8a7e6c7d49f867002fa4164eb81c708d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8a7e6c7d49f867002fa4164eb81c708d_JaffaCakes118
Size

101KB
MD5

8a7e6c7d49f867002fa4164eb81c708d
SHA1

9190927b98a3475910002fc9bf4f1ea3c044ddd3
SHA256

3d79067eebb706a0939b5cdbf2f207cb86ddf25f23406800f32da2d60c3bbf66
SHA512

92833f3e37db7c53f7fa61b6b54d4749cf27a6cf2e178675a98053e0dc18798e830aa9dd06352f726e622d6597c62ca62ff7a0a885f232b6a7bda2913180c3fe
SSDEEP

1536:s2jbDunUIWkepd4/hXCijlj2nQB5ofpigiq01UThLG:ssImp7e7B5ofpigiq01UT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a7e6c7d49f867002fa4164eb81c708d_JaffaCakes118

Files

8a7e6c7d49f867002fa4164eb81c708d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

14bbbb392e45f5699874823815bf32bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAFindByName
CACloseCA
CASetCertTypeKeySpec
CARemoveCACertificateType
CAGetCertTypeFlags
CAGetCertTypePropertyEx
CAFreeCertTypeExtensions
CASetCertTypeFlags
CAGetCertTypeKeySpec
CAFreeCertTypeProperty
CACreateCertType
CAAddCACertificateType
CAUpdateCertType
CAEnumCertTypes
CAFreeCAProperty
CAGetCertTypeExtensions
CAGetCAProperty
CACloseCertType
CASetCertTypeProperty
CAUpdateCA
CAEnumCertTypesForCA
CAGetCertTypeProperty
CACertTypeGetSecurity
CAFindCertTypeByName
CASetCertTypeExtension
CACertTypeSetSecurity
CAEnumNextCertType

kernel32

GetLastError
QueryPerformanceCounter
OutputDebugStringW
InterlockedIncrement
GetTickCount
lstrcmpiW
FormatMessageW
OutputDebugStringA
GlobalFree
RemoveDirectoryA
InitializeCriticalSection
LocalReAlloc
GetEnvironmentStringsW
SetLastError
LocalFree
FileTimeToLocalFileTime
GetModuleFileNameW
CreateFileW
SetUnhandledExceptionFilter
WideCharToMultiByte
GetModuleHandleA
lstrcpyW
GetSystemDefaultLangID
IsBadReadPtr
GetCurrentProcess
DeleteCriticalSection
GlobalUnlock
FileTimeToSystemTime
GetStartupInfoA
GlobalAlloc
InterlockedDecrement
LoadLibraryW
GetACP
GetSystemWindowsDirectoryW
lstrlenW
GetDateFormatW
GetComputerNameW
CloseHandle
GetSystemTimeAsFileTime
GlobalLock

user32

GetParent
EnableWindow
InsertMenuItemW
PostMessageW
SendMessageW
GetDlgItem
GetDC
MessageBoxW
GetDlgItemTextA
GetWindowLongW
SetDlgItemTextW
SetCursor
LoadBitmapW
RegisterClipboardFormatW
LoadImageW
SendDlgItemMessageW
wsprintfW
SetWindowTextW
WinHelpW
SetFocus
ReleaseDC
LoadIconW
SystemParametersInfoW
DialogBoxParamW
LoadStringW
SetWindowLongW
EndDialog
LoadCursorW

msvcrt

wcslen
wcscmp
_wcsupr
free
?terminate@@YAXXZ
??2@YAPAXI@Z
__RTDynamicCast
??3@YAXPAX@Z
memmove
__dllonexit
_purecall
_onexit
wcstoul
wcschr
malloc
_except_handler3
_wcsicmp
vswprintf
wcscat
wcsrchr
_adjust_fdiv
wcscpy
mbstowcs
_initterm
wcsstr
??1type_info@@UAE@XZ

comctl32

PropertySheetW
CreatePropertySheetPageW

advapi32

RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyExW
RegDeleteValueW
RegCloseKey

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14bbbb392e45f5699874823815bf32bd

Headers

File Characteristics

Imports

certcli

kernel32

user32

msvcrt

comctl32

advapi32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 65KB

.rsrc Size: 25KB - Virtual size: 24KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 65KB

.rsrc
Size: 25KB - Virtual size: 24KB