277bcca193e4198143130d9d2ea519ef_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

277bcca193e4198143130d9d2ea519ef_JaffaCakes118
Size

101KB
MD5

277bcca193e4198143130d9d2ea519ef
SHA1

29a76c81565062d5aacbd2b35cb93ef2044ebf8e
SHA256

37043390a3c88edfb8a78ec47715f76210b814334775b354ce9edd385aabaf00
SHA512

727b87f090018a7439fbc2b110cbe5e328824cf20d56ef424c9f32631bf3d89c42e847ceba8d1fd9354166e70366b4221edef736f3c7428088a90176b9172578
SSDEEP

1536:jcRMM/Z2ru/WiGcilfsrKSvgXMas55O/npDNN1TIMbP:jcRMfaXiIdzai5SnpDNTtb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
277bcca193e4198143130d9d2ea519ef_JaffaCakes118

Files

277bcca193e4198143130d9d2ea519ef_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e971ec8bc53942f30e2d73f66c7ea75e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
GetSystemDefaultLangID
GetSystemWindowsDirectoryW
GetDateFormatW
GetTickCount
GetStartupInfoA
GlobalLock
lstrlenW
GetComputerNameW
GetLastError
GetProcAddress
QueryPerformanceCounter
FileTimeToSystemTime
LoadLibraryW
GlobalFree
LocalFree
lstrcmpiW
CloseHandle
OutputDebugStringA
GlobalAlloc
LocalReAlloc
InterlockedDecrement
GlobalUnlock
GetModuleHandleA
GetEnvironmentStringsW
IsBadReadPtr
GetModuleFileNameW
SetUnhandledExceptionFilter
OutputDebugStringW
DeleteCriticalSection
SetLastError
InterlockedIncrement
CreateFileW
RemoveDirectoryA
FormatMessageW
lstrcpyW
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
GetCurrentProcess
WideCharToMultiByte
GetCPInfo

user32

GetDlgItem
LoadBitmapW
EnableWindow
DialogBoxParamW
SetCursor
LoadIconW
SetFocus
EndDialog
GetDC
WinHelpW
SendMessageW
RegisterClipboardFormatW
SendDlgItemMessageW
SetWindowTextW
GetDlgItemTextA
GetWindowLongW
MessageBoxW
GetParent
SetDlgItemTextW
PostMessageW
LoadStringW
LoadCursorW
ReleaseDC
LoadImageW
wsprintfW
SetWindowLongW
SystemParametersInfoW
InsertMenuItemW

certcli

CACloseCA
CAGetCertTypeProperty
CACloseCertType
CAAddCACertificateType
CAFreeCertTypeExtensions
CASetCertTypeFlags
CAFindByName
CAEnumCertTypes
CAFindCertTypeByName
CAUpdateCA
CAEnumNextCertType
CAGetCAProperty
CAEnumCertTypesForCA
CASetCertTypeProperty
CASetCertTypeKeySpec
CACertTypeGetSecurity
CAGetCertTypeExtensions
CASetCertTypeExtension
CACreateCertType
CACertTypeSetSecurity
CARemoveCACertificateType
CAGetCertTypePropertyEx
CAGetCertTypeKeySpec
CAUpdateCertType
CAGetCertTypeFlags
CAFreeCertTypeProperty
CAFreeCAProperty

msvcrt

wcsrchr
wcsstr
wcstoul
_initterm
free
wcscat
?terminate@@YAXXZ
_wcsicmp
_except_handler3
??2@YAPAXI@Z
??3@YAXPAX@Z
_wcsupr
__RTDynamicCast
_onexit
wcscmp
malloc
memmove
??1type_info@@UAE@XZ
_adjust_fdiv
wcscpy
wcslen
vswprintf
mbstowcs
__dllonexit
wcschr

advapi32

RegDeleteKeyW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e971ec8bc53942f30e2d73f66c7ea75e

Headers

File Characteristics

Imports

kernel32

user32

certcli

msvcrt

advapi32

comctl32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 94KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 94KB

.rsrc
Size: 23KB - Virtual size: 23KB