9e615b4473736e36a3a4b905ba4e5dd3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9e615b4473736e36a3a4b905ba4e5dd3_JaffaCakes118
Size

100KB
MD5

9e615b4473736e36a3a4b905ba4e5dd3
SHA1

ad09eff42e53a6d1292d08beb07e72ab8012684f
SHA256

151c503fdd9f0a770baeb86095bf50eb1c520c24acde53530adbc2aa38bfdd54
SHA512

303e1dd3ab2f05ab8099efa745e10faf1148c5f664f7eec24387481a185aae1e2bc3eedbf4032d3ab6754db0eb1ea057700090cf9482d632e41d098f89aa6c85
SSDEEP

1536:3ozAxOgx3FbuxjPPvA1pChZwvU5XvJex8R6epg6uY+1kMvpYJHlK:YzoLhuxjPArCwvUvYa6Wg6uY+Cv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
9e615b4473736e36a3a4b905ba4e5dd3_JaffaCakes118

Files

9e615b4473736e36a3a4b905ba4e5dd3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0b4e224f71ac91126172fb7c5a61edd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CARemoveCACertificateType
CAEnumCertTypesForCA
CACloseCertType
CASetCertTypeKeySpec
CAGetCertTypeProperty
CAGetCertTypeKeySpec
CAGetCAProperty
CAGetCertTypePropertyEx
CAEnumNextCertType
CAFreeCertTypeExtensions
CACloseCA
CAUpdateCA
CAAddCACertificateType
CACertTypeSetSecurity
CASetCertTypeProperty
CAUpdateCertType
CAEnumCertTypes
CAGetCertTypeExtensions
CACertTypeGetSecurity
CACreateCertType
CAFreeCertTypeProperty
CAFindByName
CAGetCertTypeFlags
CASetCertTypeExtension
CAFindCertTypeByName
CASetCertTypeFlags
CAFreeCAProperty

kernel32

FormatMessageW
GlobalFree
CreateFileW
GetSystemTimeAsFileTime
WideCharToMultiByte
IsBadReadPtr
GetSystemDefaultLangID
GlobalUnlock
GetModuleHandleA
FileTimeToLocalFileTime
lstrcpyW
CloseHandle
SetLastError
GetSystemWindowsDirectoryW
LoadLibraryW
GetCPInfo
GetDateFormatW
QueryPerformanceCounter
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
OutputDebugStringW
GetProcAddress
SetUnhandledExceptionFilter
GlobalLock
GetEnvironmentStringsW
InitializeCriticalSection
GetComputerNameW
LocalFree
GetTickCount
FileTimeToSystemTime
GetCurrentProcess
lstrlenW
DeleteCriticalSection
lstrcmpiW
GetLastError
LocalReAlloc
OutputDebugStringA
GetCurrentThread
GlobalAlloc
GetStartupInfoA

msvcrt

_wcsupr
_except_handler3
malloc
??3@YAXPAX@Z
memmove
wcsrchr
vswprintf
wcsstr
__RTDynamicCast
free
??1type_info@@UAE@XZ
wcslen
wcscat
_initterm
?terminate@@YAXXZ
_adjust_fdiv
wcschr
_onexit
__dllonexit
wcscpy
wcscmp
_wcsicmp
mbstowcs
wcstoul
??2@YAPAXI@Z

user32

GetDlgItemTextA
GetParent
DialogBoxParamW
ReleaseDC
InsertMenuItemW
SetFocus
LoadCursorW
SetWindowLongW
SetWindowTextW
GetWindowLongW
EndDialog
SetDlgItemTextW
SendMessageW
GetDC
LoadImageW
SystemParametersInfoW
RegisterClipboardFormatW
LoadStringW
GetDlgItem
EnableWindow
LoadBitmapW
PostMessageW
LoadIconW
SetCursor
WinHelpW
SendDlgItemMessageW
wsprintfW
MessageBoxW

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
RegSetValueExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b4e224f71ac91126172fb7c5a61edd3

Headers

File Characteristics

Imports

certcli

kernel32

msvcrt

user32

advapi32

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 107KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 107KB

.rsrc
Size: 23KB - Virtual size: 23KB