3e76a912954454994b1010882828e097_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3e76a912954454994b1010882828e097_JaffaCakes118
Size

99KB
MD5

3e76a912954454994b1010882828e097
SHA1

0e9cff012586f91c836955008d1aa03e31a8be47
SHA256

aa6ee82da6d19999c35af63743fa1e07240d60a99c3df57f4e2401d64206f3e7
SHA512

8debcdb97870548d7bbd67e4e024ba63d1ca645bf8d3a6535d1d1e9560009fff0563b7b7f3ba481f5c4e193b12b833698d34b5995ed79f9c210056f991225cb8
SSDEEP

1536:3VE6hjFlk/5pY3IiaiFpsThDrDeqQRobeu34Kmvgj4iyIDjuAJFa/K3lpgnlhyT2:Fl3qEqi/sFDrdQRz27XDju+FZgbyTpB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e76a912954454994b1010882828e097_JaffaCakes118

Files

3e76a912954454994b1010882828e097_JaffaCakes118
.exe windows:5 windows x86 arch:x86

15684acb0d7450889429d8019f3c6082

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetCursor
LoadCursorW
LoadIconW
EndDialog
WinHelpW
LoadImageW
SendMessageW
SetDlgItemTextW
DialogBoxParamW
GetWindowLongW
GetDlgItemTextA
RegisterClipboardFormatW
SystemParametersInfoW
SendDlgItemMessageW
LoadBitmapW
GetDC
GetDlgItem
InsertMenuItemW
GetParent
LoadStringW
ReleaseDC
SetFocus
wsprintfW
SetWindowLongW
SetWindowTextW
PostMessageW
EnableWindow
MessageBoxW

kernel32

FileTimeToSystemTime
OutputDebugStringW
CreateFileW
WideCharToMultiByte
GetTickCount
GetModuleFileNameW
LocalFree
GetComputerNameW
LoadLibraryW
GlobalLock
QueryPerformanceCounter
InterlockedIncrement
GlobalAlloc
GetSystemDefaultLangID
InterlockedDecrement
GetACP
GetSystemWindowsDirectoryW
FormatMessageW
LocalReAlloc
GlobalUnlock
FileTimeToLocalFileTime
GetCurrentProcess
GetLastError
GlobalFree
GetDateFormatW
SetLastError
GetSystemTimeAsFileTime
DeleteCriticalSection
OutputDebugStringA
lstrlenW
IsBadReadPtr
GetModuleHandleA
SetUnhandledExceptionFilter
RemoveDirectoryA
lstrcmpiW
GetStartupInfoA
InitializeCriticalSection
CloseHandle
GetEnvironmentStringsW
lstrcpyW

msvcrt

?terminate@@YAXXZ
_except_handler3
vswprintf
_adjust_fdiv
wcscmp
wcschr
wcsstr
wcsrchr
wcscpy
malloc
??3@YAXPAX@Z
__dllonexit
_initterm
__RTDynamicCast
mbstowcs
_wcsicmp
_purecall
_wcsupr
wcstoul
wcslen
memmove
??1type_info@@UAE@XZ
??2@YAPAXI@Z
free
wcscat
_onexit

certcli

CAEnumNextCertType
CAEnumCertTypes
CACertTypeGetSecurity
CASetCertTypeKeySpec
CAGetCertTypeKeySpec
CACertTypeSetSecurity
CAFindCertTypeByName
CAEnumCertTypesForCA
CAFreeCAProperty
CAFreeCertTypeExtensions
CAAddCACertificateType
CASetCertTypeExtension
CAGetCertTypeFlags
CAUpdateCA
CACloseCertType
CAFindByName
CAGetCertTypeExtensions
CACloseCA
CACreateCertType
CAGetCAProperty
CAFreeCertTypeProperty
CAGetCertTypeProperty
CAGetCertTypePropertyEx
CAUpdateCertType
CARemoveCACertificateType
CASetCertTypeProperty
CASetCertTypeFlags

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegQueryValueExW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15684acb0d7450889429d8019f3c6082

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

certcli

advapi32

comctl32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 74KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 74KB

.rsrc
Size: 24KB - Virtual size: 23KB