4434b4b05e57998656bf076f022ee64c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4434b4b05e57998656bf076f022ee64c_JaffaCakes118
Size

98KB
MD5

4434b4b05e57998656bf076f022ee64c
SHA1

a7d71a07b167898c6499a07f6c2db4cbf1141b27
SHA256

2f3ba82c45ce8f6da1d77ced4253569604d061898eed16f629bfab35302f1914
SHA512

1cb9cdc0bcbac744287bb8d9c644aaccebf9150a7f52198af40a2a4c012157be2177a5c033bedada8c353fda05a9d6f7b79d97aee20ec531c55da06c8e7dd57c
SSDEEP

1536:aDtTUBl8z59VAq2++QSjqvTCBUIqKi5oJXIvENiuuHH71lTzIeOaJ:CkG/VAq7+QGqvTaQo2swuuHb1lTnb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4434b4b05e57998656bf076f022ee64c_JaffaCakes118

Files

4434b4b05e57998656bf076f022ee64c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e2bb25273a5ad37b2d0d4b20a723bd52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAUpdateCertType
CAEnumCertTypes
CAGetCertTypeProperty
CAGetCertTypeExtensions
CASetCertTypeExtension
CAFreeCertTypeProperty
CAFindCertTypeByName
CARemoveCACertificateType
CASetCertTypeProperty
CACertTypeSetSecurity
CACloseCA
CACertTypeGetSecurity
CASetCertTypeFlags
CAGetCertTypeFlags
CAEnumCertTypesForCA
CACloseCertType
CAEnumNextCertType
CAUpdateCA
CAFreeCAProperty
CAFindByName
CAGetCertTypeKeySpec
CAFreeCertTypeExtensions
CASetCertTypeKeySpec
CAGetCertTypePropertyEx
CACreateCertType
CAGetCAProperty
CAAddCACertificateType

user32

GetDlgItemTextA
GetParent
LoadStringW
SetCursor
MessageBoxW
GetDlgItem
GetDC
LoadIconW
ReleaseDC
SetFocus
EnableWindow
WinHelpW
PostMessageW
InsertMenuItemW
SetWindowTextW
RegisterClipboardFormatW
SetWindowLongW
GetWindowLongW
SendMessageW
SendDlgItemMessageW
DialogBoxParamW
SetDlgItemTextW
LoadImageW
SystemParametersInfoW
LoadCursorW
LoadBitmapW
EndDialog
wsprintfW

kernel32

OutputDebugStringA
GetProcAddress
GetModuleFileNameW
GlobalAlloc
GlobalUnlock
CloseHandle
QueryPerformanceCounter
InitializeCriticalSection
GlobalFree
lstrcmpiW
GetComputerNameW
GetCurrentProcess
GetTickCount
GetSystemWindowsDirectoryW
GetModuleHandleA
GetEnvironmentStringsW
IsBadReadPtr
FileTimeToLocalFileTime
LocalReAlloc
lstrcpyW
CreateFileW
GetCPInfo
SetUnhandledExceptionFilter
GetLastError
GetStartupInfoA
GlobalLock
FormatMessageW
InterlockedDecrement
WideCharToMultiByte
SetLastError
RemoveDirectoryA
GetSystemTimeAsFileTime
LocalFree
LoadLibraryW
GetSystemDefaultLangID
lstrlenW
DeleteCriticalSection
InterlockedIncrement
GetDateFormatW
OutputDebugStringW
FileTimeToSystemTime

comctl32

CreatePropertySheetPageW
PropertySheetW

msvcrt

__dllonexit
?terminate@@YAXXZ
malloc
memmove
wcsrchr
wcscat
_wcsupr
vswprintf
wcscpy
??1type_info@@UAE@XZ
mbstowcs
wcsstr
??2@YAPAXI@Z
wcslen
??3@YAXPAX@Z
_initterm
wcstoul
_adjust_fdiv
__RTDynamicCast
_onexit
free
_wcsicmp
wcscmp
_except_handler3
wcschr

advapi32

RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumKeyExW
RegDeleteKeyW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2bb25273a5ad37b2d0d4b20a723bd52

Headers

File Characteristics

Imports

certcli

user32

kernel32

comctl32

msvcrt

advapi32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 104KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 104KB

.rsrc
Size: 23KB - Virtual size: 23KB