7d1cf23aff04f74668044a697ad222b0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7d1cf23aff04f74668044a697ad222b0_JaffaCakes118
Size

103KB
MD5

7d1cf23aff04f74668044a697ad222b0
SHA1

06a5982f334f8f98231594cb94c751551971d15c
SHA256

6091b8cac1ba2711dfdc3f2460cb2e1abaf6b74a16a4464552e8016025a82afa
SHA512

d6eb1c14191f04551638a1dd9d695614eb13cb6fd5574fe05e5ecd69a682866b369ab092e68070d888b7d3d4c436878960495341f9dc6aadbf35f5faa02c884e
SSDEEP

3072:a9lqDtPrXYjXMTQ/icPKR1pxFHOdiXSU:abjXvqcPKrRHOc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d1cf23aff04f74668044a697ad222b0_JaffaCakes118

Files

7d1cf23aff04f74668044a697ad222b0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

66715f023c89f5035b5be2dc7896372f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcsrchr
mbstowcs
_except_handler3
wcscpy
?terminate@@YAXXZ
_wcsupr
wcslen
??3@YAXPAX@Z
vswprintf
_onexit
memmove
wcscmp
__dllonexit
__RTDynamicCast
wcscat
??2@YAPAXI@Z
malloc
_initterm
free
wcsstr
_adjust_fdiv
wcschr
_wcsicmp
wcstoul
??1type_info@@UAE@XZ

user32

wsprintfW
LoadCursorW
SetDlgItemTextW
SetWindowLongW
PostMessageW
SetCursor
EnableWindow
DialogBoxParamW
LoadIconW
LoadBitmapW
SetFocus
SendMessageW
LoadStringW
GetWindowLongW
LoadImageW
GetDlgItemTextA
ReleaseDC
EndDialog
GetParent
RegisterClipboardFormatW
SystemParametersInfoW
MessageBoxW
GetDlgItem
InsertMenuItemW
GetDC
WinHelpW
SendDlgItemMessageW
SetWindowTextW

certcli

CAFindCertTypeByName
CACertTypeGetSecurity
CAUpdateCA
CAFindByName
CAAddCACertificateType
CASetCertTypeExtension
CAGetCertTypePropertyEx
CACloseCertType
CAFreeCertTypeProperty
CAGetCertTypeExtensions
CAGetCAProperty
CAGetCertTypeFlags
CAGetCertTypeProperty
CAFreeCertTypeExtensions
CAEnumNextCertType
CASetCertTypeFlags
CACloseCA
CACertTypeSetSecurity
CACreateCertType
CARemoveCACertificateType
CAEnumCertTypes
CAEnumCertTypesForCA
CAGetCertTypeKeySpec
CASetCertTypeKeySpec
CAUpdateCertType
CAFreeCAProperty
CASetCertTypeProperty

kernel32

DeleteCriticalSection
LoadLibraryW
lstrcpyW
GetSystemWindowsDirectoryW
GetSystemDefaultLangID
CloseHandle
GetSystemTimeAsFileTime
GlobalFree
WideCharToMultiByte
GetModuleFileNameW
lstrcmpiW
SetUnhandledExceptionFilter
RemoveDirectoryA
GetCPInfo
GlobalUnlock
LocalFree
GetStartupInfoA
InterlockedIncrement
InterlockedDecrement
GetDateFormatW
SetLastError
QueryPerformanceCounter
IsBadReadPtr
GetModuleHandleA
GlobalAlloc
OutputDebugStringA
InitializeCriticalSection
GetEnvironmentStringsW
CreateFileW
lstrlenW
GetTickCount
GetLastError
FileTimeToSystemTime
OutputDebugStringW
GetProcAddress
GetCurrentProcess
GetComputerNameW
FileTimeToLocalFileTime
LocalReAlloc
GlobalLock
FormatMessageW

comctl32

PropertySheetW
CreatePropertySheetPageW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
RegCloseKey

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66715f023c89f5035b5be2dc7896372f

Headers

File Characteristics

Imports

msvcrt

user32

certcli

kernel32

comctl32

advapi32

Sections

.text Size: 49KB - Virtual size: 49KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 67KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 49KB - Virtual size: 49KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 67KB

.rsrc
Size: 23KB - Virtual size: 22KB