39bf176c5068188bd6284aeeba4a7286_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

39bf176c5068188bd6284aeeba4a7286_JaffaCakes118
Size

103KB
MD5

39bf176c5068188bd6284aeeba4a7286
SHA1

cc776e35a6db61cf91870caeb0109ac8c6491d0b
SHA256

67b05be3215d46846dbd766a106282a0aaa2b693731c925a6d6592f3d19d59f2
SHA512

861f7f30d1b431a0375bf7c2454c9b2b2e8c90c0776cc23ac5b2e0d544a5fb6db5130f98bdca130b7d2424f5d2116bee85adf40e1d7026e4c2d1a344ed3d9a7e
SSDEEP

1536:/ZC9KFkDV2o9Hs8WSlzCI4xYFfG6BgjZaUh2jg5Ct0fIvDq5oI01gCd3KonA1n:RMKFkDzXlGIi2sYtNACdaona

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39bf176c5068188bd6284aeeba4a7286_JaffaCakes118

Files

39bf176c5068188bd6284aeeba4a7286_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1eb3631e0e20a2d08a0c5fad11cd2023

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAEnumCertTypesForCA
CAFreeCertTypeProperty
CAFindByName
CAAddCACertificateType
CASetCertTypeProperty
CAGetCertTypeFlags
CAEnumNextCertType
CAGetCertTypeExtensions
CAFindCertTypeByName
CACloseCA
CAUpdateCA
CAGetCAProperty
CASetCertTypeKeySpec
CAUpdateCertType
CASetCertTypeExtension
CAFreeCAProperty
CAFreeCertTypeExtensions
CARemoveCACertificateType
CACloseCertType
CACertTypeSetSecurity
CAEnumCertTypes
CAGetCertTypeProperty
CACreateCertType
CASetCertTypeFlags
CACertTypeGetSecurity
CAGetCertTypeKeySpec
CAGetCertTypePropertyEx

kernel32

GetCurrentThread
lstrlenW
SetLastError
lstrcpyW
LocalReAlloc
GlobalUnlock
DeleteCriticalSection
lstrcmpiW
InterlockedIncrement
GetProcAddress
QueryPerformanceCounter
OutputDebugStringW
GlobalLock
FileTimeToLocalFileTime
GetModuleHandleA
FormatMessageW
GetDateFormatW
CreateFileW
InitializeCriticalSection
SetUnhandledExceptionFilter
GetSystemDefaultLangID
GetCurrentProcess
GetEnvironmentStringsW
WideCharToMultiByte
GetComputerNameW
GetTickCount
IsBadReadPtr
FileTimeToSystemTime
GetSystemWindowsDirectoryW
OutputDebugStringA
CloseHandle
InterlockedDecrement
GetLastError
LocalFree
GetStartupInfoA
GetCPInfo
GlobalAlloc
LoadLibraryW
GetSystemTimeAsFileTime
GetModuleFileNameW
GlobalFree

msvcrt

??3@YAXPAX@Z
malloc
_adjust_fdiv
?terminate@@YAXXZ
wcstoul
wcscat
_wcsupr
wcslen
??2@YAPAXI@Z
_initterm
wcscmp
wcsstr
__RTDynamicCast
wcsrchr
_except_handler3
_onexit
memmove
vswprintf
mbstowcs
_wcsicmp
__dllonexit
wcscpy
wcschr
free
??1type_info@@UAE@XZ

user32

SetFocus
SetWindowLongW
GetWindowLongW
MessageBoxW
LoadStringW
LoadImageW
GetParent
GetDlgItem
EndDialog
SetDlgItemTextW
SendDlgItemMessageW
PostMessageW
SetWindowTextW
wsprintfW
GetDlgItemTextA
ReleaseDC
EnableWindow
LoadIconW
RegisterClipboardFormatW
GetDC
SetCursor
WinHelpW
SystemParametersInfoW
DialogBoxParamW
InsertMenuItemW
LoadCursorW
LoadBitmapW
SendMessageW

advapi32

RegDeleteValueW
RegOpenKeyExW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1eb3631e0e20a2d08a0c5fad11cd2023

Headers

File Characteristics

Imports

certcli

kernel32

msvcrt

user32

advapi32

comctl32

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 117KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 117KB

.rsrc
Size: 23KB - Virtual size: 23KB