7eaa0abe32770580be8571b6ea266f7a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7eaa0abe32770580be8571b6ea266f7a_JaffaCakes118
Size

102KB
MD5

7eaa0abe32770580be8571b6ea266f7a
SHA1

5595e8d3dc73f5eee8d4ca139f505873dde4f19f
SHA256

d5d71b2a5475a318e6c883f7300ed83faa0ce95fc23276e5c219407534bb1710
SHA512

8eb3e1a1b9fcc2e18492352d07b9916f35b96edc1f48733f7b5e4ceb3c5a799de4083c7f839b5e2fdf9d51780cb47ff85ccb759a61df8835eb26474b2b9148fa
SSDEEP

1536:E96zjwG0jxyLoUYTl+nSdLQoHeDn41wx6n8p3vL9UaZfEduslSlWn4qr9t:EkzN0jxySRuSDHWx6OJUUhsiWn4qr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7eaa0abe32770580be8571b6ea266f7a_JaffaCakes118

Files

7eaa0abe32770580be8571b6ea266f7a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bf388d48a43ae35930a5850274154c0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
QueryPerformanceCounter
CloseHandle
GlobalAlloc
lstrcpyW
SetUnhandledExceptionFilter
LocalFree
GetSystemDefaultLangID
InterlockedDecrement
SetLastError
DeleteCriticalSection
GetCurrentProcess
FileTimeToSystemTime
RemoveDirectoryA
InterlockedIncrement
CreateFileW
GlobalLock
InitializeCriticalSection
FileTimeToLocalFileTime
OutputDebugStringW
GlobalUnlock
FormatMessageW
GetCPInfo
GetEnvironmentStringsW
GetProcAddress
GetModuleFileNameW
GetTickCount
GetModuleHandleA
GetSystemWindowsDirectoryW
GetStartupInfoA
IsBadReadPtr
WideCharToMultiByte
GetDateFormatW
GetComputerNameW
lstrlenW
LoadLibraryW
GetLastError
lstrcmpiW
GlobalFree
OutputDebugStringA
LocalReAlloc

msvcrt

wcscmp
wcslen
_adjust_fdiv
??3@YAXPAX@Z
wcscpy
memmove
vswprintf
??2@YAPAXI@Z
_onexit
wcsrchr
wcsstr
free
__dllonexit
_wcsupr
_wcsicmp
??1type_info@@UAE@XZ
_except_handler3
wcscat
_initterm
wcstoul
mbstowcs
?terminate@@YAXXZ
__RTDynamicCast
malloc
wcschr

certcli

CAFreeCertTypeProperty
CAEnumCertTypesForCA
CAEnumCertTypes
CASetCertTypeKeySpec
CAUpdateCertType
CAGetCertTypeFlags
CAGetCertTypeProperty
CACreateCertType
CAGetCertTypePropertyEx
CASetCertTypeExtension
CASetCertTypeProperty
CAUpdateCA
CARemoveCACertificateType
CACertTypeGetSecurity
CAFindByName
CAFreeCAProperty
CASetCertTypeFlags
CAAddCACertificateType
CAGetCAProperty
CACloseCA
CACertTypeSetSecurity
CACloseCertType
CAGetCertTypeExtensions
CAEnumNextCertType
CAGetCertTypeKeySpec
CAFindCertTypeByName
CAFreeCertTypeExtensions

user32

MessageBoxW
EnableWindow
RegisterClipboardFormatW
SendMessageW
SetCursor
EndDialog
GetDC
SetWindowTextW
LoadImageW
ReleaseDC
SystemParametersInfoW
WinHelpW
SendDlgItemMessageW
GetDlgItemTextA
LoadBitmapW
GetParent
wsprintfW
LoadCursorW
PostMessageW
SetFocus
LoadStringW
GetDlgItem
LoadIconW
SetWindowLongW
SetDlgItemTextW
DialogBoxParamW
GetWindowLongW
InsertMenuItemW

advapi32

RegDeleteValueW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf388d48a43ae35930a5850274154c0a

Headers

File Characteristics

Imports

kernel32

msvcrt

certcli

user32

advapi32

comctl32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 64KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 64KB

.rsrc
Size: 24KB - Virtual size: 24KB