandICW

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pghfZ
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.B
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.utmKY
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.T
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hVu
Size: 1024B - Virtual size: 961B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 213KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.go
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1dd2d6cf26a743c6f23a4cf254dd4d6

Headers

DLL Characteristics

File Characteristics

Imports

psapi

kernel32

user32

advapi32

mscms

iedkcs32

Sections

.text Size: 18KB - Virtual size: 17KB

.pghfZ Size: 2KB - Virtual size: 2KB

.B Size: 1KB - Virtual size: 2KB

.utmKY Size: 1024B - Virtual size: 1KB

.T Size: 1KB - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 3KB

.hVu Size: 1024B - Virtual size: 961B

.data Size: 213KB - Virtual size: 451KB

.go Size: 2KB - Virtual size: 3KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 18KB - Virtual size: 17KB

.pghfZ
Size: 2KB - Virtual size: 2KB

.B
Size: 1KB - Virtual size: 2KB

.utmKY
Size: 1024B - Virtual size: 1KB

.T
Size: 1KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 3KB

.hVu
Size: 1024B - Virtual size: 961B

.data
Size: 213KB - Virtual size: 451KB

.go
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 16KB - Virtual size: 16KB