0b785ffba1732690b368a597c633cbdc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b785ffba1732690b368a597c633cbdc_JaffaCakes118
Size

102KB
MD5

0b785ffba1732690b368a597c633cbdc
SHA1

702bc3af50411546011ba8e94861740d96c042d5
SHA256

8b0df1555591d8d62a1d7ac1b998d93f3b1042a74bc7fce566e580f708f16492
SHA512

416980a85297ce3487128fb4b96cd85bfa1ee21498d2720c5db6c255ad0494e07c3232a85ff7d460696ed697eecec7fa2f33c4564ddf1d64e7c43eb332c90ca7
SSDEEP

1536:cCLb2X7P7qPy6byyfoDo2bd++meU+OSLn2gTs6CE:cCMsJo1mL+7PTs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b785ffba1732690b368a597c633cbdc_JaffaCakes118

Files

0b785ffba1732690b368a597c633cbdc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

500406213bd3ab182630ff5008708069

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadIconW
SendMessageW
GetDlgItem
SetWindowTextW
PostMessageW
GetWindowLongW
RegisterClipboardFormatW
LoadImageW
DialogBoxParamW
InsertMenuItemW
SystemParametersInfoW
SetCursor
SetFocus
SendDlgItemMessageW
EnableWindow
LoadBitmapW
GetDC
LoadStringW
LoadCursorW
ReleaseDC
EndDialog
GetDlgItemTextA
GetParent
wsprintfW
MessageBoxW
SetWindowLongW
SetDlgItemTextW
WinHelpW

certcli

CACertTypeGetSecurity
CAEnumNextCertType
CAGetCertTypeExtensions
CAFreeCertTypeProperty
CAGetCertTypeProperty
CACloseCA
CAGetCertTypePropertyEx
CAFindCertTypeByName
CASetCertTypeFlags
CARemoveCACertificateType
CAUpdateCA
CAFreeCertTypeExtensions
CAGetCertTypeKeySpec
CASetCertTypeProperty
CAFindByName
CAGetCAProperty
CASetCertTypeKeySpec
CAGetCertTypeFlags
CAAddCACertificateType
CAFreeCAProperty
CASetCertTypeExtension
CAEnumCertTypes
CAEnumCertTypesForCA
CACertTypeSetSecurity
CAUpdateCertType
CACreateCertType
CACloseCertType

msvcrt

??2@YAPAXI@Z
??1type_info@@UAE@XZ
malloc
vswprintf
_purecall
?terminate@@YAXXZ
__RTDynamicCast
wcschr
wcsrchr
??3@YAXPAX@Z
_initterm
wcslen
wcsstr
mbstowcs
_onexit
_except_handler3
_wcsicmp
_wcsupr
wcstoul
memmove
free
wcscpy
wcscmp
_adjust_fdiv
__dllonexit
wcscat

advapi32

RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegCreateKeyExW

kernel32

FileTimeToSystemTime
WideCharToMultiByte
DeleteCriticalSection
GetModuleHandleA
GlobalUnlock
GetSystemDefaultLangID
GlobalLock
GetStartupInfoA
GetSystemWindowsDirectoryW
CloseHandle
GlobalAlloc
QueryPerformanceCounter
SetLastError
GetACP
LocalFree
GetDateFormatW
CreateFileW
InterlockedDecrement
OutputDebugStringA
GetComputerNameW
lstrcmpiW
GetTickCount
SetUnhandledExceptionFilter
IsBadReadPtr
InitializeCriticalSection
lstrlenW
GetLastError
GetCurrentProcess
GlobalFree
LoadLibraryW
GetModuleFileNameW
FormatMessageW
InterlockedIncrement
LocalReAlloc
lstrcpyW
GetEnvironmentStringsW
FileTimeToLocalFileTime
RemoveDirectoryA
GetSystemTimeAsFileTime
OutputDebugStringW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

500406213bd3ab182630ff5008708069

Headers

File Characteristics

Imports

user32

certcli

msvcrt

advapi32

kernel32

comctl32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 67KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 67KB

.rsrc
Size: 24KB - Virtual size: 24KB