9dfa28d30a5ba36e126bd54ef9477c1a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9dfa28d30a5ba36e126bd54ef9477c1a_JaffaCakes118
Size

100KB
MD5

9dfa28d30a5ba36e126bd54ef9477c1a
SHA1

5e1084df5aa621e81f241e114262114cc5208b8d
SHA256

a254f028f78380069b3bf5c9022d559ad5018173edf3f84217641d12f1bc4b48
SHA512

75a7822a77bb3ac94d696955b3034c2e8639b55e7586ee98f0af444333d8fab536287744dceb507a25b6b8e0953a7fc6ac09a10c90a3580d7cdd01130d3793ff
SSDEEP

1536:S6ji+hI216ff4KS3J7yq5y0lJN3tXaP25V10Y4rXiReQoRbzrqXp:S6jiQyf4jYQTvNjV1oXiReQoRbvqXp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9dfa28d30a5ba36e126bd54ef9477c1a_JaffaCakes118

Files

9dfa28d30a5ba36e126bd54ef9477c1a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9b62db668c2212ca22269be81a9907ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcscat
mbstowcs
_adjust_fdiv
free
??1type_info@@UAE@XZ
_initterm
wcschr
wcsstr
wcscpy
_wcsicmp
_purecall
wcslen
wcstoul
??2@YAPAXI@Z
vswprintf
_except_handler3
__RTDynamicCast
malloc
wcsrchr
memmove
_wcsupr
_onexit
?terminate@@YAXXZ
wcscmp
__dllonexit
??3@YAXPAX@Z

user32

PostMessageW
MessageBoxW
LoadCursorW
GetDlgItemTextA
RegisterClipboardFormatW
GetWindowLongW
WinHelpW
SendMessageW
InsertMenuItemW
LoadImageW
SetCursor
wsprintfW
GetDC
SendDlgItemMessageW
GetDlgItem
SetWindowLongW
ReleaseDC
GetParent
LoadIconW
SetWindowTextW
SetFocus
EnableWindow
DialogBoxParamW
SystemParametersInfoW
SetDlgItemTextW
LoadStringW
EndDialog
LoadBitmapW

kernel32

lstrcmpiW
LocalReAlloc
FileTimeToSystemTime
WideCharToMultiByte
GlobalFree
DeleteCriticalSection
LocalFree
GetLastError
GetSystemDefaultLangID
SetLastError
GetDateFormatW
GetComputerNameW
GetACP
FileTimeToLocalFileTime
InterlockedDecrement
GetModuleHandleA
GlobalAlloc
GlobalLock
OutputDebugStringA
GlobalUnlock
GetTickCount
FormatMessageW
LoadLibraryW
GetSystemWindowsDirectoryW
GetEnvironmentStringsW
GetCurrentProcess
GetStartupInfoA
OutputDebugStringW
IsBadReadPtr
InterlockedIncrement
CreateFileW
QueryPerformanceCounter
lstrcpyW
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
InitializeCriticalSection
GetModuleFileNameW
lstrlenW
CloseHandle
RemoveDirectoryA

advapi32

RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW

certcli

CAGetCertTypeKeySpec
CAFreeCertTypeExtensions
CAEnumCertTypesForCA
CACertTypeGetSecurity
CAEnumCertTypes
CAUpdateCertType
CAFindByName
CAGetCertTypeFlags
CACloseCA
CAGetCertTypePropertyEx
CAEnumNextCertType
CARemoveCACertificateType
CAGetCertTypeExtensions
CACreateCertType
CAFindCertTypeByName
CACertTypeSetSecurity
CASetCertTypeKeySpec
CACloseCertType
CAGetCertTypeProperty
CASetCertTypeProperty
CAGetCAProperty
CAUpdateCA
CASetCertTypeFlags
CAFreeCAProperty
CASetCertTypeExtension
CAAddCACertificateType
CAFreeCertTypeProperty

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b62db668c2212ca22269be81a9907ea

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

advapi32

certcli

comctl32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 104KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 104KB

.rsrc
Size: 23KB - Virtual size: 22KB