03ae62a5e99b7f782ced005d35196a99_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

03ae62a5e99b7f782ced005d35196a99_JaffaCakes118
Size

99KB
MD5

03ae62a5e99b7f782ced005d35196a99
SHA1

adda7f53847072290204a374ebb104c5330abcb3
SHA256

374bc7cfcf6c707bc72148a4512efaa175d8eef5d806822ec628baa88e13a267
SHA512

d7c79821ab110c196b2f94a2734374108e1830d44f9e85a12a35289e75b3d4c2c047fef5e4356520c396f05333afba3b2c52eb8ab3a09ddb29a6f35f7d1762fb
SSDEEP

1536:nwv8bdS+3C3upO7A/q/DcFPjjhIZPKp6TbXKUY7NvIMjBLSqiiBGCO:wvApdqrcFP5YU6Trg5IMjBLOR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03ae62a5e99b7f782ced005d35196a99_JaffaCakes118

Files

03ae62a5e99b7f782ced005d35196a99_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b00b8cfa39e0163d4b5b2a295be2a551

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcslen
__RTDynamicCast
vswprintf
mbstowcs
?terminate@@YAXXZ
??2@YAPAXI@Z
wcscpy
_wcsupr
_wcsicmp
_adjust_fdiv
??3@YAXPAX@Z
memmove
free
_purecall
wcscat
wcsrchr
??1type_info@@UAE@XZ
malloc
__dllonexit
wcstoul
_onexit
_except_handler3
wcsstr
_initterm
wcschr
wcscmp

certcli

CAFreeCertTypeProperty
CACloseCA
CASetCertTypeKeySpec
CAUpdateCA
CAGetCAProperty
CACreateCertType
CAGetCertTypeFlags
CACertTypeGetSecurity
CASetCertTypeProperty
CACloseCertType
CAFreeCertTypeExtensions
CAGetCertTypePropertyEx
CAEnumCertTypes
CAGetCertTypeProperty
CAEnumNextCertType
CAGetCertTypeKeySpec
CAFreeCAProperty
CASetCertTypeFlags
CAGetCertTypeExtensions
CARemoveCACertificateType
CAFindCertTypeByName
CAAddCACertificateType
CASetCertTypeExtension
CAEnumCertTypesForCA
CAUpdateCertType
CAFindByName
CACertTypeSetSecurity

kernel32

QueryPerformanceCounter
GetSystemTimeAsFileTime
FileTimeToSystemTime
CloseHandle
lstrlenW
OutputDebugStringA
GetTickCount
GetSystemWindowsDirectoryW
FileTimeToLocalFileTime
GlobalAlloc
LocalReAlloc
GetComputerNameW
GlobalLock
RemoveDirectoryA
GetLastError
GlobalFree
IsBadReadPtr
GetModuleHandleA
GetSystemDefaultLangID
FormatMessageW
GetModuleFileNameW
LocalFree
CreateFileW
GetDateFormatW
lstrcpyW
SetLastError
OutputDebugStringW
WideCharToMultiByte
LoadLibraryW
GetStartupInfoA
GetEnvironmentStringsW
SetUnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
lstrcmpiW
GetACP
GetCurrentProcess
GlobalUnlock
DeleteCriticalSection

comctl32

CreatePropertySheetPageW
PropertySheetW

user32

MessageBoxW
GetParent
WinHelpW
wsprintfW
DialogBoxParamW
ReleaseDC
SetFocus
GetDC
SendMessageW
GetDlgItemTextA
LoadImageW
GetWindowLongW
SetWindowTextW
LoadCursorW
EndDialog
SendDlgItemMessageW
SystemParametersInfoW
LoadIconW
LoadStringW
InsertMenuItemW
SetCursor
GetDlgItem
LoadBitmapW
RegisterClipboardFormatW
EnableWindow
PostMessageW
SetWindowLongW
SetDlgItemTextW

advapi32

RegDeleteValueW
RegCloseKey
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegQueryValueExW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b00b8cfa39e0163d4b5b2a295be2a551

Headers

File Characteristics

Imports

msvcrt

certcli

kernel32

comctl32

user32

advapi32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 110KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 110KB

.rsrc
Size: 23KB - Virtual size: 22KB