3c27ad3e8eb59f9d62d9e7f6bf198a67_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c27ad3e8eb59f9d62d9e7f6bf198a67_JaffaCakes118
Size

100KB
MD5

3c27ad3e8eb59f9d62d9e7f6bf198a67
SHA1

d734dd25bb5eb69f2ca20df55a57766794b1e9d2
SHA256

18f21e485ce3faad613f4d1a04ab04492e56fa1b42eb5ded6e27d3e30ca3e20d
SHA512

7d25b7f5f834b0f0b32b7d5faf8ffa6ed574bf6ea49fffd8f5ec496c3bb64944be5c3fdf3bbaafcff86b98afcad7e968520bb117e0a63499a9fcc1fec65ee8e4
SSDEEP

3072:RJIrR9H4jz0A+n5N0gI50FNZHvOnrZi3:HI/HUoAqe0lPIr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c27ad3e8eb59f9d62d9e7f6bf198a67_JaffaCakes118

Files

3c27ad3e8eb59f9d62d9e7f6bf198a67_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8c9bae67b0b1dc09d5bcc370bea7a580

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAUpdateCertType
CAUpdateCA
CAEnumCertTypesForCA
CAEnumNextCertType
CAFindByName
CACreateCertType
CAEnumCertTypes
CAGetCertTypeProperty
CASetCertTypeKeySpec
CAGetCertTypeKeySpec
CAFindCertTypeByName
CACloseCA
CAAddCACertificateType
CARemoveCACertificateType
CASetCertTypeExtension
CAGetCAProperty
CAFreeCAProperty
CAGetCertTypeFlags
CACloseCertType
CASetCertTypeFlags
CAGetCertTypePropertyEx
CAFreeCertTypeExtensions
CACertTypeSetSecurity
CACertTypeGetSecurity
CASetCertTypeProperty
CAFreeCertTypeProperty
CAGetCertTypeExtensions

user32

RegisterClipboardFormatW
LoadStringW
SendMessageW
GetDlgItemTextA
LoadIconW
LoadCursorW
ReleaseDC
GetWindowLongW
wsprintfW
MessageBoxW
GetDlgItem
SetCursor
PostMessageW
GetParent
LoadImageW
SetDlgItemTextW
WinHelpW
SystemParametersInfoW
SendDlgItemMessageW
SetFocus
LoadBitmapW
SetWindowTextW
SetWindowLongW
GetDC
EnableWindow
EndDialog
DialogBoxParamW
InsertMenuItemW

kernel32

WideCharToMultiByte
GetCurrentProcess
GlobalAlloc
CloseHandle
DeleteCriticalSection
OutputDebugStringW
GetEnvironmentStringsW
GetModuleHandleA
GetLastError
GetStartupInfoA
FormatMessageW
GetDateFormatW
InterlockedDecrement
SetUnhandledExceptionFilter
GetACP
GetSystemWindowsDirectoryW
LocalFree
SetLastError
IsBadReadPtr
QueryPerformanceCounter
InterlockedIncrement
GetSystemDefaultLangID
lstrcpyW
InitializeCriticalSection
FileTimeToSystemTime
LoadLibraryW
lstrcmpiW
GlobalFree
lstrlenW
GetModuleFileNameW
GlobalLock
GetSystemTimeAsFileTime
OutputDebugStringA
CreateFileW
GetTickCount
FileTimeToLocalFileTime
GlobalUnlock
RemoveDirectoryA
LocalReAlloc
GetComputerNameW

msvcrt

wcsrchr
_initterm
_adjust_fdiv
wcschr
vswprintf
??3@YAXPAX@Z
_except_handler3
free
mbstowcs
??2@YAPAXI@Z
_onexit
memmove
_wcsicmp
malloc
??1type_info@@UAE@XZ
wcslen
?terminate@@YAXXZ
wcstoul
wcscpy
__dllonexit
_wcsupr
wcscmp
__RTDynamicCast
_purecall
wcscat
wcsstr

advapi32

RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c9bae67b0b1dc09d5bcc370bea7a580

Headers

File Characteristics

Imports

certcli

user32

kernel32

msvcrt

advapi32

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 87KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 87KB

.rsrc
Size: 23KB - Virtual size: 23KB