367c31096fa9b897c0e45d2f168634f1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

367c31096fa9b897c0e45d2f168634f1_JaffaCakes118
Size

101KB
MD5

367c31096fa9b897c0e45d2f168634f1
SHA1

40a9a51a03b777bc75e538363f70901501759ef2
SHA256

a3ec4b9f1ffa514594b39f7230ff7a3b9a3d153d79226c42723fbb54897178bd
SHA512

863b5d9ef3f07cc5ae95aaec00cbccb1ae7db5291cedfa384e0331a70d542f32037d6f10f2e0aa793f15aa2d5deee3636d72195c3486f701618091c76746b879
SSDEEP

3072:U4tmAQpKBpkIe9vsiELXp+f5j2EfXRXx:JmAQsBrcEVq5j2S5x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
367c31096fa9b897c0e45d2f168634f1_JaffaCakes118

Files

367c31096fa9b897c0e45d2f168634f1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

69c1abbd4827247319d6cc9311f95d08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CASetCertTypeFlags
CAEnumCertTypes
CAEnumCertTypesForCA
CACloseCertType
CARemoveCACertificateType
CAFreeCertTypeProperty
CAEnumNextCertType
CACreateCertType
CAAddCACertificateType
CAGetCertTypeFlags
CAGetCertTypeExtensions
CASetCertTypeProperty
CAGetCertTypeKeySpec
CAGetCertTypeProperty
CACertTypeGetSecurity
CASetCertTypeKeySpec
CACertTypeSetSecurity
CAFindCertTypeByName
CAFreeCertTypeExtensions
CAGetCAProperty
CAFindByName
CAGetCertTypePropertyEx
CAUpdateCertType
CASetCertTypeExtension
CACloseCA
CAUpdateCA
CAFreeCAProperty

user32

LoadImageW
SetDlgItemTextW
GetDC
GetParent
LoadIconW
SendDlgItemMessageW
LoadCursorW
MessageBoxW
LoadBitmapW
SystemParametersInfoW
SendMessageW
SetWindowLongW
ReleaseDC
GetDlgItemTextA
InsertMenuItemW
EnableWindow
wsprintfW
SetFocus
GetDlgItem
WinHelpW
SetWindowTextW
SetCursor
PostMessageW
LoadStringW
RegisterClipboardFormatW
EndDialog
DialogBoxParamW
GetWindowLongW

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueExW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW

msvcrt

_initterm
wcscmp
_except_handler3
__dllonexit
??3@YAXPAX@Z
?terminate@@YAXXZ
memmove
free
_wcsicmp
_onexit
_wcsupr
wcscat
wcsrchr
vswprintf
__RTDynamicCast
wcscpy
wcsstr
_adjust_fdiv
wcstoul
wcslen
mbstowcs
??1type_info@@UAE@XZ
malloc
wcschr
??2@YAPAXI@Z

kernel32

GetDateFormatW
OutputDebugStringW
GetCPInfo
GetModuleFileNameW
GetProcAddress
GetEnvironmentStringsW
GlobalLock
QueryPerformanceCounter
RemoveDirectoryA
GetComputerNameW
FileTimeToSystemTime
GlobalAlloc
GetLastError
IsBadReadPtr
SetLastError
WideCharToMultiByte
CloseHandle
GetStartupInfoA
GetSystemWindowsDirectoryW
GlobalFree
SetUnhandledExceptionFilter
lstrlenW
FormatMessageW
LocalReAlloc
GlobalUnlock
DeleteCriticalSection
lstrcpyW
GetCurrentProcess
CreateFileW
InterlockedIncrement
InterlockedDecrement
LocalFree
InitializeCriticalSection
lstrcmpiW
GetSystemTimeAsFileTime
OutputDebugStringA
GetTickCount
GetSystemDefaultLangID
GetModuleHandleA
FileTimeToLocalFileTime
LoadLibraryW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69c1abbd4827247319d6cc9311f95d08

Headers

File Characteristics

Imports

certcli

user32

advapi32

msvcrt

kernel32

comctl32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 71KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 71KB

.rsrc
Size: 23KB - Virtual size: 23KB