0a67dc4ce4ffe42b552e0271c88fa486_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a67dc4ce4ffe42b552e0271c88fa486_JaffaCakes118
Size

102KB
MD5

0a67dc4ce4ffe42b552e0271c88fa486
SHA1

2b69ca0579f35aeeb4cc44f734f90351ab1cec30
SHA256

cefd09b6a50dfc30a5aeafc149273aab40e8a9a3d5bb7cbaa1a33dda1f5b97a2
SHA512

3634617082d35ab9da0d609ed4997b8023f0787aff02693eec8facf2c6ec9c0a4a2d99ecdc7338145d030eddccb6968d9b306ea9488e2aebab88b32eb1c91405
SSDEEP

3072:o/3uVXxOvzTL4qwZZ3x1ed9LIz4VZJoU:o7zT8q+j1+IcVZJV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a67dc4ce4ffe42b552e0271c88fa486_JaffaCakes118

Files

0a67dc4ce4ffe42b552e0271c88fa486_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b3340537149ec02280425f635042a1d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CASetCertTypeFlags
CAUpdateCA
CAGetCertTypeKeySpec
CACertTypeGetSecurity
CASetCertTypeExtension
CAFreeCertTypeExtensions
CAFindCertTypeByName
CACloseCA
CAGetCAProperty
CAFreeCAProperty
CAGetCertTypeProperty
CASetCertTypeKeySpec
CAGetCertTypePropertyEx
CACertTypeSetSecurity
CARemoveCACertificateType
CASetCertTypeProperty
CAEnumCertTypes
CAGetCertTypeFlags
CAEnumCertTypesForCA
CAGetCertTypeExtensions
CAFindByName
CACreateCertType
CAFreeCertTypeProperty
CAAddCACertificateType
CAEnumNextCertType
CAUpdateCertType
CACloseCertType

msvcrt

wcscmp
wcschr
malloc
_wcsupr
_purecall
wcscat
__RTDynamicCast
__dllonexit
wcstoul
??1type_info@@UAE@XZ
mbstowcs
wcsstr
free
_initterm
_wcsicmp
wcslen
_adjust_fdiv
?terminate@@YAXXZ
memmove
_except_handler3
vswprintf
??2@YAPAXI@Z
wcscpy
wcsrchr
??3@YAXPAX@Z
_onexit

advapi32

RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW

user32

LoadBitmapW
SystemParametersInfoW
LoadStringW
MessageBoxW
SetWindowTextW
SetWindowLongW
GetParent
SetFocus
EndDialog
SetDlgItemTextW
RegisterClipboardFormatW
EnableWindow
GetDlgItemTextA
GetWindowLongW
WinHelpW
PostMessageW
SendDlgItemMessageW
LoadIconW
wsprintfW
GetDC
LoadCursorW
SendMessageW
SetCursor
DialogBoxParamW
InsertMenuItemW
ReleaseDC
GetDlgItem
LoadImageW

kernel32

GetACP
GetSystemDefaultLangID
InterlockedDecrement
WideCharToMultiByte
GetCurrentProcess
OutputDebugStringW
CloseHandle
SetLastError
GetModuleFileNameW
GetLastError
LocalReAlloc
FormatMessageW
LoadLibraryW
InitializeCriticalSection
DeleteCriticalSection
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FileTimeToSystemTime
QueryPerformanceCounter
IsBadReadPtr
GetDateFormatW
OutputDebugStringA
GetComputerNameW
GlobalUnlock
GetTickCount
GetStartupInfoA
LocalFree
GetModuleHandleA
GlobalLock
GlobalAlloc
SetUnhandledExceptionFilter
lstrcmpiW
FileTimeToLocalFileTime
GetSystemWindowsDirectoryW
InterlockedIncrement
GlobalFree
lstrlenW
CreateFileW
lstrcpyW
RemoveDirectoryA

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3340537149ec02280425f635042a1d4

Headers

File Characteristics

Imports

certcli

msvcrt

advapi32

user32

kernel32

comctl32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 66KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 66KB

.rsrc
Size: 23KB - Virtual size: 23KB