2635e9f93ca9dd60f16ce6f797c58308_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2635e9f93ca9dd60f16ce6f797c58308_JaffaCakes118
Size

103KB
MD5

2635e9f93ca9dd60f16ce6f797c58308
SHA1

70c67df3da27f9b932462cf8b7fd50711717c68c
SHA256

538d108b4087618dc772b7c97d9862ec589dc0dac9cb1abb2e63f284ec028d1a
SHA512

93356e0a5ab7d5e9a088355fe93c0d95c893e0213f975e5d7254127b194e1dc0e0f9564d14adf77f6e092a92dece6de905af28074bdae7909512a6f679bda4f2
SSDEEP

1536:o9zF3u5C7P3lpi+Zr85rWnsk17tvkX8Ob7jBjYT3oXmLEWuOgh6R3f3:oJF+A7i+Zr856nsk1JsXZFsTu3Whg0R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2635e9f93ca9dd60f16ce6f797c58308_JaffaCakes118

Files

2635e9f93ca9dd60f16ce6f797c58308_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f023aa5c7f8912ba774d37934d5b851b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClipboardFormatW
GetDlgItem
GetWindowLongW
LoadImageW
WinHelpW
SetFocus
SetDlgItemTextW
EndDialog
LoadIconW
SetCursor
GetParent
LoadStringW
EnableWindow
PostMessageW
ReleaseDC
SetWindowLongW
InsertMenuItemW
SendDlgItemMessageW
wsprintfW
SystemParametersInfoW
LoadCursorW
DialogBoxParamW
GetDC
LoadBitmapW
SendMessageW
SetWindowTextW
MessageBoxW
GetDlgItemTextA

kernel32

IsBadReadPtr
FileTimeToLocalFileTime
GetEnvironmentStringsW
GlobalUnlock
GetModuleHandleA
OutputDebugStringW
lstrcmpiW
RemoveDirectoryA
LocalFree
CreateFileW
GetSystemTimeAsFileTime
OutputDebugStringA
GetCurrentProcess
LoadLibraryW
InterlockedIncrement
WideCharToMultiByte
GetModuleFileNameW
GlobalAlloc
InterlockedDecrement
lstrcpyW
GetLastError
lstrlenW
GetStartupInfoA
GetACP
SetUnhandledExceptionFilter
GetSystemWindowsDirectoryW
InitializeCriticalSection
LocalReAlloc
FileTimeToSystemTime
GlobalLock
CloseHandle
GetSystemDefaultLangID
GlobalFree
QueryPerformanceCounter
GetTickCount
FormatMessageW
SetLastError
GetDateFormatW
GetComputerNameW
DeleteCriticalSection

certcli

CAFreeCertTypeProperty
CAEnumCertTypes
CASetCertTypeProperty
CASetCertTypeExtension
CAFreeCAProperty
CAGetCertTypeExtensions
CAGetCertTypeFlags
CARemoveCACertificateType
CAGetCAProperty
CAGetCertTypeProperty
CASetCertTypeKeySpec
CAFindCertTypeByName
CACertTypeGetSecurity
CAEnumNextCertType
CAEnumCertTypesForCA
CAFindByName
CACloseCertType
CAFreeCertTypeExtensions
CAGetCertTypePropertyEx
CAGetCertTypeKeySpec
CASetCertTypeFlags
CAUpdateCA
CAAddCACertificateType
CACloseCA
CACreateCertType
CACertTypeSetSecurity
CAUpdateCertType

msvcrt

_wcsicmp
memmove
_except_handler3
wcscmp
free
wcscat
wcsstr
wcsrchr
__dllonexit
_adjust_fdiv
wcstoul
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__RTDynamicCast
malloc
wcslen
wcscpy
??3@YAXPAX@Z
??2@YAPAXI@Z
_initterm
_wcsupr
mbstowcs
_purecall
wcschr
vswprintf
_onexit

advapi32

RegSetValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegQueryValueExW
RegEnumKeyExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f023aa5c7f8912ba774d37934d5b851b

Headers

File Characteristics

Imports

user32

kernel32

certcli

msvcrt

advapi32

comctl32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 113KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 113KB

.rsrc
Size: 25KB - Virtual size: 25KB