8c2b9f2646c85d8ba12a7657eef713cf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8c2b9f2646c85d8ba12a7657eef713cf_JaffaCakes118
Size

101KB
MD5

8c2b9f2646c85d8ba12a7657eef713cf
SHA1

cf98ce48f8b9c92da65855e7030552d8fd91db2d
SHA256

6994f8fd92bf86443e52adc8b0719c7470937dd7a83f30e85fb01c46cf9a2c0f
SHA512

9260b32d0ab4e1927fc7d749f17449d13cf4f6bc5cc00d9661d72d503dbd263dee5756847f84bf49b81d41e814632e21821ebaf493381e29b9a870c9dbcdd1c7
SSDEEP

1536:gaPt7XrRRaNCSX+AxmQxwgQiXVb6tIy4yt2Vb8/x9rfdnhViXk1tt3V1l/Lltvu:gaVjrSNTX+Axfgww/PwXklF1lDvu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c2b9f2646c85d8ba12a7657eef713cf_JaffaCakes118

Files

8c2b9f2646c85d8ba12a7657eef713cf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

83c13300d15b29e7e24566cda0263302

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CASetCertTypeExtension
CAUpdateCertType
CASetCertTypeFlags
CAFindByName
CASetCertTypeProperty
CAFreeCertTypeProperty
CAGetCertTypeProperty
CAUpdateCA
CACloseCA
CAEnumNextCertType
CAEnumCertTypes
CAGetCertTypeExtensions
CAEnumCertTypesForCA
CAFreeCAProperty
CAGetCAProperty
CAGetCertTypeFlags
CAFindCertTypeByName
CAGetCertTypeKeySpec
CACertTypeGetSecurity
CACertTypeSetSecurity
CAAddCACertificateType
CARemoveCACertificateType
CASetCertTypeKeySpec
CAGetCertTypePropertyEx
CACloseCertType
CACreateCertType
CAFreeCertTypeExtensions

kernel32

GetModuleHandleA
GetLastError
GlobalAlloc
CreateFileW
OutputDebugStringA
GetACP
GetComputerNameW
GlobalLock
lstrcmpiW
RemoveDirectoryA
FormatMessageW
GetStartupInfoA
GlobalFree
SetUnhandledExceptionFilter
InterlockedDecrement
IsBadReadPtr
InterlockedIncrement
GlobalUnlock
OutputDebugStringW
GetEnvironmentStringsW
lstrlenW
CloseHandle
LoadLibraryW
GetSystemDefaultLangID
GetSystemWindowsDirectoryW
GetCurrentProcess
InitializeCriticalSection
GetModuleFileNameW
GetDateFormatW
GetTickCount
lstrcpyW
LocalReAlloc
QueryPerformanceCounter
WideCharToMultiByte
FileTimeToSystemTime
FileTimeToLocalFileTime
SetLastError
GetSystemTimeAsFileTime
LocalFree
DeleteCriticalSection

user32

SendDlgItemMessageW
PostMessageW
LoadStringW
LoadImageW
SystemParametersInfoW
LoadCursorW
GetDlgItem
WinHelpW
InsertMenuItemW
LoadBitmapW
LoadIconW
SetFocus
SetDlgItemTextW
GetDC
SetWindowTextW
MessageBoxW
EndDialog
SetCursor
DialogBoxParamW
RegisterClipboardFormatW
ReleaseDC
SetWindowLongW
wsprintfW
GetParent
SendMessageW
GetDlgItemTextA
EnableWindow
GetWindowLongW

msvcrt

_except_handler3
__RTDynamicCast
_initterm
mbstowcs
_purecall
wcscmp
free
?terminate@@YAXXZ
wcscpy
wcscat
_onexit
wcstoul
??1type_info@@UAE@XZ
wcsstr
_wcsicmp
vswprintf
memmove
_adjust_fdiv
_wcsupr
??3@YAXPAX@Z
wcslen
??2@YAPAXI@Z
malloc
wcsrchr
__dllonexit
wcschr

advapi32

RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegQueryValueExW
RegDeleteValueW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83c13300d15b29e7e24566cda0263302

Headers

File Characteristics

Imports

certcli

kernel32

user32

msvcrt

advapi32

comctl32

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 85KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 85KB

.rsrc
Size: 23KB - Virtual size: 22KB