06ac4e084254ea8e5d2030c0f7554d14_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

06ac4e084254ea8e5d2030c0f7554d14_JaffaCakes118
Size

101KB
MD5

06ac4e084254ea8e5d2030c0f7554d14
SHA1

63495a0d1ff5e25e1b4f86d74753a8d612430416
SHA256

b651d7337d49c3e9519e1179a3451219364704ec33e54d2d01c26d3e47e67018
SHA512

f7005d258f0c9235f3319b37b0156db2e1edf852726aca44fbf2cad28c910db0c8b6e972d3948716266a71416281041114adb53e2f811f29b9d944b484d3e150
SSDEEP

1536:A7EKMKmitbLru9qy5mYkgGZEcnhNlfDoN41tzUhIv5JOWQ8cwVj:A79vmid2BmYkh+yh7WmRBJ3cSj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06ac4e084254ea8e5d2030c0f7554d14_JaffaCakes118

Files

06ac4e084254ea8e5d2030c0f7554d14_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4dee49cc62e90cdcc4cb7014e0188fa5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
GlobalFree
SetLastError
DeleteCriticalSection
RemoveDirectoryA
lstrlenW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
WideCharToMultiByte
InterlockedDecrement
SetUnhandledExceptionFilter
LocalReAlloc
lstrcpyW
lstrcmpiW
GetSystemWindowsDirectoryW
GetCPInfo
FileTimeToSystemTime
GetLastError
GetModuleFileNameW
CloseHandle
GetProcAddress
InterlockedIncrement
OutputDebugStringA
GetDateFormatW
QueryPerformanceCounter
GetStartupInfoA
LocalFree
GetTickCount
GetComputerNameW
LoadLibraryW
GlobalAlloc
OutputDebugStringW
GlobalLock
GlobalUnlock
InitializeCriticalSection
FileTimeToLocalFileTime
CreateFileW
IsBadReadPtr
GetCurrentProcess
GetModuleHandleA
FormatMessageW

advapi32

RegCloseKey
RegSetValueExW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteValueW

certcli

CAGetCertTypeFlags
CAUpdateCertType
CASetCertTypeExtension
CASetCertTypeFlags
CASetCertTypeProperty
CACloseCertType
CAFreeCertTypeProperty
CACloseCA
CASetCertTypeKeySpec
CAGetCertTypePropertyEx
CAEnumCertTypesForCA
CAEnumCertTypes
CAFindCertTypeByName
CACreateCertType
CARemoveCACertificateType
CAUpdateCA
CAFreeCertTypeExtensions
CAGetCAProperty
CACertTypeSetSecurity
CAFindByName
CAGetCertTypeExtensions
CAGetCertTypeKeySpec
CACertTypeGetSecurity
CAEnumNextCertType
CAGetCertTypeProperty
CAAddCACertificateType
CAFreeCAProperty

msvcrt

free
malloc
_wcsicmp
_except_handler3
_adjust_fdiv
?terminate@@YAXXZ
wcscmp
wcscpy
wcschr
wcsrchr
wcslen
__RTDynamicCast
??2@YAPAXI@Z
??1type_info@@UAE@XZ
memmove
wcscat
_wcsupr
??3@YAXPAX@Z
mbstowcs
_initterm
wcstoul
vswprintf
__dllonexit
wcsstr
_onexit

user32

GetDlgItemTextA
EnableWindow
GetDC
SetWindowTextW
GetWindowLongW
ReleaseDC
SendDlgItemMessageW
GetDlgItem
wsprintfW
SetDlgItemTextW
RegisterClipboardFormatW
DialogBoxParamW
SetWindowLongW
LoadIconW
LoadStringW
LoadImageW
GetParent
LoadCursorW
PostMessageW
WinHelpW
SetCursor
SendMessageW
MessageBoxW
EndDialog
InsertMenuItemW
SetFocus
LoadBitmapW
SystemParametersInfoW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4dee49cc62e90cdcc4cb7014e0188fa5

Headers

File Characteristics

Imports

kernel32

advapi32

certcli

msvcrt

user32

comctl32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 97KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 97KB

.rsrc
Size: 23KB - Virtual size: 23KB