6a5da6a4f4983b6712fec153afda95d1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6a5da6a4f4983b6712fec153afda95d1_JaffaCakes118
Size

101KB
MD5

6a5da6a4f4983b6712fec153afda95d1
SHA1

759f694d21623490aceac11c6c0a1a59343c833a
SHA256

85eeae2bfb1766b8db3f6cb20f52c0ce5b960174689f38ea5ac2e461cef6b6ab
SHA512

baa488d86cc7766e5840128616faa0b71c677fc9cce9ef6943fc0f4d8a2ae0ba01c31d3af57cbe96f02755bc257a428a0f28e0f6fde65a864bf9ce57817db09d
SSDEEP

3072:qxjRywzOVcPM9w8a5gkLIJfJBCh7NKYsw/hqzLDaHPNR:kNywzOVcPF8SgQEBsJnsw/s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a5da6a4f4983b6712fec153afda95d1_JaffaCakes118

Files

6a5da6a4f4983b6712fec153afda95d1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

79ea2d4340b193076f303b7d9c202ba1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfW
GetDlgItem
EnableWindow
SetWindowLongW
GetDC
SystemParametersInfoW
DialogBoxParamW
GetDlgItemTextA
LoadStringW
SetDlgItemTextW
SendDlgItemMessageW
GetParent
SetCursor
SetWindowTextW
PostMessageW
SetFocus
LoadCursorW
LoadImageW
LoadIconW
InsertMenuItemW
EndDialog
MessageBoxW
SendMessageW
WinHelpW
ReleaseDC
LoadBitmapW
GetWindowLongW
RegisterClipboardFormatW

certcli

CAEnumNextCertType
CAFindCertTypeByName
CASetCertTypeKeySpec
CAGetCertTypeFlags
CAEnumCertTypes
CACertTypeSetSecurity
CAUpdateCertType
CAFindByName
CAUpdateCA
CAFreeCertTypeExtensions
CACloseCA
CAGetCertTypeExtensions
CACloseCertType
CACertTypeGetSecurity
CAGetCAProperty
CAFreeCAProperty
CACreateCertType
CAGetCertTypeProperty
CAGetCertTypePropertyEx
CAFreeCertTypeProperty
CASetCertTypeExtension
CAAddCACertificateType
CASetCertTypeProperty
CAGetCertTypeKeySpec
CAEnumCertTypesForCA
CASetCertTypeFlags
CARemoveCACertificateType

msvcrt

__RTDynamicCast
wcsstr
malloc
_onexit
__dllonexit
wcstoul
wcslen
_wcsupr
_wcsicmp
vswprintf
mbstowcs
free
wcscpy
?terminate@@YAXXZ
_initterm
wcschr
??3@YAXPAX@Z
wcscat
memmove
_except_handler3
??1type_info@@UAE@XZ
??2@YAPAXI@Z
wcsrchr
wcscmp
_adjust_fdiv

kernel32

GlobalAlloc
IsBadReadPtr
GlobalLock
LoadLibraryW
GetSystemWindowsDirectoryW
FileTimeToSystemTime
SetUnhandledExceptionFilter
GetComputerNameW
GetModuleFileNameW
GetModuleHandleA
OutputDebugStringW
QueryPerformanceCounter
LocalFree
CreateFileW
GetEnvironmentStringsW
GetCurrentProcess
InterlockedIncrement
lstrcmpiW
FormatMessageW
FileTimeToLocalFileTime
DeleteCriticalSection
GetStartupInfoA
GetDateFormatW
GlobalFree
OutputDebugStringA
SetLastError
CloseHandle
GetProcAddress
WideCharToMultiByte
GlobalUnlock
GetCPInfo
GetSystemDefaultLangID
RemoveDirectoryA
GetLastError
LocalReAlloc
InitializeCriticalSection
lstrcpyW
lstrlenW
GetSystemTimeAsFileTime
InterlockedDecrement
GetTickCount

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79ea2d4340b193076f303b7d9c202ba1

Headers

File Characteristics

Imports

user32

certcli

msvcrt

kernel32

advapi32

comctl32

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 62KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 62KB

.rsrc
Size: 23KB - Virtual size: 22KB