126267399fe98a7b438bb2d515d9a22a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

126267399fe98a7b438bb2d515d9a22a_JaffaCakes118
Size

102KB
MD5

126267399fe98a7b438bb2d515d9a22a
SHA1

12731b68994ed0bad268f60650abcb3afa3972fe
SHA256

c67acac93c26ab2709c092c5c3e606d8723fddcec5471bfe65798ad580266252
SHA512

745afe3d2f0169a885c718f0d9ec32b6633af5749dded02e774a1072702d3ca749e48e2a49cc60c8f9978ae7540740bbd7e62607b1d445ae119783dfe7c3f1b2
SSDEEP

3072:Ty77A56adq+C86nSwu/L1KvsuPpYC/01kzQAPr:GXShR6FuT8vJR/0+v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
126267399fe98a7b438bb2d515d9a22a_JaffaCakes118

Files

126267399fe98a7b438bb2d515d9a22a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

674dd4756011109ffbcc63c69690beeb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAEnumNextCertType
CASetCertTypeFlags
CAEnumCertTypes
CASetCertTypeProperty
CACertTypeSetSecurity
CAGetCertTypeKeySpec
CARemoveCACertificateType
CAUpdateCA
CAFindByName
CAGetCertTypeExtensions
CAGetCertTypeFlags
CACertTypeGetSecurity
CAUpdateCertType
CAFreeCertTypeExtensions
CAEnumCertTypesForCA
CAFreeCertTypeProperty
CAGetCertTypePropertyEx
CAAddCACertificateType
CAGetCAProperty
CACloseCA
CACloseCertType
CAFreeCAProperty
CASetCertTypeExtension
CACreateCertType
CAFindCertTypeByName
CASetCertTypeKeySpec
CAGetCertTypeProperty

kernel32

GetModuleHandleA
GetEnvironmentStringsW
SetLastError
GetStartupInfoA
GetSystemDefaultLangID
GetProcAddress
GetLastError
lstrcpyW
FormatMessageW
GetDateFormatW
GetCurrentProcess
CreateFileW
InterlockedDecrement
CloseHandle
LocalFree
OutputDebugStringW
SetUnhandledExceptionFilter
OutputDebugStringA
GlobalUnlock
GetCurrentThread
lstrlenW
GetModuleFileNameW
GlobalLock
GetSystemWindowsDirectoryW
GlobalAlloc
IsBadReadPtr
FileTimeToSystemTime
WideCharToMultiByte
GetSystemTimeAsFileTime
DeleteCriticalSection
LocalReAlloc
InterlockedIncrement
QueryPerformanceCounter
GetCPInfo
LoadLibraryW
GlobalFree
InitializeCriticalSection
GetTickCount
FileTimeToLocalFileTime
lstrcmpiW
GetComputerNameW

user32

LoadImageW
SendMessageW
EndDialog
LoadCursorW
GetParent
RegisterClipboardFormatW
GetDlgItem
InsertMenuItemW
SendDlgItemMessageW
DialogBoxParamW
LoadBitmapW
MessageBoxW
GetWindowLongW
LoadStringW
EnableWindow
LoadIconW
WinHelpW
PostMessageW
GetDC
wsprintfW
SetFocus
SystemParametersInfoW
SetWindowLongW
SetWindowTextW
GetDlgItemTextA
SetCursor
ReleaseDC
SetDlgItemTextW

msvcrt

wcsstr
_except_handler3
wcscat
memmove
malloc
vswprintf
?terminate@@YAXXZ
??1type_info@@UAE@XZ
wcsrchr
wcschr
_onexit
mbstowcs
_wcsicmp
wcscmp
_initterm
_wcsupr
free
??2@YAPAXI@Z
wcslen
wcstoul
??3@YAXPAX@Z
__RTDynamicCast
wcscpy
__dllonexit
_adjust_fdiv

advapi32

RegCreateKeyExW
RegEnumKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

674dd4756011109ffbcc63c69690beeb

Headers

File Characteristics

Imports

certcli

kernel32

user32

msvcrt

advapi32

comctl32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 106KB

.rsrc Size: 25KB - Virtual size: 24KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 106KB

.rsrc
Size: 25KB - Virtual size: 24KB