647331fcfb682c5349514cce869a8f6e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

647331fcfb682c5349514cce869a8f6e_JaffaCakes118
Size

100KB
MD5

647331fcfb682c5349514cce869a8f6e
SHA1

ec4d1960b3f8fa12de8171e1b3a07962593d26d5
SHA256

7740fac71f08109accfcdcaf4d81cb08b56f1e1c86e73c98bce415d477f698c8
SHA512

8e59ece816282ce08ba39947927d76f69673b35ce11c9fe12587414133ce0b15b544f6ab24240fcc66b91995fee52f0446c4f8ca454d5ec738772fac85e9e793
SSDEEP

3072:zz/bIeU1vIQxWc7fzcjlLT7yvRIQ/ojHtuXo:pEjVgjlLvQKaojN+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
647331fcfb682c5349514cce869a8f6e_JaffaCakes118

Files

647331fcfb682c5349514cce869a8f6e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

75fa69259405e74d30e2c312a98c8327

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_onexit
_except_handler3
_purecall
__dllonexit
memmove
?terminate@@YAXXZ
??3@YAXPAX@Z
??1type_info@@UAE@XZ
wcslen
mbstowcs
vswprintf
_wcsicmp
_adjust_fdiv
_initterm
wcsstr
wcscat
malloc
wcsrchr
__RTDynamicCast
wcstoul
wcschr
free
_wcsupr
wcscpy
??2@YAPAXI@Z
wcscmp

comctl32

CreatePropertySheetPageW
PropertySheetW

user32

LoadImageW
GetParent
ReleaseDC
SetWindowLongW
GetWindowLongW
LoadCursorW
EnableWindow
GetDlgItemTextA
MessageBoxW
SystemParametersInfoW
GetDC
SetCursor
wsprintfW
RegisterClipboardFormatW
SetFocus
DialogBoxParamW
SetDlgItemTextW
EndDialog
SetWindowTextW
PostMessageW
LoadIconW
GetDlgItem
LoadStringW
WinHelpW
SendDlgItemMessageW
SendMessageW
InsertMenuItemW
LoadBitmapW

kernel32

FormatMessageW
GetCurrentProcess
FileTimeToSystemTime
GetDateFormatW
lstrcmpiW
GetTickCount
GlobalLock
lstrcpyW
OutputDebugStringA
GetModuleFileNameW
RemoveDirectoryA
GetSystemDefaultLangID
GlobalAlloc
GetLastError
InterlockedIncrement
FileTimeToLocalFileTime
SetUnhandledExceptionFilter
GetEnvironmentStringsW
InterlockedDecrement
CreateFileW
GetStartupInfoA
GetModuleHandleA
GetSystemTimeAsFileTime
InitializeCriticalSection
WideCharToMultiByte
SetLastError
GetComputerNameW
CloseHandle
GetACP
LocalReAlloc
GlobalFree
IsBadReadPtr
DeleteCriticalSection
GlobalUnlock
lstrlenW
LocalFree
GetSystemWindowsDirectoryW
QueryPerformanceCounter
OutputDebugStringW
LoadLibraryW

certcli

CAFindCertTypeByName
CAFreeCertTypeProperty
CACloseCA
CAGetCertTypePropertyEx
CAEnumNextCertType
CACloseCertType
CAEnumCertTypes
CAFindByName
CAFreeCertTypeExtensions
CASetCertTypeExtension
CAGetCAProperty
CAGetCertTypeExtensions
CASetCertTypeFlags
CAAddCACertificateType
CAGetCertTypeKeySpec
CAUpdateCertType
CASetCertTypeProperty
CAUpdateCA
CAFreeCAProperty
CAGetCertTypeFlags
CARemoveCACertificateType
CAGetCertTypeProperty
CASetCertTypeKeySpec
CACreateCertType
CACertTypeGetSecurity
CACertTypeSetSecurity
CAEnumCertTypesForCA

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegDeleteKeyW
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75fa69259405e74d30e2c312a98c8327

Headers

File Characteristics

Imports

msvcrt

comctl32

user32

kernel32

certcli

advapi32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 105KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 105KB

.rsrc
Size: 23KB - Virtual size: 23KB