39811e73681c565f97d15b213777b6ef_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

39811e73681c565f97d15b213777b6ef_JaffaCakes118
Size

103KB
MD5

39811e73681c565f97d15b213777b6ef
SHA1

3a044d1206c3aaef0df44e3dd0d86e7fd4cfcc0f
SHA256

7cf8cbc1c3348cb857468adcfa4d52b6ff1c8bd98596597dac481250010ea306
SHA512

cb6899bad993e53c035211fb9a3f433bc94b9b836ee5002fb2453436b49250e50bc023b2df908821bbfe3028c608dd81a6a4f5162083cdf39fcf3772aba1fed0
SSDEEP

3072:coG8XbiZgh9MSsa8Cg9DOjddiuOcoYV/B:coCgfGvCg9CAJcx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39811e73681c565f97d15b213777b6ef_JaffaCakes118

Files

39811e73681c565f97d15b213777b6ef_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d3abd5c72516f84d174161f134d054b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadIconW
wsprintfW
EnableWindow
LoadImageW
SetDlgItemTextW
LoadCursorW
PostMessageW
SetWindowTextW
LoadBitmapW
SendDlgItemMessageW
EndDialog
GetDC
GetDlgItem
SetCursor
SendMessageW
SetWindowLongW
SetFocus
LoadStringW
ReleaseDC
DialogBoxParamW
GetParent
RegisterClipboardFormatW
WinHelpW
InsertMenuItemW
MessageBoxW
SystemParametersInfoW
GetWindowLongW
GetDlgItemTextA

kernel32

GetComputerNameW
FileTimeToSystemTime
IsBadReadPtr
LoadLibraryW
GetStartupInfoA
GetDateFormatW
OutputDebugStringA
QueryPerformanceCounter
SetLastError
GetSystemTimeAsFileTime
OutputDebugStringW
GetSystemDefaultLangID
GetCurrentProcess
GlobalAlloc
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
GetTickCount
DeleteCriticalSection
LocalFree
RemoveDirectoryA
GlobalFree
lstrlenW
FormatMessageW
LocalReAlloc
lstrcmpiW
GlobalLock
GetProcAddress
GetModuleFileNameW
FileTimeToLocalFileTime
InterlockedIncrement
SetUnhandledExceptionFilter
GetSystemWindowsDirectoryW
InitializeCriticalSection
lstrcpyW
InterlockedDecrement
GetModuleHandleA
CloseHandle
GetCPInfo
GlobalUnlock
CreateFileW

certcli

CAAddCACertificateType
CAFindByName
CARemoveCACertificateType
CASetCertTypeExtension
CAFreeCertTypeProperty
CAUpdateCA
CASetCertTypeFlags
CACloseCertType
CASetCertTypeKeySpec
CACertTypeGetSecurity
CAFindCertTypeByName
CAGetCAProperty
CAGetCertTypeKeySpec
CACloseCA
CACreateCertType
CAUpdateCertType
CAFreeCertTypeExtensions
CAFreeCAProperty
CACertTypeSetSecurity
CAGetCertTypeExtensions
CAEnumNextCertType
CAGetCertTypePropertyEx
CAGetCertTypeProperty
CAEnumCertTypes
CASetCertTypeProperty
CAGetCertTypeFlags
CAEnumCertTypesForCA

msvcrt

_wcsicmp
memmove
_onexit
malloc
wcslen
??1type_info@@UAE@XZ
_except_handler3
wcscat
__dllonexit
wcscpy
??3@YAXPAX@Z
wcschr
free
vswprintf
?terminate@@YAXXZ
wcstoul
mbstowcs
wcsstr
_adjust_fdiv
wcsrchr
__RTDynamicCast
_wcsupr
??2@YAPAXI@Z
_initterm
wcscmp

comctl32

PropertySheetW
CreatePropertySheetPageW

advapi32

RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3abd5c72516f84d174161f134d054b3

Headers

File Characteristics

Imports

user32

kernel32

certcli

msvcrt

comctl32

advapi32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 85KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 85KB

.rsrc
Size: 24KB - Virtual size: 23KB