16222b86f9946340dfd40a41e0bb9b36_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16222b86f9946340dfd40a41e0bb9b36_JaffaCakes118
Size

99KB
MD5

16222b86f9946340dfd40a41e0bb9b36
SHA1

21cb6c2185bafe8c244705ca6f32620d40dd2abb
SHA256

705edcf91e733cdcaa22f42185d5bb1fca66bbdfd1cd074ec675decc5aa280b7
SHA512

3eccc053345996beaa6b58b761ad523e496cbf1d703b41071400ca5894fb4aa2277ea671ef965494ab370035af581b7394a2f28f55afbc706708723bb90d6dc0
SSDEEP

1536:/AeAZK0s8Q5l7nPXfT2mxOILn1/rA992xM/B1VmUJWpPrp:oZZBs9Pa2LnCmMRm0Ur

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16222b86f9946340dfd40a41e0bb9b36_JaffaCakes118

Files

16222b86f9946340dfd40a41e0bb9b36_JaffaCakes118
.exe windows:5 windows x86 arch:x86

64d25fc6a90ec0d9795406a827724060

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDialog
InsertMenuItemW
GetParent
WinHelpW
SetWindowLongW
SystemParametersInfoW
PostMessageW
LoadStringW
DialogBoxParamW
LoadIconW
SetWindowTextW
SetDlgItemTextW
SetFocus
ReleaseDC
LoadCursorW
RegisterClipboardFormatW
GetDlgItemTextA
GetWindowLongW
LoadImageW
wsprintfW
MessageBoxW
SendDlgItemMessageW
GetDlgItem
LoadBitmapW
GetDC
SendMessageW
EnableWindow
SetCursor

certcli

CAGetCAProperty
CAFindCertTypeByName
CAFreeCertTypeProperty
CAUpdateCertType
CASetCertTypeProperty
CAFindByName
CARemoveCACertificateType
CASetCertTypeKeySpec
CAGetCertTypeKeySpec
CASetCertTypeFlags
CAGetCertTypeFlags
CASetCertTypeExtension
CACloseCA
CAEnumNextCertType
CAGetCertTypeExtensions
CACloseCertType
CACertTypeGetSecurity
CAEnumCertTypes
CAGetCertTypeProperty
CAAddCACertificateType
CAEnumCertTypesForCA
CAGetCertTypePropertyEx
CACreateCertType
CAFreeCertTypeExtensions
CAFreeCAProperty
CACertTypeSetSecurity
CAUpdateCA

kernel32

SetUnhandledExceptionFilter
GetCurrentProcess
QueryPerformanceCounter
GetModuleFileNameW
GetSystemTimeAsFileTime
LoadLibraryW
lstrcmpiW
InterlockedDecrement
SetLastError
CreateFileW
DeleteCriticalSection
CloseHandle
FileTimeToSystemTime
IsBadReadPtr
GlobalAlloc
OutputDebugStringA
GetSystemWindowsDirectoryW
GetModuleHandleA
GetDateFormatW
GetACP
LocalReAlloc
InitializeCriticalSection
lstrcpyW
GetSystemDefaultLangID
GlobalLock
LocalFree
GetTickCount
InterlockedIncrement
GlobalUnlock
FileTimeToLocalFileTime
RemoveDirectoryA
GetLastError
GetStartupInfoA
GetEnvironmentStringsW
GlobalFree
lstrlenW
GetComputerNameW
OutputDebugStringW
WideCharToMultiByte
FormatMessageW

comctl32

CreatePropertySheetPageW
PropertySheetW

advapi32

RegQueryValueExW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegDeleteKeyW
RegOpenKeyExW

msvcrt

wcschr
??1type_info@@UAE@XZ
free
_wcsupr
wcsstr
?terminate@@YAXXZ
_initterm
wcstoul
memmove
wcslen
_wcsicmp
__dllonexit
__RTDynamicCast
malloc
wcscat
mbstowcs
_adjust_fdiv
wcsrchr
??2@YAPAXI@Z
wcscpy
??3@YAXPAX@Z
vswprintf
_onexit
_except_handler3
wcscmp
_purecall

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64d25fc6a90ec0d9795406a827724060

Headers

File Characteristics

Imports

user32

certcli

kernel32

comctl32

advapi32

msvcrt

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 66KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 66KB

.rsrc
Size: 23KB - Virtual size: 23KB