65eae66adccb32e0578efe28330f0b19_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

65eae66adccb32e0578efe28330f0b19_JaffaCakes118
Size

100KB
MD5

65eae66adccb32e0578efe28330f0b19
SHA1

b26b1eb100700d59e0290741dd7283b167fb8631
SHA256

b4be3d989c71145dbb1bea4d13de793d1c089f7e79aaa2ec57a2aacd86a5bd02
SHA512

bebf8c9c48b628869f762a471beeb98b4672ac783c1a9b19756294950ecb3a16461e46668204de4d1e997cdf0bfc3a2f2fce1881df117b8a71243a9247c7e51e
SSDEEP

3072:Sy+Z/JnYEJi13bomSm6Bwv37a/h7fgHZgR:zIJcsavLa/hzsk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65eae66adccb32e0578efe28330f0b19_JaffaCakes118

Files

65eae66adccb32e0578efe28330f0b19_JaffaCakes118
.exe windows:5 windows x86 arch:x86

77229a7d2502a68ddbdfb48f988ded4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadCursorW
GetDlgItemTextA
SetWindowLongW
RegisterClipboardFormatW
GetParent
InsertMenuItemW
GetWindowLongW
LoadBitmapW
SetDlgItemTextW
GetDlgItem
EndDialog
SystemParametersInfoW
SendDlgItemMessageW
SetFocus
wsprintfW
GetDC
SendMessageW
EnableWindow
LoadImageW
SetWindowTextW
SetCursor
LoadIconW
WinHelpW
ReleaseDC
DialogBoxParamW
MessageBoxW
PostMessageW
LoadStringW

msvcrt

_initterm
wcstoul
__dllonexit
_onexit
??1type_info@@UAE@XZ
_adjust_fdiv
__RTDynamicCast
??3@YAXPAX@Z
wcscmp
memmove
wcscat
wcsrchr
wcscpy
malloc
wcsstr
wcschr
_wcsupr
??2@YAPAXI@Z
_except_handler3
wcslen
free
vswprintf
?terminate@@YAXXZ
mbstowcs
_wcsicmp

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegSetValueExW

kernel32

CloseHandle
GlobalLock
FileTimeToSystemTime
CreateFileW
LoadLibraryW
LocalReAlloc
GetTickCount
lstrcmpiW
GetEnvironmentStringsW
GetProcAddress
GetCPInfo
GlobalAlloc
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
GlobalFree
GetStartupInfoA
SetLastError
LocalFree
lstrlenW
InterlockedIncrement
GetSystemTimeAsFileTime
RemoveDirectoryA
GetComputerNameW
GetSystemWindowsDirectoryW
InitializeCriticalSection
FormatMessageW
DeleteCriticalSection
IsBadReadPtr
GlobalUnlock
GetSystemDefaultLangID
WideCharToMultiByte
InterlockedDecrement
FileTimeToLocalFileTime
lstrcpyW
SetUnhandledExceptionFilter
GetModuleHandleA
GetModuleFileNameW
GetLastError
GetDateFormatW
GetCurrentProcess

certcli

CASetCertTypeFlags
CAGetCAProperty
CARemoveCACertificateType
CACloseCA
CASetCertTypeExtension
CACertTypeGetSecurity
CAEnumNextCertType
CAGetCertTypePropertyEx
CAUpdateCA
CAEnumCertTypes
CAEnumCertTypesForCA
CAGetCertTypeKeySpec
CAGetCertTypeExtensions
CACreateCertType
CAFreeCertTypeProperty
CAFreeCertTypeExtensions
CAFindByName
CACertTypeSetSecurity
CASetCertTypeProperty
CAAddCACertificateType
CACloseCertType
CAGetCertTypeProperty
CAGetCertTypeFlags
CASetCertTypeKeySpec
CAFindCertTypeByName
CAUpdateCertType
CAFreeCAProperty

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77229a7d2502a68ddbdfb48f988ded4a

Headers

File Characteristics

Imports

user32

msvcrt

advapi32

kernel32

certcli

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 122KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 122KB

.rsrc
Size: 24KB - Virtual size: 23KB