285041c24912e8b58fb25e53f820c766_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

285041c24912e8b58fb25e53f820c766_JaffaCakes118
Size

100KB
MD5

285041c24912e8b58fb25e53f820c766
SHA1

cabdf51363a80aca1b94aea9144bd316bfa0236a
SHA256

b4368f5223b5b6c9d4f1520f1332f3894a957036d95fb7e2d6083c13ca45d088
SHA512

692d495d89025ea551f1e39f39d436d043c2390778f63e1bcc83bf3ef5d8cee538b5ba4d92f49bce2534d77be87bca9ed69bf12119f2f54c439bb19b2580332d
SSDEEP

3072:M23lniZd+hbZpguiLs9F4eeBHCxq7L1x8852Nbw:930fIbZpfiLsL+x8852d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
285041c24912e8b58fb25e53f820c766_JaffaCakes118

Files

285041c24912e8b58fb25e53f820c766_JaffaCakes118
.exe windows:5 windows x86 arch:x86

703d8bb075e0053ff730ba7f506d765d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowLongW
GetDC
InsertMenuItemW
SendMessageW
EnableWindow
SetWindowLongW
EndDialog
LoadImageW
SetCursor
DialogBoxParamW
SetFocus
GetParent
LoadCursorW
LoadBitmapW
ReleaseDC
SetWindowTextW
GetDlgItem
LoadStringW
SendDlgItemMessageW
wsprintfW
RegisterClipboardFormatW
MessageBoxW
GetDlgItemTextA
LoadIconW
SystemParametersInfoW
PostMessageW
SetDlgItemTextW
WinHelpW

msvcrt

wcscmp
malloc
wcscpy
free
__RTDynamicCast
_adjust_fdiv
_onexit
wcstoul
??3@YAXPAX@Z
memmove
?terminate@@YAXXZ
mbstowcs
??1type_info@@UAE@XZ
wcscat
_except_handler3
wcsrchr
wcslen
_initterm
_purecall
wcsstr
_wcsicmp
_wcsupr
__dllonexit
wcschr
??2@YAPAXI@Z
vswprintf

kernel32

lstrcmpiW
FileTimeToSystemTime
GlobalAlloc
GlobalUnlock
FileTimeToLocalFileTime
GetModuleHandleA
InterlockedDecrement
GetDateFormatW
GlobalLock
GetStartupInfoA
GetEnvironmentStringsW
lstrcpyW
LocalFree
InitializeCriticalSection
RemoveDirectoryA
IsBadReadPtr
GetACP
GetSystemTimeAsFileTime
CloseHandle
LoadLibraryW
LocalReAlloc
GetModuleFileNameW
lstrlenW
GetSystemDefaultLangID
DeleteCriticalSection
OutputDebugStringA
SetUnhandledExceptionFilter
GetLastError
GetSystemWindowsDirectoryW
GetTickCount
CreateFileW
QueryPerformanceCounter
InterlockedIncrement
GetComputerNameW
FormatMessageW
OutputDebugStringW
GetCurrentProcess
GlobalFree
SetLastError
WideCharToMultiByte

certcli

CAGetCertTypeProperty
CASetCertTypeExtension
CAGetCertTypePropertyEx
CAGetCertTypeKeySpec
CAEnumCertTypes
CAUpdateCA
CACreateCertType
CAGetCAProperty
CAFreeCAProperty
CAFindCertTypeByName
CARemoveCACertificateType
CACloseCA
CAFreeCertTypeProperty
CACertTypeGetSecurity
CAEnumNextCertType
CASetCertTypeKeySpec
CAGetCertTypeExtensions
CAGetCertTypeFlags
CAAddCACertificateType
CACertTypeSetSecurity
CASetCertTypeProperty
CAFindByName
CASetCertTypeFlags
CACloseCertType
CAUpdateCertType
CAFreeCertTypeExtensions
CAEnumCertTypesForCA

advapi32

RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

703d8bb075e0053ff730ba7f506d765d

Headers

File Characteristics

Imports

user32

msvcrt

kernel32

certcli

advapi32

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 125KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 125KB

.rsrc
Size: 23KB - Virtual size: 23KB