80d86a7b1b697998e9bb6f0c6ffcd3f8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

80d86a7b1b697998e9bb6f0c6ffcd3f8_JaffaCakes118
Size

99KB
MD5

80d86a7b1b697998e9bb6f0c6ffcd3f8
SHA1

417b7065d9cfe94d6c86d65398034dbbbd07042b
SHA256

657911a989bfc2b9fc3eee45f3d38ebc5e3192e01779fe54abf4176ad3fd94ea
SHA512

79d67c00a70a4bc13d83e64c4359c4f4c16f2f3564fa7372b8b97dacaf86f2466df4bfac0ebac09f58f9213e2cf074393e544d1883af59524ca3fee6f38846c0
SSDEEP

1536:w5o6kdOjg3H18IgGeLiBysEggecdbBrIVqUFgn7OUF4:FdK018rG6ClKb6kR7OU+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
80d86a7b1b697998e9bb6f0c6ffcd3f8_JaffaCakes118

Files

80d86a7b1b697998e9bb6f0c6ffcd3f8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

560c020bc6156cc539a31123d86808d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CARemoveCACertificateType
CAGetCertTypeProperty
CAAddCACertificateType
CASetCertTypeFlags
CAFreeCertTypeProperty
CAEnumCertTypes
CAGetCertTypePropertyEx
CAFreeCAProperty
CACloseCertType
CAGetCertTypeKeySpec
CAUpdateCA
CAEnumCertTypesForCA
CAGetCAProperty
CAEnumNextCertType
CASetCertTypeProperty
CAFindCertTypeByName
CAGetCertTypeFlags
CAFindByName
CAGetCertTypeExtensions
CASetCertTypeExtension
CAFreeCertTypeExtensions
CACloseCA
CACertTypeSetSecurity
CACertTypeGetSecurity
CACreateCertType
CASetCertTypeKeySpec
CAUpdateCertType

kernel32

InterlockedDecrement
GetSystemTimeAsFileTime
lstrcpyW
GetSystemWindowsDirectoryW
GetLastError
LoadLibraryW
GetSystemDefaultLangID
SetUnhandledExceptionFilter
IsBadReadPtr
GetModuleFileNameW
GetACP
GetEnvironmentStringsW
InitializeCriticalSection
QueryPerformanceCounter
FileTimeToSystemTime
GlobalAlloc
GetCurrentProcess
CreateFileW
lstrlenW
OutputDebugStringW
GlobalUnlock
GetTickCount
InterlockedIncrement
FormatMessageW
lstrcmpiW
GetComputerNameW
FileTimeToLocalFileTime
CloseHandle
LocalReAlloc
RemoveDirectoryA
GlobalLock
WideCharToMultiByte
GetStartupInfoA
GlobalFree
SetLastError
GetModuleHandleA
OutputDebugStringA
GetDateFormatW
DeleteCriticalSection
LocalFree

user32

LoadStringW
SetFocus
DialogBoxParamW
GetWindowLongW
SystemParametersInfoW
MessageBoxW
RegisterClipboardFormatW
wsprintfW
LoadImageW
WinHelpW
SendDlgItemMessageW
GetDlgItemTextA
PostMessageW
SetCursor
ReleaseDC
EnableWindow
LoadIconW
InsertMenuItemW
SendMessageW
GetParent
EndDialog
GetDlgItem
GetDC
SetWindowTextW
LoadCursorW
SetDlgItemTextW
SetWindowLongW
LoadBitmapW

advapi32

RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW

msvcrt

wcscpy
wcscmp
wcsrchr
wcslen
?terminate@@YAXXZ
mbstowcs
_adjust_fdiv
_wcsupr
wcstoul
vswprintf
wcscat
free
??1type_info@@UAE@XZ
_initterm
__dllonexit
_onexit
memmove
_wcsicmp
??3@YAXPAX@Z
_purecall
wcschr
wcsstr
_except_handler3
__RTDynamicCast
malloc
??2@YAPAXI@Z

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

560c020bc6156cc539a31123d86808d4

Headers

File Characteristics

Imports

certcli

kernel32

user32

advapi32

msvcrt

comctl32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 71KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 71KB

.rsrc
Size: 23KB - Virtual size: 22KB