62395ac9866a0bd51c2f6e5d60d5c448_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

62395ac9866a0bd51c2f6e5d60d5c448_JaffaCakes118
Size

98KB
MD5

62395ac9866a0bd51c2f6e5d60d5c448
SHA1

67ea96586600cd374c3faf4805a76a73431b1c4c
SHA256

98cce73339af14fe0cb5d810844d612c9ec7ed8517883ee23a779112d03366d3
SHA512

12714051af4135278bb6d4e02e5f82e8834437044ca2679a1e4bbe572b2f479dc275b57873de505a88946cb5f8dfe2493c4e22aa422b423b0ee7c273e6586c65
SSDEEP

1536:gRjMVHsl1tjX1fiC7QwPFc/9HYb1tY0ne0P5/Ncc3T0d8TlYKFx6sG2JCd64x:gRll1d1Z7Qg11tYd6QuxYKv6sG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62395ac9866a0bd51c2f6e5d60d5c448_JaffaCakes118

Files

62395ac9866a0bd51c2f6e5d60d5c448_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0fcaf5543e536e49943cea41397f7e28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

malloc
_onexit
__RTDynamicCast
_wcsupr
_except_handler3
??1type_info@@UAE@XZ
wcstoul
wcsrchr
free
wcsstr
wcschr
wcslen
__dllonexit
wcscmp
_wcsicmp
vswprintf
mbstowcs
wcscpy
memmove
?terminate@@YAXXZ
_adjust_fdiv
_initterm
??3@YAXPAX@Z
_purecall
wcscat
??2@YAPAXI@Z

certcli

CAAddCACertificateType
CAFreeCertTypeProperty
CAFindCertTypeByName
CASetCertTypeProperty
CACloseCA
CAGetCertTypeFlags
CAGetCertTypeExtensions
CACloseCertType
CASetCertTypeFlags
CAFreeCAProperty
CAFindByName
CACreateCertType
CAFreeCertTypeExtensions
CAUpdateCA
CASetCertTypeExtension
CAEnumCertTypesForCA
CAEnumCertTypes
CACertTypeSetSecurity
CAGetCAProperty
CAGetCertTypeProperty
CASetCertTypeKeySpec
CAUpdateCertType
CACertTypeGetSecurity
CAGetCertTypeKeySpec
CAGetCertTypePropertyEx
CAEnumNextCertType
CARemoveCACertificateType

kernel32

LocalReAlloc
InitializeCriticalSection
lstrcpyW
OutputDebugStringW
GetTickCount
OutputDebugStringA
FormatMessageW
LoadLibraryW
SetLastError
CreateFileW
GlobalAlloc
DeleteCriticalSection
InterlockedDecrement
GetACP
lstrlenW
GetStartupInfoA
WideCharToMultiByte
InterlockedIncrement
FileTimeToSystemTime
IsBadReadPtr
RemoveDirectoryA
GetDateFormatW
LocalFree
GetLastError
GlobalFree
CloseHandle
GlobalUnlock
GetSystemDefaultLangID
GetCurrentProcess
GetEnvironmentStringsW
GlobalLock
GetModuleHandleA
QueryPerformanceCounter
GetModuleFileNameW
GetComputerNameW
GetSystemWindowsDirectoryW
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
lstrcmpiW

user32

PostMessageW
GetParent
RegisterClipboardFormatW
GetDlgItemTextA
LoadBitmapW
LoadImageW
EndDialog
SetWindowTextW
MessageBoxW
ReleaseDC
SetDlgItemTextW
SetCursor
SendMessageW
GetDlgItem
GetDC
LoadIconW
LoadCursorW
LoadStringW
SystemParametersInfoW
SendDlgItemMessageW
SetFocus
wsprintfW
WinHelpW
SetWindowLongW
GetWindowLongW
DialogBoxParamW
InsertMenuItemW
EnableWindow

comctl32

PropertySheetW
CreatePropertySheetPageW

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fcaf5543e536e49943cea41397f7e28

Headers

File Characteristics

Imports

msvcrt

certcli

kernel32

user32

comctl32

advapi32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 66KB

.rsrc Size: 22KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 66KB

.rsrc
Size: 22KB - Virtual size: 22KB