10724ea6e84782c76963dbedc79f7531_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

10724ea6e84782c76963dbedc79f7531_JaffaCakes118
Size

99KB
MD5

10724ea6e84782c76963dbedc79f7531
SHA1

5f4ca5f253878c60b5f565bb32acb093f6d144ee
SHA256

d6369bd3689156d89fe3d4240339277571c9f30f491025b676fe82d430b55c2d
SHA512

64b29e5b93f1116bc34b3c87e254572c4d6fbac96b484ff34584bf1427b23879f845fd6cb8eb76655ee842bb1662c3b089ada406bc379cffa8cf130afc3f4f5b
SSDEEP

1536:+hC4+aTrFwihHs/aNtGWHWbiY3PT7XJCTQ2wTGy1NP/pJtlt+MbRji31xZg:WCiTjHsKt/qJ3XXt7NJJtPRG31D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10724ea6e84782c76963dbedc79f7531_JaffaCakes118

Files

10724ea6e84782c76963dbedc79f7531_JaffaCakes118
.exe windows:5 windows x86 arch:x86

025dc9fc707775807446e009f243c214

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SystemParametersInfoW
LoadIconW
SetFocus
SetCursor
LoadBitmapW
GetDlgItemTextA
SetWindowLongW
SetWindowTextW
GetParent
DialogBoxParamW
ReleaseDC
GetDC
GetWindowLongW
WinHelpW
GetDlgItem
SendMessageW
SendDlgItemMessageW
wsprintfW
InsertMenuItemW
EndDialog
SetDlgItemTextW
MessageBoxW
PostMessageW
EnableWindow
LoadStringW
LoadCursorW
RegisterClipboardFormatW
LoadImageW

msvcrt

wcsstr
wcstoul
??3@YAXPAX@Z
_wcsicmp
?terminate@@YAXXZ
mbstowcs
_onexit
wcscpy
__RTDynamicCast
vswprintf
??2@YAPAXI@Z
__dllonexit
memmove
free
malloc
wcscat
??1type_info@@UAE@XZ
_wcsupr
_adjust_fdiv
_except_handler3
wcscmp
_initterm
wcslen
wcschr
wcsrchr

certcli

CARemoveCACertificateType
CACreateCertType
CAFreeCAProperty
CASetCertTypeFlags
CACloseCA
CASetCertTypeKeySpec
CAEnumCertTypes
CAFreeCertTypeProperty
CAGetCertTypePropertyEx
CAGetCertTypeFlags
CACertTypeSetSecurity
CAUpdateCA
CAFreeCertTypeExtensions
CAAddCACertificateType
CASetCertTypeExtension
CAGetCertTypeExtensions
CAEnumCertTypesForCA
CAEnumNextCertType
CACloseCertType
CASetCertTypeProperty
CAGetCertTypeKeySpec
CAGetCAProperty
CAFindByName
CACertTypeGetSecurity
CAUpdateCertType
CAFindCertTypeByName
CAGetCertTypeProperty

kernel32

FileTimeToLocalFileTime
GetTickCount
LocalReAlloc
InterlockedIncrement
GlobalLock
GetSystemTimeAsFileTime
GetCurrentProcess
lstrcpyW
GlobalFree
GetCurrentThread
lstrcmpiW
FileTimeToSystemTime
LocalFree
WideCharToMultiByte
GetModuleHandleA
GetSystemDefaultLangID
GetEnvironmentStringsW
IsBadReadPtr
OutputDebugStringW
DeleteCriticalSection
GetComputerNameW
CreateFileW
GetSystemWindowsDirectoryW
GetDateFormatW
LoadLibraryW
OutputDebugStringA
lstrlenW
FormatMessageW
GetStartupInfoA
InterlockedDecrement
GetProcAddress
InitializeCriticalSection
GetLastError
GlobalAlloc
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetCPInfo
GlobalUnlock
CloseHandle
GetModuleFileNameW
SetLastError

advapi32

RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

025dc9fc707775807446e009f243c214

Headers

File Characteristics

Imports

user32

msvcrt

certcli

kernel32

advapi32

comctl32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 125KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 125KB

.rsrc
Size: 23KB - Virtual size: 22KB