0370f3a4367e32f97022f57e89347545_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0370f3a4367e32f97022f57e89347545_JaffaCakes118
Size

99KB
MD5

0370f3a4367e32f97022f57e89347545
SHA1

ac0bdcac53410395387611a2d62fc9b8ab9e9d80
SHA256

fcd4a06ee44033215b7fb8f7955a31ee5b3a1ae7806dd0704d93873344369c8d
SHA512

4af4bcfe82118ec7d96efb596a51d5dce438d245b7a46f42420fe47b5af46a0a843face60fc8c2cc4bcaa473166ed385d0479a73f67a7c0570c1c5a363db76d4
SSDEEP

3072:ZO9D3+M5N+H8ygWQcUuNP7mpO7hHwJFc:Gr+UUgW4u5hwU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0370f3a4367e32f97022f57e89347545_JaffaCakes118

Files

0370f3a4367e32f97022f57e89347545_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eef95b87af5fad0c8042103907935d59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
RegSetValueExW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW

kernel32

QueryPerformanceCounter
OutputDebugStringW
GetDateFormatW
DeleteCriticalSection
GetEnvironmentStringsW
WideCharToMultiByte
GetModuleFileNameW
GetModuleHandleA
InitializeCriticalSection
GetSystemTimeAsFileTime
GetACP
InterlockedIncrement
LocalReAlloc
CreateFileW
GetSystemDefaultLangID
FileTimeToLocalFileTime
lstrlenW
FileTimeToSystemTime
GetLastError
RemoveDirectoryA
GetCurrentProcess
CloseHandle
SetLastError
GlobalLock
GlobalAlloc
InterlockedDecrement
SetUnhandledExceptionFilter
IsBadReadPtr
lstrcpyW
GetComputerNameW
OutputDebugStringA
GlobalUnlock
LocalFree
GetSystemWindowsDirectoryW
FormatMessageW
lstrcmpiW
GetTickCount
LoadLibraryW
GlobalFree
GetStartupInfoA

certcli

CARemoveCACertificateType
CACertTypeSetSecurity
CASetCertTypeFlags
CAEnumCertTypesForCA
CACloseCertType
CAGetCAProperty
CAGetCertTypeExtensions
CAUpdateCertType
CAEnumCertTypes
CAGetCertTypeKeySpec
CACreateCertType
CAGetCertTypePropertyEx
CACloseCA
CAFreeCertTypeProperty
CAAddCACertificateType
CACertTypeGetSecurity
CAFindByName
CASetCertTypeProperty
CAEnumNextCertType
CAUpdateCA
CAFreeCertTypeExtensions
CAFreeCAProperty
CAGetCertTypeFlags
CAFindCertTypeByName
CAGetCertTypeProperty
CASetCertTypeExtension
CASetCertTypeKeySpec

msvcrt

wcscat
wcschr
__RTDynamicCast
_onexit
?terminate@@YAXXZ
_initterm
memmove
_wcsicmp
??3@YAXPAX@Z
_except_handler3
??1type_info@@UAE@XZ
mbstowcs
wcsrchr
malloc
wcscpy
__dllonexit
vswprintf
wcstoul
wcslen
free
wcscmp
_adjust_fdiv
wcsstr
??2@YAPAXI@Z
_purecall
_wcsupr

user32

SetCursor
GetDC
LoadIconW
SetWindowLongW
GetDlgItem
MessageBoxW
SendDlgItemMessageW
GetWindowLongW
InsertMenuItemW
SendMessageW
ReleaseDC
SetDlgItemTextW
EnableWindow
WinHelpW
LoadImageW
EndDialog
RegisterClipboardFormatW
SetFocus
SetWindowTextW
LoadBitmapW
GetParent
wsprintfW
SystemParametersInfoW
LoadStringW
LoadCursorW
PostMessageW
DialogBoxParamW
GetDlgItemTextA

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eef95b87af5fad0c8042103907935d59

Headers

File Characteristics

Imports

advapi32

kernel32

certcli

msvcrt

user32

comctl32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 112KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 112KB

.rsrc
Size: 23KB - Virtual size: 23KB