794a697b021930f06b7e1117127b8afb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

794a697b021930f06b7e1117127b8afb_JaffaCakes118
Size

101KB
MD5

794a697b021930f06b7e1117127b8afb
SHA1

78316905f3683da51580abef83e4b8af4cef3e49
SHA256

c1e64b874e736c2d019398f1a3d5ca540361038bda2536600aa36fe883f6a3cc
SHA512

eba4d588472862e0d3561bad6456b0cf079009ec2946e4245b6deb037313cd4e6e56fbc5cbdddfa1598196853585651bc189de781411a584f272c21191ce626f
SSDEEP

3072:E3wkrnSjWSZkaDZ3uqIERppozMBVZL4iKf:E/rnSjHCg3uqIEppoAB/4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
794a697b021930f06b7e1117127b8afb_JaffaCakes118

Files

794a697b021930f06b7e1117127b8afb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

882782edbb229875e1a475ddd00b9f0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadIconW
MessageBoxW
GetDC
SetWindowLongW
DialogBoxParamW
LoadImageW
GetWindowLongW
SendMessageW
SetWindowTextW
PostMessageW
SystemParametersInfoW
EnableWindow
SendDlgItemMessageW
LoadStringW
EndDialog
WinHelpW
InsertMenuItemW
LoadCursorW
SetDlgItemTextW
RegisterClipboardFormatW
wsprintfW
GetParent
GetDlgItemTextA
GetDlgItem
SetFocus
ReleaseDC
SetCursor
LoadBitmapW

advapi32

RegDeleteValueW
RegEnumKeyExW
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW

certcli

CAUpdateCertType
CACreateCertType
CAUpdateCA
CAFreeCertTypeProperty
CAEnumCertTypes
CAFreeCAProperty
CASetCertTypeFlags
CAGetCertTypeKeySpec
CAAddCACertificateType
CAGetCertTypeExtensions
CACertTypeGetSecurity
CACloseCertType
CAFindCertTypeByName
CAEnumCertTypesForCA
CAGetCertTypeProperty
CARemoveCACertificateType
CASetCertTypeProperty
CASetCertTypeExtension
CACertTypeSetSecurity
CAFindByName
CAGetCAProperty
CAGetCertTypePropertyEx
CAGetCertTypeFlags
CACloseCA
CAFreeCertTypeExtensions
CASetCertTypeKeySpec
CAEnumNextCertType

msvcrt

__dllonexit
wcscmp
mbstowcs
??1type_info@@UAE@XZ
wcsrchr
_wcsupr
_except_handler3
_wcsicmp
??2@YAPAXI@Z
wcscat
wcstoul
vswprintf
_adjust_fdiv
?terminate@@YAXXZ
__RTDynamicCast
free
memmove
_onexit
??3@YAXPAX@Z
_initterm
malloc
wcscpy
wcschr
wcslen
wcsstr

kernel32

SetUnhandledExceptionFilter
LocalFree
GetProcAddress
lstrlenW
GlobalUnlock
lstrcpyW
GlobalAlloc
FormatMessageW
InitializeCriticalSection
QueryPerformanceCounter
GetDateFormatW
FileTimeToSystemTime
OutputDebugStringW
GetComputerNameW
CloseHandle
WideCharToMultiByte
GetSystemTimeAsFileTime
DeleteCriticalSection
GetTickCount
RemoveDirectoryA
CreateFileW
LoadLibraryW
GetModuleHandleA
GetStartupInfoA
GetEnvironmentStringsW
GetModuleFileNameW
OutputDebugStringA
GetCurrentProcess
LocalReAlloc
InterlockedIncrement
InterlockedDecrement
GetSystemWindowsDirectoryW
lstrcmpiW
GetCPInfo
GlobalFree
SetLastError
FileTimeToLocalFileTime
IsBadReadPtr
GlobalLock
GetLastError
GetSystemDefaultLangID

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

882782edbb229875e1a475ddd00b9f0c

Headers

File Characteristics

Imports

user32

advapi32

certcli

msvcrt

kernel32

comctl32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 101KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 101KB

.rsrc
Size: 24KB - Virtual size: 23KB