72e2e6ab46d388323bd0a05e80036480_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

72e2e6ab46d388323bd0a05e80036480_JaffaCakes118
Size

101KB
MD5

72e2e6ab46d388323bd0a05e80036480
SHA1

8ed90cfa2611723ceda12821f105c1c7337eef3d
SHA256

e71b59a6aaf35474a55f2550945d9d7c9bed214af4d1a13f6dd9559381f2a01a
SHA512

610403069a823276ece04bd956bb399e80b5568eca420065f18b77d25577edc88fd198500763b670ed69c7d7af21db5b42e720bd8aded7fcfc0cec2cb6d82f82
SSDEEP

1536:TFmq3ouC5uE5QG53mb1799rP1BMcVsc5DxdvANwhoSipmtcONQ:vuQG53g5r15DxaNwhomZN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72e2e6ab46d388323bd0a05e80036480_JaffaCakes118

Files

72e2e6ab46d388323bd0a05e80036480_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e03ac6834d34bcf36d5a4e62d786a865

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
InitializeCriticalSection
GlobalFree
GetComputerNameW
DeleteCriticalSection
lstrcmpiW
GetSystemDefaultLangID
lstrcpyW
lstrlenW
InterlockedIncrement
CloseHandle
IsBadReadPtr
OutputDebugStringW
GlobalAlloc
GetStartupInfoA
GetModuleHandleA
GetEnvironmentStringsW
GetModuleFileNameW
FormatMessageW
LocalReAlloc
GetProcAddress
GetCPInfo
GetCurrentThread
OutputDebugStringA
GetDateFormatW
CreateFileW
GetSystemWindowsDirectoryW
FileTimeToLocalFileTime
SetUnhandledExceptionFilter
GlobalUnlock
GetTickCount
GlobalLock
LocalFree
WideCharToMultiByte
GetCurrentProcess
FileTimeToSystemTime
GetLastError
InterlockedDecrement
GetSystemTimeAsFileTime
SetLastError
QueryPerformanceCounter

certcli

CAFreeCertTypeProperty
CAAddCACertificateType
CAGetCertTypeExtensions
CACreateCertType
CACloseCA
CACertTypeSetSecurity
CAFindByName
CARemoveCACertificateType
CAEnumCertTypesForCA
CASetCertTypeProperty
CAEnumCertTypes
CAFreeCAProperty
CAUpdateCA
CAUpdateCertType
CAGetCertTypeKeySpec
CASetCertTypeExtension
CACertTypeGetSecurity
CAFindCertTypeByName
CAFreeCertTypeExtensions
CAGetCertTypeFlags
CAGetCertTypePropertyEx
CACloseCertType
CASetCertTypeFlags
CAEnumNextCertType
CASetCertTypeKeySpec
CAGetCAProperty
CAGetCertTypeProperty

user32

GetDlgItem
EnableWindow
DialogBoxParamW
GetDlgItemTextA
SetDlgItemTextW
LoadCursorW
SetFocus
LoadIconW
PostMessageW
SetWindowTextW
LoadStringW
SetWindowLongW
LoadImageW
MessageBoxW
RegisterClipboardFormatW
SendDlgItemMessageW
LoadBitmapW
WinHelpW
SetCursor
SendMessageW
wsprintfW
GetDC
InsertMenuItemW
GetParent
GetWindowLongW
EndDialog
ReleaseDC
SystemParametersInfoW

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
vswprintf
??2@YAPAXI@Z
wcschr
wcsstr
??3@YAXPAX@Z
wcscmp
__dllonexit
wcstoul
memmove
malloc
_onexit
wcslen
wcscat
wcsrchr
_wcsupr
?terminate@@YAXXZ
mbstowcs
_wcsicmp
_except_handler3
__RTDynamicCast
wcscpy
free

advapi32

RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegEnumKeyExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
RegSetValueExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e03ac6834d34bcf36d5a4e62d786a865

Headers

File Characteristics

Imports

kernel32

certcli

user32

msvcrt

advapi32

comctl32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 98KB

.rsrc Size: 25KB - Virtual size: 24KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 98KB

.rsrc
Size: 25KB - Virtual size: 24KB