6c8a04a6b7ff031b951b89006fbc17be_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6c8a04a6b7ff031b951b89006fbc17be_JaffaCakes118
Size

102KB
MD5

6c8a04a6b7ff031b951b89006fbc17be
SHA1

6143b79e937f2e16b90626ca04e628e34a70f692
SHA256

aee015fac1452916ae66483a40b62b5f64ece12dbef75ef8e88a95486e27c827
SHA512

b129a01b46a2392966d17bbfd12cbf0f5176db4e00ce34570dd26d92cd8de2258717ac8d54a2538a5c58e41bf9c74d9296c2b9b1ef5364aac44ff8bf6d87ab21
SSDEEP

3072:BGLENvVVNuwcb5eUFOzQTe9feGgvzYNfi4:cENvVLDgModT89QzYNa4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6c8a04a6b7ff031b951b89006fbc17be_JaffaCakes118

Files

6c8a04a6b7ff031b951b89006fbc17be_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7643ae9f408b8daaca1116df37820d43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAGetCertTypeFlags
CAEnumCertTypes
CACertTypeGetSecurity
CAAddCACertificateType
CACreateCertType
CAEnumNextCertType
CACertTypeSetSecurity
CAGetCertTypeProperty
CAUpdateCA
CAFreeCertTypeProperty
CAFreeCAProperty
CARemoveCACertificateType
CACloseCertType
CAFindByName
CASetCertTypeKeySpec
CASetCertTypeExtension
CAFreeCertTypeExtensions
CASetCertTypeFlags
CAUpdateCertType
CAGetCAProperty
CAEnumCertTypesForCA
CAGetCertTypeKeySpec
CAFindCertTypeByName
CACloseCA
CASetCertTypeProperty
CAGetCertTypePropertyEx
CAGetCertTypeExtensions

advapi32

RegQueryValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW

kernel32

GetLastError
GetTickCount
CloseHandle
GetDateFormatW
FileTimeToLocalFileTime
FileTimeToSystemTime
OutputDebugStringA
LocalReAlloc
OutputDebugStringW
GetModuleHandleA
GlobalLock
GetModuleFileNameW
IsBadReadPtr
GetStartupInfoA
lstrcpyW
lstrlenW
SetLastError
LocalFree
lstrcmpiW
GetCurrentProcess
DeleteCriticalSection
QueryPerformanceCounter
GlobalUnlock
InitializeCriticalSection
LoadLibraryW
CreateFileW
InterlockedIncrement
RemoveDirectoryA
GlobalAlloc
GetSystemWindowsDirectoryW
GetComputerNameW
InterlockedDecrement
GetACP
GetEnvironmentStringsW
GlobalFree
SetUnhandledExceptionFilter
WideCharToMultiByte
FormatMessageW
GetSystemTimeAsFileTime
GetSystemDefaultLangID

user32

RegisterClipboardFormatW
wsprintfW
InsertMenuItemW
SetWindowLongW
MessageBoxW
SetWindowTextW
WinHelpW
SetDlgItemTextW
ReleaseDC
GetParent
LoadBitmapW
EndDialog
SendDlgItemMessageW
EnableWindow
PostMessageW
SetFocus
SystemParametersInfoW
SetCursor
LoadImageW
GetDlgItem
GetDlgItemTextA
LoadIconW
DialogBoxParamW
LoadStringW
SendMessageW
GetDC
LoadCursorW
GetWindowLongW

msvcrt

wcstoul
?terminate@@YAXXZ
vswprintf
_adjust_fdiv
wcscpy
_except_handler3
_wcsupr
__dllonexit
malloc
__RTDynamicCast
wcscmp
??1type_info@@UAE@XZ
wcslen
wcsrchr
wcschr
free
??3@YAXPAX@Z
memmove
wcsstr
_wcsicmp
_onexit
mbstowcs
_purecall
_initterm
??2@YAPAXI@Z
wcscat

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7643ae9f408b8daaca1116df37820d43

Headers

File Characteristics

Imports

certcli

advapi32

kernel32

user32

msvcrt

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 100KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 100KB

.rsrc
Size: 25KB - Virtual size: 25KB