93366a3c236a7528b6ed73609f35705a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

93366a3c236a7528b6ed73609f35705a_JaffaCakes118
Size

99KB
MD5

93366a3c236a7528b6ed73609f35705a
SHA1

828f75f7d354bce8dd6b4fbff4d727983441036a
SHA256

5b2a72c1e81ab330dc727b7137b21b02218e831bbc1eccc69a9feeab3fc0267b
SHA512

a8b89db02c2f7b779633122731ae93e9b2d4b9a105560968a12245614ae0d996bbc3f07243e8a80779a2342d8edb1a493badaec2ae0d5a630b7e5e82352c4fed
SSDEEP

1536:ICZQ52KA9kHRjj4MrWlGiTQfOWEZ6/aWdzLJMq6/p7XuyZotNRN:LZ9ZuHR3ruGhfvEQTPJM9/9Xu46N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
93366a3c236a7528b6ed73609f35705a_JaffaCakes118

Files

93366a3c236a7528b6ed73609f35705a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

edf744e9e9d2330c0358ec24cb71ce23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
GetTickCount
IsBadReadPtr
CreateFileW
WideCharToMultiByte
OutputDebugStringA
GlobalAlloc
GetLastError
GetSystemWindowsDirectoryW
GetDateFormatW
LoadLibraryW
GetComputerNameW
CloseHandle
GetModuleFileNameW
LocalReAlloc
lstrlenW
SetLastError
GetModuleHandleA
SetUnhandledExceptionFilter
lstrcmpiW
GlobalUnlock
RemoveDirectoryA
LocalFree
GetCurrentProcess
GlobalLock
OutputDebugStringW
FileTimeToSystemTime
lstrcpyW
InterlockedIncrement
InterlockedDecrement
GetStartupInfoA
QueryPerformanceCounter
GetSystemDefaultLangID
DeleteCriticalSection
FileTimeToLocalFileTime
GetACP
GlobalFree
GetEnvironmentStringsW
GetSystemTimeAsFileTime
FormatMessageW

certcli

CAFindByName
CAFreeCertTypeExtensions
CAEnumCertTypes
CACloseCertType
CAUpdateCA
CAGetCertTypePropertyEx
CAEnumCertTypesForCA
CAAddCACertificateType
CAGetCertTypeFlags
CASetCertTypeFlags
CAUpdateCertType
CACreateCertType
CAEnumNextCertType
CACertTypeSetSecurity
CAGetCertTypeExtensions
CASetCertTypeProperty
CAFreeCAProperty
CARemoveCACertificateType
CACertTypeGetSecurity
CACloseCA
CAGetCAProperty
CAGetCertTypeProperty
CAFindCertTypeByName
CAGetCertTypeKeySpec
CASetCertTypeKeySpec
CAFreeCertTypeProperty
CASetCertTypeExtension

user32

WinHelpW
RegisterClipboardFormatW
LoadImageW
LoadBitmapW
SendMessageW
wsprintfW
SetWindowTextW
SetFocus
EndDialog
SendDlgItemMessageW
LoadStringW
SetWindowLongW
GetParent
SetDlgItemTextW
GetDlgItem
DialogBoxParamW
SetCursor
MessageBoxW
GetDlgItemTextA
GetWindowLongW
LoadCursorW
LoadIconW
ReleaseDC
GetDC
InsertMenuItemW
EnableWindow
SystemParametersInfoW
PostMessageW

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW

msvcrt

?terminate@@YAXXZ
??3@YAXPAX@Z
memmove
_wcsicmp
free
vswprintf
_wcsupr
wcstoul
_except_handler3
malloc
wcsrchr
__RTDynamicCast
_initterm
mbstowcs
_adjust_fdiv
wcsstr
_onexit
??2@YAPAXI@Z
wcschr
wcslen
??1type_info@@UAE@XZ
wcscat
wcscmp
_purecall
wcscpy
__dllonexit

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edf744e9e9d2330c0358ec24cb71ce23

Headers

File Characteristics

Imports

kernel32

certcli

user32

advapi32

msvcrt

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 123KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 123KB

.rsrc
Size: 23KB - Virtual size: 22KB