f3fdf40cebdc6e734d12e9a8dc8446e5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f3fdf40cebdc6e734d12e9a8dc8446e5_JaffaCakes118
Size

285KB
MD5

f3fdf40cebdc6e734d12e9a8dc8446e5
SHA1

02760abc8a2d613f5add77f9f9ff130e4b9856ec
SHA256

e161a33989b0fb6194eb351e2e37f2ac2bba6c61978df71e8bd8d44227211866
SHA512

c2a5cfe389e13cb47e2aa301a7e3abb231e570ee3f6988cf22fd5d22bf0773bb670d3c60398b98ca681ff7da16684651b2ee324b3f6f97fb12b6768b1dba74de
SSDEEP

6144:KKMmlhXmJQmeWQnfojSdWir/OUxhTi7F045x6FECHuObckrSF:yJZ0Wk/FUBZCHuphF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3fdf40cebdc6e734d12e9a8dc8446e5_JaffaCakes118

Files

f3fdf40cebdc6e734d12e9a8dc8446e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc8cfc218923dd58d63e18dcea47b58e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptDecrypt
CryptHashData
RegSetValueExA
CryptCreateHash
CryptDestroyHash
CryptEncrypt
CryptExportKey
RegCloseKey
RegQueryValueExA
CryptReleaseContext
CryptSignHashA
CryptGenKey
CryptVerifySignatureA
RegCreateKeyExA
CryptAcquireContextW
CryptGetHashParam
CryptImportKey
CryptDestroyKey
TraceEvent

ntdll

RtlUnwind

msvcrt

__dllonexit
_amsg_exit
_itow
wcschr
wcsstr
_onexit
memmove
_wtoi
rand
_initterm
srand
memcpy
_ui64tow
_XcptFilter
_wcsnicmp
wcsncmp
time
_vsnwprintf
free
_purecall
_lock
memset
malloc
_unlock

kernel32

HeapFree
GetSystemDefaultLangID
WaitForSingleObject
CreateEventW
EnterCriticalSection
VirtualFree
CreateFileMappingW
LocalAlloc
GetModuleHandleW
lstrlenA
DeleteCriticalSection
DeviceIoControl
GlobalMemoryStatus
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
SetLastError
InitializeCriticalSectionAndSpinCount
CreateFileW
GetLocalTime
lstrlenW
GetCurrentThreadId
SystemTimeToFileTime
FileTimeToSystemTime
MapViewOfFile
FreeEnvironmentStringsA
LocalFree
VirtualAlloc
LeaveCriticalSection
SetUnhandledExceptionFilter
ResetEvent
HeapAlloc
WideCharToMultiByte
UnhandledExceptionFilter
GetDiskFreeSpaceA
SetFilePointer
FreeLibrary
GetProcessHeap
VirtualProtect
FreeEnvironmentStringsW
UnmapViewOfFile
GetFileSize
CloseHandle
ReadFile
GetStartupInfoW

rpcrt4

I_RpcMapWin32Status
UuidFromStringW
UuidToStringW
RpcStringFreeW

duser

CreateAction
SetActionTimeslice
GetStdPalette
SetGadgetFillF
DUserRegisterGuts
DllMain
DUserCastHandle
GetGadgetAnimation
UnregisterGadgetMessageString
ForwardGadgetMessage

cliconfg

ClientConfigureAddEdit
OnInitDialogMain

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 249KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc8cfc218923dd58d63e18dcea47b58e

Headers

File Characteristics

Imports

advapi32

ntdll

msvcrt

kernel32

rpcrt4

duser

cliconfg

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 249KB - Virtual size: 251KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 249KB - Virtual size: 251KB

.rsrc
Size: 11KB - Virtual size: 10KB