9960aef6de80d780d945ebfda56d75da_JaffaCakes118

Resubmissions

25-11-2024 05:04

241125-fp9lkswlaj 10

Sharing

Copy URL

Twitter E-mail

General

Target

9960aef6de80d780d945ebfda56d75da_JaffaCakes118
Size

102KB
MD5

9960aef6de80d780d945ebfda56d75da
SHA1

cfd95d524e22c0f41e66ad87b11bcb84265141ed
SHA256

50a1019e08663b3b6d6380f18e9131a150870a4d7f145829f4f822d54d1b080a
SHA512

f73ece768286061e97a067a4b1d22fe5a79060d1a117e3f593e9ff00c701d10a0be4b12c5030fc90d70347a9291c793d52ade67f585d9bd2b57dea48c6c68635
SSDEEP

3072:rF/YgtbYjaBIM5HCT+rhh7Fz6h1JlH6GJtDvzXI:Z7JdL1dh7Fz6h1LaGJ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9960aef6de80d780d945ebfda56d75da_JaffaCakes118

Files

9960aef6de80d780d945ebfda56d75da_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a7788893702c3e0b4396b976841c3889

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringW
DeleteCriticalSection
GlobalAlloc
GetCurrentProcess
GlobalUnlock
GetComputerNameW
lstrcpyW
FileTimeToSystemTime
LoadLibraryW
CreateFileW
lstrlenW
GetSystemWindowsDirectoryW
LocalReAlloc
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
RemoveDirectoryA
GetStartupInfoA
GetModuleFileNameW
FileTimeToLocalFileTime
CloseHandle
GetACP
GetModuleHandleA
QueryPerformanceCounter
GlobalLock
FormatMessageW
lstrcmpiW
GlobalFree
InterlockedIncrement
OutputDebugStringA
GetTickCount
IsBadReadPtr
GetLastError
SetLastError
InitializeCriticalSection
GetDateFormatW
GetEnvironmentStringsW
InterlockedDecrement
WideCharToMultiByte
GetSystemDefaultLangID
LocalFree

user32

InsertMenuItemW
ReleaseDC
SetDlgItemTextW
MessageBoxW
SendMessageW
SystemParametersInfoW
LoadCursorW
GetWindowLongW
wsprintfW
RegisterClipboardFormatW
GetParent
SetFocus
SetCursor
LoadStringW
LoadImageW
DialogBoxParamW
GetDC
EnableWindow
EndDialog
GetDlgItemTextA
WinHelpW
SetWindowLongW
LoadBitmapW
SetWindowTextW
LoadIconW
PostMessageW
SendDlgItemMessageW
GetDlgItem

advapi32

RegCloseKey
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW

msvcrt

_initterm
free
mbstowcs
??2@YAPAXI@Z
_wcsupr
wcscat
??1type_info@@UAE@XZ
wcsstr
wcscmp
__RTDynamicCast
wcscpy
memmove
wcslen
__dllonexit
??3@YAXPAX@Z
malloc
wcschr
vswprintf
wcstoul
?terminate@@YAXXZ
_adjust_fdiv
_except_handler3
_wcsicmp
_purecall
wcsrchr
_onexit

certcli

CAFindCertTypeByName
CAGetCAProperty
CACloseCA
CAGetCertTypeExtensions
CAEnumCertTypes
CASetCertTypeKeySpec
CAAddCACertificateType
CAUpdateCA
CAFreeCAProperty
CAEnumNextCertType
CACreateCertType
CAFindByName
CAFreeCertTypeProperty
CASetCertTypeExtension
CARemoveCACertificateType
CAGetCertTypePropertyEx
CACertTypeSetSecurity
CAGetCertTypeProperty
CAGetCertTypeFlags
CACertTypeGetSecurity
CAUpdateCertType
CAEnumCertTypesForCA
CASetCertTypeProperty
CASetCertTypeFlags
CAGetCertTypeKeySpec
CACloseCertType
CAFreeCertTypeExtensions

comctl32

PropertySheetW
CreatePropertySheetPageW

gdi32

CreateFontIndirectW
DeleteObject
GetDeviceCaps

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

a7788893702c3e0b4396b976841c3889

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

certcli

comctl32

gdi32

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 123KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 123KB

.rsrc
Size: 24KB - Virtual size: 23KB