6e4c9a6dff0b12ba9dd8ef603de963d9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6e4c9a6dff0b12ba9dd8ef603de963d9_JaffaCakes118
Size

101KB
MD5

6e4c9a6dff0b12ba9dd8ef603de963d9
SHA1

0debe65f3710f6ebaf9555b371ef890f0fc6b5ad
SHA256

dc4d0fea65b5dc94ddd260328063f657c9962bcb10ad636de3e72beaae6dfa65
SHA512

7579c6445195a0049a664a85ac8491e3a946c2262a3f8409769f7e95116f9b1b6521dadb7598e93d097224d0a5554a69fc9a63599c5d32f741173d9208f566fa
SSDEEP

1536:rLaXLgf45Eg+s0D/K9EfpHCHc6rtSOOsvuBoLAjW0vOkQJsagKGiIVJLminRg+Td:3ag45EG0u9WCrtbn0vg3I8iRtlmnMR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e4c9a6dff0b12ba9dd8ef603de963d9_JaffaCakes118

Files

6e4c9a6dff0b12ba9dd8ef603de963d9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a5c87b5e9dd2391b14f32c99e2e49099

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
LoadLibraryW
GetTickCount
QueryPerformanceCounter
InterlockedIncrement
GlobalAlloc
GetSystemWindowsDirectoryW
GlobalUnlock
LocalReAlloc
IsBadReadPtr
lstrcpyW
GetEnvironmentStringsW
GetLastError
OutputDebugStringW
lstrcmpiW
InitializeCriticalSection
lstrlenW
GetModuleFileNameW
LocalFree
GlobalFree
GetStartupInfoA
OutputDebugStringA
GetCPInfo
DeleteCriticalSection
GlobalLock
CloseHandle
FileTimeToSystemTime
CreateFileW
GetDateFormatW
GetComputerNameW
GetSystemTimeAsFileTime
SetLastError
SetUnhandledExceptionFilter
InterlockedDecrement
FileTimeToLocalFileTime
GetModuleHandleA
RemoveDirectoryA
GetSystemDefaultLangID
GetProcAddress
FormatMessageW
GetCurrentProcess

user32

SetWindowTextW
PostMessageW
EnableWindow
LoadIconW
EndDialog
SendDlgItemMessageW
MessageBoxW
GetDlgItemTextA
WinHelpW
GetDC
LoadImageW
LoadStringW
InsertMenuItemW
RegisterClipboardFormatW
GetParent
SetFocus
SetWindowLongW
SetCursor
ReleaseDC
DialogBoxParamW
LoadCursorW
GetDlgItem
wsprintfW
SystemParametersInfoW
GetWindowLongW
SetDlgItemTextW
SendMessageW
LoadBitmapW

comctl32

PropertySheetW
CreatePropertySheetPageW

certcli

CASetCertTypeProperty
CARemoveCACertificateType
CASetCertTypeFlags
CAFreeCertTypeExtensions
CAGetCertTypeExtensions
CAFindCertTypeByName
CAEnumCertTypesForCA
CAGetCertTypeFlags
CAEnumCertTypes
CAFindByName
CACloseCA
CAUpdateCertType
CAFreeCAProperty
CACloseCertType
CAAddCACertificateType
CAEnumNextCertType
CACreateCertType
CAFreeCertTypeProperty
CAUpdateCA
CAGetCertTypePropertyEx
CAGetCertTypeProperty
CACertTypeGetSecurity
CASetCertTypeKeySpec
CASetCertTypeExtension
CACertTypeSetSecurity
CAGetCertTypeKeySpec
CAGetCAProperty

msvcrt

wcsstr
_wcsupr
free
_except_handler3
memmove
??1type_info@@UAE@XZ
wcscpy
malloc
wcsrchr
wcslen
_initterm
_adjust_fdiv
wcscmp
__dllonexit
vswprintf
_wcsicmp
wcstoul
wcschr
?terminate@@YAXXZ
??2@YAPAXI@Z
wcscat
??3@YAXPAX@Z
mbstowcs
__RTDynamicCast
_onexit

advapi32

RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
RegSetValueExW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5c87b5e9dd2391b14f32c99e2e49099

Headers

File Characteristics

Imports

kernel32

user32

comctl32

certcli

msvcrt

advapi32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 74KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 74KB

.rsrc
Size: 23KB - Virtual size: 22KB