4595155d93286e8bf6a86c08c1614de1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4595155d93286e8bf6a86c08c1614de1_JaffaCakes118
Size

99KB
MD5

4595155d93286e8bf6a86c08c1614de1
SHA1

a93f17cf198c92d694aaaa5f3f15f51a2e232777
SHA256

b2f7390b867b0d15fb486c8d7d1cd38475906e3d87ac6fd52978a520fb7c8ea5
SHA512

4501751ded3aab252af5520da511b6a7e0012a465289dc76d710aa8e1ddefc324c0dfb9c8a03107c468c84bea82c2cb9dec74de1d247c8e5f24e8f476c42960e
SSDEEP

3072:PLSUdqzQlYkgLMjDc2K7uy4Lk6FlJt7wPso:PYzQlFg4jI4yp6FlJxw7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4595155d93286e8bf6a86c08c1614de1_JaffaCakes118

Files

4595155d93286e8bf6a86c08c1614de1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ed0c0803c26bbffb0480169729c6687f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAGetCertTypeKeySpec
CACreateCertType
CASetCertTypeFlags
CASetCertTypeExtension
CACertTypeSetSecurity
CARemoveCACertificateType
CAGetCertTypeProperty
CAFreeCertTypeExtensions
CAGetCAProperty
CAFreeCAProperty
CASetCertTypeKeySpec
CAGetCertTypeFlags
CAFreeCertTypeProperty
CAEnumCertTypes
CAUpdateCertType
CAFindByName
CAFindCertTypeByName
CAGetCertTypeExtensions
CAGetCertTypePropertyEx
CACloseCA
CAAddCACertificateType
CASetCertTypeProperty
CAEnumNextCertType
CAEnumCertTypesForCA
CACloseCertType
CAUpdateCA
CACertTypeGetSecurity

user32

GetDlgItem
LoadImageW
MessageBoxW
SystemParametersInfoW
GetDlgItemTextA
SetDlgItemTextW
LoadIconW
LoadCursorW
GetParent
WinHelpW
LoadBitmapW
EnableWindow
DialogBoxParamW
PostMessageW
SetCursor
RegisterClipboardFormatW
SetFocus
wsprintfW
EndDialog
GetDC
SetWindowLongW
InsertMenuItemW
LoadStringW
SendMessageW
SetWindowTextW
SendDlgItemMessageW
ReleaseDC
GetWindowLongW

kernel32

GetSystemWindowsDirectoryW
FileTimeToLocalFileTime
GetLastError
GetTickCount
SetUnhandledExceptionFilter
FormatMessageW
WideCharToMultiByte
GetModuleFileNameW
DeleteCriticalSection
LoadLibraryW
InitializeCriticalSection
GetSystemTimeAsFileTime
GetModuleHandleA
RemoveDirectoryA
LocalReAlloc
OutputDebugStringA
FileTimeToSystemTime
GetComputerNameW
LocalFree
GetACP
lstrlenW
CreateFileW
GetSystemDefaultLangID
lstrcmpiW
GetEnvironmentStringsW
SetLastError
QueryPerformanceCounter
IsBadReadPtr
GetDateFormatW
CloseHandle
OutputDebugStringW
GlobalAlloc
GlobalLock
GetCurrentProcess
GetStartupInfoA
InterlockedIncrement
lstrcpyW
GlobalFree
InterlockedDecrement
GlobalUnlock

msvcrt

_adjust_fdiv
_wcsicmp
__RTDynamicCast
??1type_info@@UAE@XZ
malloc
__dllonexit
wcscmp
_wcsupr
_initterm
wcsstr
mbstowcs
wcsrchr
??2@YAPAXI@Z
wcscat
free
??3@YAXPAX@Z
wcstoul
?terminate@@YAXXZ
memmove
_onexit
wcslen
_except_handler3
wcscpy
vswprintf
wcschr
_purecall

comctl32

PropertySheetW
CreatePropertySheetPageW

advapi32

RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed0c0803c26bbffb0480169729c6687f

Headers

File Characteristics

Imports

certcli

user32

kernel32

msvcrt

comctl32

advapi32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 111KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 111KB

.rsrc
Size: 23KB - Virtual size: 23KB