64dd460f874edba9379482a34675a36c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

64dd460f874edba9379482a34675a36c_JaffaCakes118
Size

100KB
MD5

64dd460f874edba9379482a34675a36c
SHA1

1e19c83d06d927e3d8165802a1c042b9bdc11b6d
SHA256

b0d0bb83f6a1ce7562d3f1f6ca921abc3704ae91018196794d4434d6d974d755
SHA512

2f2e94551d1407e10ff771cb248209c0de0a5c801affb4056959d320c5e8c5aba910e9715fe6c8c7254f475f071870bcfca84ba6ed52248db6756963486ab763
SSDEEP

3072:4+3fsFe6Vq1oTAzTn7ro5hfdLPuSZlhk/:vUY6g1oT6j7rGtdLPuSZ7k/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64dd460f874edba9379482a34675a36c_JaffaCakes118

Files

64dd460f874edba9379482a34675a36c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2f01c399204f1ba49a485750a45bdc04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW

user32

SendMessageW
ReleaseDC
GetDC
LoadStringW
GetDlgItem
SendDlgItemMessageW
EndDialog
DialogBoxParamW
SetFocus
MessageBoxW
SetCursor
SetWindowTextW
LoadIconW
SetWindowLongW
PostMessageW
LoadBitmapW
GetDlgItemTextA
SystemParametersInfoW
GetWindowLongW
InsertMenuItemW
EnableWindow
wsprintfW
GetParent
LoadCursorW
WinHelpW
SetDlgItemTextW
LoadImageW
RegisterClipboardFormatW

msvcrt

wcscpy
_wcsupr
??3@YAXPAX@Z
wcstoul
_wcsicmp
__RTDynamicCast
memmove
wcslen
vswprintf
_onexit
free
?terminate@@YAXXZ
wcschr
wcscat
_initterm
_except_handler3
malloc
mbstowcs
__dllonexit
??1type_info@@UAE@XZ
??2@YAPAXI@Z
wcscmp
_adjust_fdiv
wcsrchr
wcsstr

certcli

CASetCertTypeExtension
CAGetCertTypeFlags
CAUpdateCA
CAGetCAProperty
CACertTypeGetSecurity
CACloseCA
CASetCertTypeFlags
CACertTypeSetSecurity
CASetCertTypeKeySpec
CAEnumCertTypes
CASetCertTypeProperty
CAFindByName
CAFreeCertTypeProperty
CAFreeCertTypeExtensions
CAGetCertTypePropertyEx
CAGetCertTypeExtensions
CACloseCertType
CACreateCertType
CAFindCertTypeByName
CAFreeCAProperty
CAUpdateCertType
CAGetCertTypeKeySpec
CAEnumNextCertType
CAEnumCertTypesForCA
CAGetCertTypeProperty
CARemoveCACertificateType
CAAddCACertificateType

kernel32

lstrlenW
FileTimeToLocalFileTime
LocalFree
GetComputerNameW
IsBadReadPtr
lstrcmpiW
GetModuleHandleA
GetStartupInfoA
CreateFileW
GlobalLock
WideCharToMultiByte
SetUnhandledExceptionFilter
GetLastError
InterlockedDecrement
QueryPerformanceCounter
GetCPInfo
GetSystemTimeAsFileTime
lstrcpyW
GetModuleFileNameW
DeleteCriticalSection
GetCurrentProcess
LocalReAlloc
GlobalAlloc
GetSystemDefaultLangID
GetSystemWindowsDirectoryW
LoadLibraryW
InitializeCriticalSection
FileTimeToSystemTime
RemoveDirectoryA
OutputDebugStringA
GetEnvironmentStringsW
FormatMessageW
SetLastError
CloseHandle
GetProcAddress
OutputDebugStringW
GetDateFormatW
GlobalUnlock
GetTickCount
GlobalFree
InterlockedIncrement

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f01c399204f1ba49a485750a45bdc04

Headers

File Characteristics

Imports

advapi32

user32

msvcrt

certcli

kernel32

comctl32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 90KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 90KB

.rsrc
Size: 23KB - Virtual size: 22KB