73a0c169c0d965da5aefb31c067798fb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

73a0c169c0d965da5aefb31c067798fb_JaffaCakes118
Size

101KB
MD5

73a0c169c0d965da5aefb31c067798fb
SHA1

1517b2fc82b92aa08762e9a9df0235e78fcc02ef
SHA256

84e29e734cc39e89321e72065b391a804d5e83c8861deaf71e5cc620aa8fe216
SHA512

d57338136d60aab63b59f46dbe8ff4522df0013e8be338320bf1a9c1825f2fb44dd7f1aeaa1350d38835eeb3309ecdb1e5f13813e8070ef07d9360f0fb4acd27
SSDEEP

1536:3r1VNQkOFoIT0VahcQAamxSjSDomtrh6+jvDr5m3ibP/bnV2ANVMCM:bdQPF1JmxS+km8+jvPg3ibP/R2c2f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73a0c169c0d965da5aefb31c067798fb_JaffaCakes118

Files

73a0c169c0d965da5aefb31c067798fb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

96479b79d5d01441e41b72b51c725827

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CASetCertTypeKeySpec
CACertTypeGetSecurity
CAFreeCertTypeExtensions
CAEnumCertTypes
CAFreeCAProperty
CAEnumNextCertType
CAGetCertTypePropertyEx
CARemoveCACertificateType
CAFindByName
CACloseCA
CAFreeCertTypeProperty
CAEnumCertTypesForCA
CASetCertTypeFlags
CAGetCertTypeKeySpec
CAGetCertTypeProperty
CAGetCertTypeExtensions
CACertTypeSetSecurity
CAGetCAProperty
CAAddCACertificateType
CASetCertTypeProperty
CAFindCertTypeByName
CASetCertTypeExtension
CACloseCertType
CAUpdateCertType
CAGetCertTypeFlags
CACreateCertType
CAUpdateCA

msvcrt

wcsstr
memmove
_adjust_fdiv
wcschr
??3@YAXPAX@Z
wcscpy
_initterm
_wcsupr
_onexit
_except_handler3
wcstoul
__RTDynamicCast
wcscmp
vswprintf
_wcsicmp
malloc
wcsrchr
?terminate@@YAXXZ
wcscat
wcslen
??1type_info@@UAE@XZ
free
??2@YAPAXI@Z
mbstowcs
__dllonexit

user32

GetParent
LoadStringW
SystemParametersInfoW
MessageBoxW
InsertMenuItemW
SendMessageW
GetWindowLongW
SetFocus
GetDlgItem
LoadCursorW
GetDC
DialogBoxParamW
GetDlgItemTextA
LoadIconW
SetWindowLongW
SetWindowTextW
SetDlgItemTextW
LoadBitmapW
LoadImageW
SetCursor
EnableWindow
WinHelpW
SendDlgItemMessageW
wsprintfW
ReleaseDC
RegisterClipboardFormatW
EndDialog
PostMessageW

kernel32

IsBadReadPtr
FormatMessageW
GetModuleFileNameW
GetSystemWindowsDirectoryW
GetCPInfo
CreateFileW
GetModuleHandleA
GlobalLock
GetComputerNameW
GetCurrentProcess
InterlockedDecrement
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetTickCount
SetLastError
GetCurrentThread
InterlockedIncrement
lstrcpyW
GlobalUnlock
OutputDebugStringW
GetDateFormatW
FileTimeToLocalFileTime
GetSystemDefaultLangID
SetUnhandledExceptionFilter
InitializeCriticalSection
GlobalAlloc
GetStartupInfoA
GetProcAddress
lstrcmpiW
CloseHandle
LocalFree
GetLastError
LocalReAlloc
GlobalFree
WideCharToMultiByte
FileTimeToSystemTime
GetEnvironmentStringsW
lstrlenW
OutputDebugStringA
LoadLibraryW
DeleteCriticalSection

advapi32

RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96479b79d5d01441e41b72b51c725827

Headers

File Characteristics

Imports

certcli

msvcrt

user32

kernel32

advapi32

comctl32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 81KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 81KB

.rsrc
Size: 24KB - Virtual size: 23KB