864e6c2e5ce155f6494a78f9a492f624_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

864e6c2e5ce155f6494a78f9a492f624_JaffaCakes118
Size

102KB
MD5

864e6c2e5ce155f6494a78f9a492f624
SHA1

a48c43ea05eda74f71ea81c970063f4419cbf542
SHA256

e67a97fde5e4fd7436e34a19a9633c0c75f1c2596e9c24ebf871ab7cfc79d5a2
SHA512

2129a850de0d4ddd00c9edb1dd8ae08ef08fb526879a4bc1287e5da2987897a38f29d32ad2c8318b74e0f31d9df42983b35e49d5c2c554efae7a416228eb042d
SSDEEP

1536:zkhuZE1ZiJQR+pHN69YJgXL9kxWaHseMP7/l5SKV7Wm+63:YhuOiJQReNUriWY4DLSKV7WE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
864e6c2e5ce155f6494a78f9a492f624_JaffaCakes118

Files

864e6c2e5ce155f6494a78f9a492f624_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4421bc9907f0747f893f7269af794611

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW

msvcrt

_wcsupr
??2@YAPAXI@Z
wcscpy
wcscmp
wcstoul
malloc
mbstowcs
_onexit
memmove
free
??1type_info@@UAE@XZ
__RTDynamicCast
wcschr
_wcsicmp
?terminate@@YAXXZ
_except_handler3
wcsstr
_initterm
wcsrchr
vswprintf
__dllonexit
_adjust_fdiv
??3@YAXPAX@Z
wcslen
wcscat

certcli

CAGetCertTypeProperty
CASetCertTypeExtension
CAGetCAProperty
CAFreeCertTypeExtensions
CAAddCACertificateType
CAFindByName
CACloseCA
CACertTypeGetSecurity
CACloseCertType
CAUpdateCertType
CAFreeCertTypeProperty
CAGetCertTypeExtensions
CAFindCertTypeByName
CARemoveCACertificateType
CAEnumCertTypes
CACertTypeSetSecurity
CAGetCertTypePropertyEx
CAEnumNextCertType
CAUpdateCA
CACreateCertType
CASetCertTypeProperty
CAFreeCAProperty
CASetCertTypeKeySpec
CAEnumCertTypesForCA
CASetCertTypeFlags
CAGetCertTypeKeySpec
CAGetCertTypeFlags

kernel32

InterlockedIncrement
OutputDebugStringW
InitializeCriticalSection
GlobalUnlock
CloseHandle
QueryPerformanceCounter
SetLastError
GetCurrentProcess
GetTickCount
GetLastError
RemoveDirectoryA
lstrcmpiW
LoadLibraryW
lstrcpyW
DeleteCriticalSection
GetDateFormatW
IsBadReadPtr
GlobalFree
GetModuleFileNameW
LocalFree
GlobalLock
GetModuleHandleA
GetStartupInfoA
SetUnhandledExceptionFilter
FormatMessageW
InterlockedDecrement
OutputDebugStringA
lstrlenW
GetEnvironmentStringsW
WideCharToMultiByte
GetSystemDefaultLangID
GetSystemWindowsDirectoryW
FileTimeToSystemTime
GetCPInfo
LocalReAlloc
GetProcAddress
GetComputerNameW
CreateFileW
FileTimeToLocalFileTime
GlobalAlloc
GetSystemTimeAsFileTime

user32

LoadCursorW
SystemParametersInfoW
SetFocus
GetParent
DialogBoxParamW
ReleaseDC
SendMessageW
EndDialog
LoadBitmapW
GetDC
SetWindowTextW
GetWindowLongW
GetDlgItemTextA
LoadImageW
PostMessageW
SetCursor
SetDlgItemTextW
InsertMenuItemW
WinHelpW
EnableWindow
GetDlgItem
wsprintfW
RegisterClipboardFormatW
SendDlgItemMessageW
SetWindowLongW
LoadIconW
MessageBoxW
LoadStringW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4421bc9907f0747f893f7269af794611

Headers

File Characteristics

Imports

advapi32

msvcrt

certcli

kernel32

user32

comctl32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 82KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 82KB

.rsrc
Size: 23KB - Virtual size: 23KB