64f70cb976cd7d1019b3e61ca3d766f3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

64f70cb976cd7d1019b3e61ca3d766f3_JaffaCakes118
Size

100KB
MD5

64f70cb976cd7d1019b3e61ca3d766f3
SHA1

ac2a384324bb98455fcb3558248fa78c302699a2
SHA256

a46dd68fbd60a47ea05ecd75c2166f61c43cfe9fd0754abc7d8d4355b3d6cc5e
SHA512

f0fa55e46c47cfc83b49852e8c2a7814deb312d1e67c85337407ba201d917c3604720511914fc1632db1774ebcc8568c67586521f6a3f610bb97b5213308f98e
SSDEEP

1536:+7/6Jx6pKsPa1xlibUepVVKZ2zHWVbv+irCAdTIhU6Xv4vWryW034I6:+D26pNaja7VMZ2wiirAW6f4vWb034I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64f70cb976cd7d1019b3e61ca3d766f3_JaffaCakes118

Files

64f70cb976cd7d1019b3e61ca3d766f3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

45663b8e7bb0a1e3bc0e3540c5f06fc6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadCursorW
LoadBitmapW
EnableWindow
LoadStringW
PostMessageW
SetWindowLongW
LoadImageW
SetFocus
SendDlgItemMessageW
GetDC
DialogBoxParamW
InsertMenuItemW
GetDlgItem
LoadIconW
RegisterClipboardFormatW
SetWindowTextW
SendMessageW
SystemParametersInfoW
SetDlgItemTextW
SetCursor
MessageBoxW
GetDlgItemTextA
GetWindowLongW
wsprintfW
ReleaseDC
EndDialog
GetParent
WinHelpW

advapi32

RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW

msvcrt

?terminate@@YAXXZ
free
__dllonexit
wcscpy
_wcsupr
mbstowcs
wcscat
wcscmp
malloc
wcsrchr
_onexit
wcslen
_adjust_fdiv
??2@YAPAXI@Z
wcschr
wcsstr
memmove
_initterm
vswprintf
wcstoul
__RTDynamicCast
_except_handler3
??3@YAXPAX@Z
??1type_info@@UAE@XZ
_wcsicmp

certcli

CAGetCertTypeKeySpec
CAFindCertTypeByName
CAEnumCertTypesForCA
CASetCertTypeKeySpec
CAUpdateCA
CASetCertTypeProperty
CACertTypeGetSecurity
CASetCertTypeFlags
CAUpdateCertType
CAFreeCertTypeExtensions
CACloseCA
CASetCertTypeExtension
CAGetCertTypePropertyEx
CACertTypeSetSecurity
CAGetCertTypeFlags
CAGetCertTypeProperty
CAEnumCertTypes
CARemoveCACertificateType
CAGetCAProperty
CAFreeCertTypeProperty
CAFindByName
CAEnumNextCertType
CACreateCertType
CACloseCertType
CAGetCertTypeExtensions
CAAddCACertificateType
CAFreeCAProperty

kernel32

GlobalUnlock
QueryPerformanceCounter
RemoveDirectoryA
GlobalLock
LocalReAlloc
FileTimeToLocalFileTime
GlobalFree
CloseHandle
OutputDebugStringW
GetSystemTimeAsFileTime
GetModuleFileNameW
GetEnvironmentStringsW
LocalFree
lstrcmpiW
LoadLibraryW
InitializeCriticalSection
GetCPInfo
GetStartupInfoA
lstrcpyW
GetComputerNameW
GlobalAlloc
GetTickCount
WideCharToMultiByte
lstrlenW
IsBadReadPtr
SetLastError
GetCurrentProcess
DeleteCriticalSection
InterlockedDecrement
GetSystemWindowsDirectoryW
SetUnhandledExceptionFilter
GetProcAddress
FormatMessageW
CreateFileW
GetDateFormatW
FileTimeToSystemTime
InterlockedIncrement
GetLastError
GetSystemDefaultLangID
GetModuleHandleA
OutputDebugStringA

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45663b8e7bb0a1e3bc0e3540c5f06fc6

Headers

File Characteristics

Imports

user32

advapi32

msvcrt

certcli

kernel32

comctl32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 65KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 65KB

.rsrc
Size: 23KB - Virtual size: 23KB