77ed2b0756a8867825498a52e8125993_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

77ed2b0756a8867825498a52e8125993_JaffaCakes118
Size

102KB
MD5

77ed2b0756a8867825498a52e8125993
SHA1

14f83013a0850a92ab0a79160f4c596994b8ec9a
SHA256

03c87406dbf4ca3cb3e091257d52b7b49fdc98281ef2015ad53e235598d20d87
SHA512

c7b1f092e7feec99be8bcc7e2c69ca9ddc239d9042ae1cfef855f73843710d50b195485b5c55942e57dccc6d861ea620804d27035be1a33211840e10de9f1538
SSDEEP

3072:8vQnz26nIHh119GlA6ue280OxixGD4uJlS:Fz26a1SA6u6BsxGV8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77ed2b0756a8867825498a52e8125993_JaffaCakes118

Files

77ed2b0756a8867825498a52e8125993_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d3589789b8bf852e11f6adcbb453ffb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringW
GetDateFormatW
GetCPInfo
SetUnhandledExceptionFilter
FileTimeToSystemTime
GlobalLock
GlobalAlloc
WideCharToMultiByte
LoadLibraryW
GlobalFree
lstrlenW
DeleteCriticalSection
GetModuleFileNameW
lstrcpyW
InterlockedDecrement
SetLastError
InitializeCriticalSection
IsBadReadPtr
FileTimeToLocalFileTime
GetComputerNameW
RemoveDirectoryA
InterlockedIncrement
GetCurrentProcess
GetSystemDefaultLangID
GetEnvironmentStringsW
GetSystemWindowsDirectoryW
GetStartupInfoA
GetProcAddress
lstrcmpiW
GlobalUnlock
OutputDebugStringA
GetLastError
LocalFree
GetTickCount
FormatMessageW
CloseHandle
GetSystemTimeAsFileTime
QueryPerformanceCounter
LocalReAlloc
CreateFileW
GetModuleHandleA

msvcrt

_except_handler3
??2@YAPAXI@Z
vswprintf
wcscmp
wcschr
free
__dllonexit
wcscat
_wcsicmp
_adjust_fdiv
mbstowcs
_wcsupr
_initterm
??3@YAXPAX@Z
??1type_info@@UAE@XZ
malloc
_onexit
wcstoul
wcslen
?terminate@@YAXXZ
wcsstr
wcscpy
__RTDynamicCast
memmove
wcsrchr

user32

GetDlgItemTextA
GetDC
MessageBoxW
DialogBoxParamW
WinHelpW
GetWindowLongW
EnableWindow
SendDlgItemMessageW
LoadStringW
GetDlgItem
SetCursor
SendMessageW
wsprintfW
GetParent
PostMessageW
EndDialog
RegisterClipboardFormatW
SetWindowLongW
SetFocus
LoadImageW
LoadIconW
SetDlgItemTextW
LoadBitmapW
LoadCursorW
ReleaseDC
SetWindowTextW
SystemParametersInfoW
InsertMenuItemW

certcli

CAFreeCertTypeExtensions
CAGetCertTypeFlags
CAFindCertTypeByName
CASetCertTypeExtension
CACloseCA
CAAddCACertificateType
CACreateCertType
CAFreeCAProperty
CACertTypeGetSecurity
CAUpdateCertType
CAEnumCertTypes
CAGetCertTypePropertyEx
CACloseCertType
CAGetCertTypeKeySpec
CASetCertTypeProperty
CASetCertTypeKeySpec
CARemoveCACertificateType
CAEnumCertTypesForCA
CASetCertTypeFlags
CAGetCertTypeProperty
CAGetCAProperty
CAFindByName
CAUpdateCA
CAGetCertTypeExtensions
CACertTypeSetSecurity
CAFreeCertTypeProperty
CAEnumNextCertType

advapi32

RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3589789b8bf852e11f6adcbb453ffb5

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

certcli

advapi32

comctl32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 85KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 85KB

.rsrc
Size: 24KB - Virtual size: 23KB