42586f8cc6339a3deb8601094da039cf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42586f8cc6339a3deb8601094da039cf_JaffaCakes118
Size

101KB
MD5

42586f8cc6339a3deb8601094da039cf
SHA1

256e7dca7a41b023b3eb36ea9f419cb82677993e
SHA256

cc4430050e894e58c93d1b1357bf5af44f384d5686a33320fa66ce6b3f6d015c
SHA512

cad66555bf85bdf92e7d7e3fe634b7644f52fe15d1a92736ee7af278f047a48ffd73597559495382fd4376b40853eb753edc68778519ca753daa3955d2c2cde7
SSDEEP

1536:BfgpqhxaHukJ9IeNn5rab+t4//08cFM243ft8b+ui7VOePZJUrQxKyrWcI:gqhxakWUb+tu08hE+z7V5x6rQxKsD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42586f8cc6339a3deb8601094da039cf_JaffaCakes118

Files

42586f8cc6339a3deb8601094da039cf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1f52aa67a7c3399512d56ab769b37581

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
IsBadReadPtr
GetTickCount
SetUnhandledExceptionFilter
CreateFileW
InterlockedDecrement
RemoveDirectoryA
GetSystemTimeAsFileTime
GlobalUnlock
SetLastError
GetDateFormatW
lstrlenW
GetEnvironmentStringsW
LocalReAlloc
GlobalAlloc
FileTimeToSystemTime
LocalFree
CloseHandle
GetModuleFileNameW
QueryPerformanceCounter
GetACP
lstrcpyW
GetSystemDefaultLangID
InterlockedIncrement
GlobalFree
lstrcmpiW
GetCurrentProcess
GlobalLock
FormatMessageW
LoadLibraryW
GetComputerNameW
InitializeCriticalSection
GetLastError
OutputDebugStringA
GetStartupInfoA
FileTimeToLocalFileTime
GetSystemWindowsDirectoryW
OutputDebugStringW
GetModuleHandleA
DeleteCriticalSection

certcli

CAGetCertTypeKeySpec
CAAddCACertificateType
CACertTypeSetSecurity
CACertTypeGetSecurity
CAUpdateCertType
CAUpdateCA
CAEnumNextCertType
CAGetCertTypeProperty
CAGetCertTypeFlags
CASetCertTypeProperty
CAEnumCertTypesForCA
CAEnumCertTypes
CASetCertTypeKeySpec
CAGetCertTypePropertyEx
CACreateCertType
CAFindCertTypeByName
CAFreeCertTypeProperty
CACloseCA
CAFreeCertTypeExtensions
CASetCertTypeFlags
CAGetCAProperty
CACloseCertType
CAFindByName
CARemoveCACertificateType
CAGetCertTypeExtensions
CASetCertTypeExtension
CAFreeCAProperty

user32

SetWindowTextW
InsertMenuItemW
RegisterClipboardFormatW
GetDlgItemTextA
GetWindowLongW
LoadBitmapW
ReleaseDC
EnableWindow
GetDC
SetFocus
LoadImageW
SendDlgItemMessageW
EndDialog
SendMessageW
LoadStringW
SetDlgItemTextW
DialogBoxParamW
WinHelpW
SystemParametersInfoW
MessageBoxW
LoadIconW
LoadCursorW
SetCursor
GetParent
SetWindowLongW
wsprintfW
GetDlgItem
PostMessageW

comctl32

PropertySheetW
CreatePropertySheetPageW

msvcrt

wcsstr
_wcsicmp
??2@YAPAXI@Z
?terminate@@YAXXZ
_wcsupr
wcschr
wcscat
malloc
??3@YAXPAX@Z
wcstoul
wcscmp
memmove
vswprintf
mbstowcs
free
wcsrchr
wcscpy
_except_handler3
??1type_info@@UAE@XZ
__RTDynamicCast
_adjust_fdiv
__dllonexit
_onexit
_initterm
wcslen
_purecall

advapi32

RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f52aa67a7c3399512d56ab769b37581

Headers

File Characteristics

Imports

kernel32

certcli

user32

comctl32

msvcrt

advapi32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 80KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 80KB

.rsrc
Size: 23KB - Virtual size: 23KB