1805db20ac34804e80ca4ccf797b5bf9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1805db20ac34804e80ca4ccf797b5bf9_JaffaCakes118
Size

98KB
MD5

1805db20ac34804e80ca4ccf797b5bf9
SHA1

410645a3132e854da569a07233fe81a748d7b1ba
SHA256

ba668e13f354020465dceb90ab2cd059531733d7ffceb0c828e958c0716b5752
SHA512

ab01d600e79a4ff643f505573cc4b65ce857e4cc90b0c4ebeaea64f87459aafa6a1a5a3644b9df8bf150b800501d780b08dc85e025611cb3e7ec3a9c2e26addd
SSDEEP

1536:sPdNy3zltZRf8IHpwFrpMiw2pgRhufp8opO6rS4:sPX4XrWM12pgifawX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1805db20ac34804e80ca4ccf797b5bf9_JaffaCakes118

Files

1805db20ac34804e80ca4ccf797b5bf9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dc9cf1c7818ff73d10f092f9056e8013

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadImageW
LoadCursorW
MessageBoxW
GetWindowLongW
SystemParametersInfoW
SetCursor
EnableWindow
SendMessageW
LoadIconW
EndDialog
ReleaseDC
GetDlgItem
GetDC
WinHelpW
SetFocus
LoadBitmapW
SendDlgItemMessageW
DialogBoxParamW
GetParent
GetDlgItemTextA
SetWindowLongW
RegisterClipboardFormatW
LoadStringW
SetDlgItemTextW
PostMessageW
InsertMenuItemW
wsprintfW
SetWindowTextW

advapi32

RegDeleteValueW
RegSetValueExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW

kernel32

GetSystemDefaultLangID
GetTickCount
FormatMessageW
GetModuleFileNameW
lstrcpyW
GetLastError
LocalReAlloc
GetSystemWindowsDirectoryW
GetModuleHandleA
lstrcmpiW
GetDateFormatW
DeleteCriticalSection
LoadLibraryW
GlobalLock
OutputDebugStringA
GlobalAlloc
GlobalUnlock
WideCharToMultiByte
lstrlenW
InterlockedIncrement
GetEnvironmentStringsW
InitializeCriticalSection
LocalFree
IsBadReadPtr
GlobalFree
SetLastError
GetACP
QueryPerformanceCounter
CloseHandle
FileTimeToLocalFileTime
RemoveDirectoryA
FileTimeToSystemTime
GetCurrentProcess
GetStartupInfoA
GetSystemTimeAsFileTime
OutputDebugStringW
SetUnhandledExceptionFilter
GetComputerNameW
CreateFileW
InterlockedDecrement

msvcrt

vswprintf
_except_handler3
_onexit
wcslen
_wcsupr
_purecall
wcsstr
_wcsicmp
wcscat
?terminate@@YAXXZ
_adjust_fdiv
_initterm
wcsrchr
mbstowcs
wcscmp
??2@YAPAXI@Z
wcschr
__RTDynamicCast
??1type_info@@UAE@XZ
wcscpy
free
__dllonexit
memmove
wcstoul
malloc
??3@YAXPAX@Z

certcli

CAGetCAProperty
CAGetCertTypePropertyEx
CACloseCertType
CAUpdateCA
CAGetCertTypeFlags
CAEnumCertTypes
CACertTypeGetSecurity
CAFreeCAProperty
CASetCertTypeKeySpec
CACloseCA
CAEnumNextCertType
CAFindCertTypeByName
CARemoveCACertificateType
CAFindByName
CASetCertTypeExtension
CAGetCertTypeKeySpec
CASetCertTypeFlags
CACertTypeSetSecurity
CAGetCertTypeProperty
CASetCertTypeProperty
CAFreeCertTypeExtensions
CAEnumCertTypesForCA
CAUpdateCertType
CAAddCACertificateType
CAFreeCertTypeProperty
CAGetCertTypeExtensions
CACreateCertType

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc9cf1c7818ff73d10f092f9056e8013

Headers

File Characteristics

Imports

user32

advapi32

kernel32

msvcrt

certcli

comctl32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 79KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 79KB

.rsrc
Size: 23KB - Virtual size: 22KB