6aaf22799d3711684a9ab566d750707c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6aaf22799d3711684a9ab566d750707c_JaffaCakes118
Size

99KB
MD5

6aaf22799d3711684a9ab566d750707c
SHA1

aa2ae4dc1557be3b727dc731f868b84c7f54ad02
SHA256

59378e017dc2c0e41031c79e0822243d27d0f8d7d83d606b399b5555884c30d8
SHA512

02b529975a049e3be32db819a0b2feebb9cc55fd55e84ecd285dc1668c773e03e97f70c43ba5c7a50e587a66bbedf42303349d9e56808b477319f7ca9313c69c
SSDEEP

3072:NvSid46IRP3IKbN84CjvAQh4RliBzlRLL:JbUP3IKbNgrAQh4RkBzvLL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6aaf22799d3711684a9ab566d750707c_JaffaCakes118

Files

6aaf22799d3711684a9ab566d750707c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f5754ff5019ce3de1bbefa49327b79e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
LoadLibraryW
GlobalFree
GlobalLock
InitializeCriticalSection
CreateFileW
GetSystemDefaultLangID
GetStartupInfoA
GetCPInfo
lstrcpyW
GetSystemWindowsDirectoryW
GlobalAlloc
GetEnvironmentStringsW
GetLastError
SetLastError
SetUnhandledExceptionFilter
InterlockedDecrement
FormatMessageW
RemoveDirectoryA
GetProcAddress
LocalFree
lstrcmpiW
GetCurrentProcess
GetComputerNameW
GetModuleFileNameW
FileTimeToLocalFileTime
WideCharToMultiByte
QueryPerformanceCounter
GetModuleHandleA
CloseHandle
DeleteCriticalSection
GlobalUnlock
FileTimeToSystemTime
GetSystemTimeAsFileTime
OutputDebugStringW
GetDateFormatW
GetTickCount
LocalReAlloc
InterlockedIncrement
lstrlenW
OutputDebugStringA

certcli

CAFreeCertTypeProperty
CACertTypeGetSecurity
CAUpdateCA
CAEnumCertTypesForCA
CACertTypeSetSecurity
CASetCertTypeExtension
CACloseCA
CAGetCertTypeProperty
CAGetCertTypeKeySpec
CACreateCertType
CAGetCertTypeFlags
CACloseCertType
CAFindByName
CASetCertTypeKeySpec
CAEnumNextCertType
CAUpdateCertType
CAGetCertTypeExtensions
CAGetCAProperty
CAAddCACertificateType
CAGetCertTypePropertyEx
CAFreeCAProperty
CAFreeCertTypeExtensions
CAEnumCertTypes
CARemoveCACertificateType
CASetCertTypeProperty
CASetCertTypeFlags
CAFindCertTypeByName

user32

SendDlgItemMessageW
wsprintfW
LoadImageW
GetDlgItem
LoadStringW
EndDialog
WinHelpW
EnableWindow
RegisterClipboardFormatW
DialogBoxParamW
LoadBitmapW
LoadIconW
SystemParametersInfoW
SetWindowTextW
MessageBoxW
SetFocus
GetWindowLongW
GetDC
GetParent
SetDlgItemTextW
SetWindowLongW
GetDlgItemTextA
LoadCursorW
PostMessageW
SetCursor
SendMessageW
InsertMenuItemW
ReleaseDC

advapi32

RegDeleteValueW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteKeyW

msvcrt

wcschr
wcstoul
vswprintf
wcscmp
_adjust_fdiv
wcscpy
_wcsupr
__RTDynamicCast
?terminate@@YAXXZ
wcscat
malloc
??2@YAPAXI@Z
??1type_info@@UAE@XZ
_initterm
memmove
wcsstr
??3@YAXPAX@Z
_wcsicmp
mbstowcs
_onexit
wcslen
wcsrchr
__dllonexit
_except_handler3
free

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5754ff5019ce3de1bbefa49327b79e4

Headers

File Characteristics

Imports

kernel32

certcli

user32

advapi32

msvcrt

comctl32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 75KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 75KB

.rsrc
Size: 24KB - Virtual size: 24KB