0adc9ebf7856ed61b180bea8edd19263_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0adc9ebf7856ed61b180bea8edd19263_JaffaCakes118
Size

103KB
MD5

0adc9ebf7856ed61b180bea8edd19263
SHA1

1642027ee240d9f12b5a44174dae4cc871c47339
SHA256

9bc71751d4165d78eaa11296297817f70edeeaec5800ee69faf9861d6a8e5284
SHA512

c25e812c9fb488af77cf5d94f9f303ebf230662001df7b88829db1bbf8126d80668ddb1e1f6df1cff5df764dcc45c756036d1d0c1866ea6239336ae8219515ec
SSDEEP

3072:e/d8pLKRJtaVIbClZVohPfw2R6iQJnjTmClCmoMM:8tLpm7WhPRoJnjT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0adc9ebf7856ed61b180bea8edd19263_JaffaCakes118

Files

0adc9ebf7856ed61b180bea8edd19263_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7ce4b7b9b969196759b31dd1bf52b294

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
QueryPerformanceCounter
GlobalUnlock
GetCPInfo
GetDateFormatW
IsBadReadPtr
SetLastError
LocalReAlloc
GetSystemDefaultLangID
GetStartupInfoA
GetComputerNameW
InterlockedDecrement
GetCurrentProcess
GetCurrentThread
SetUnhandledExceptionFilter
DeleteCriticalSection
FileTimeToSystemTime
GetModuleHandleA
GetModuleFileNameW
LoadLibraryW
GlobalFree
lstrcmpiW
CreateFileW
OutputDebugStringA
GetSystemWindowsDirectoryW
InterlockedIncrement
WideCharToMultiByte
FormatMessageW
GetLastError
FileTimeToLocalFileTime
CloseHandle
OutputDebugStringW
GetEnvironmentStringsW
GetProcAddress
LocalFree
GetSystemTimeAsFileTime
GetTickCount
GlobalLock
InitializeCriticalSection
lstrcpyW
GlobalAlloc

msvcrt

wcslen
_except_handler3
wcsrchr
wcschr
wcscmp
__dllonexit
malloc
wcstoul
_wcsupr
?terminate@@YAXXZ
wcsstr
??2@YAPAXI@Z
memmove
_wcsicmp
??1type_info@@UAE@XZ
_adjust_fdiv
vswprintf
_onexit
__RTDynamicCast
_initterm
wcscpy
wcscat
free
??3@YAXPAX@Z
mbstowcs

user32

LoadStringW
SetCursor
SendDlgItemMessageW
SystemParametersInfoW
EndDialog
LoadImageW
GetDC
SetWindowTextW
DialogBoxParamW
LoadBitmapW
EnableWindow
SetDlgItemTextW
LoadCursorW
SetWindowLongW
GetWindowLongW
GetParent
ReleaseDC
SetFocus
wsprintfW
LoadIconW
RegisterClipboardFormatW
MessageBoxW
GetDlgItem
InsertMenuItemW
PostMessageW
GetDlgItemTextA
WinHelpW
SendMessageW

certcli

CASetCertTypeKeySpec
CAGetCAProperty
CACloseCertType
CAEnumNextCertType
CACreateCertType
CAFindCertTypeByName
CAGetCertTypeProperty
CAFindByName
CAUpdateCertType
CACertTypeSetSecurity
CAFreeCertTypeProperty
CAEnumCertTypesForCA
CAAddCACertificateType
CAGetCertTypeFlags
CAFreeCAProperty
CAGetCertTypeExtensions
CAGetCertTypeKeySpec
CAUpdateCA
CACloseCA
CAGetCertTypePropertyEx
CARemoveCACertificateType
CAEnumCertTypes
CASetCertTypeExtension
CASetCertTypeFlags
CASetCertTypeProperty
CACertTypeGetSecurity
CAFreeCertTypeExtensions

advapi32

RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ce4b7b9b969196759b31dd1bf52b294

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

certcli

advapi32

comctl32

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 117KB

.rsrc Size: 25KB - Virtual size: 24KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 117KB

.rsrc
Size: 25KB - Virtual size: 24KB