9c50b5624c8bf6506bbf00e71c79ed84_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9c50b5624c8bf6506bbf00e71c79ed84_JaffaCakes118
Size

98KB
MD5

9c50b5624c8bf6506bbf00e71c79ed84
SHA1

e2bad52e507ae9a176acd27eeed733a24b93ef07
SHA256

2892f39051dd5f597b8fc1f7aab755740f810ebd8144ed10b44c26d8ade0c6b8
SHA512

b49325d86dab3dbcdcb5abdfebe050e9735e384934c6da3e2db7fd05aaea7e52acdebf81b514b00003a045a8330b31faca7c73e0789fa56055739d3998c5d62a
SSDEEP

3072:qucSgM7IMEZHdCscdaCIp5XNrwfrsYpSdAq:hck7IL9C3b89lwfedA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c50b5624c8bf6506bbf00e71c79ed84_JaffaCakes118

Files

9c50b5624c8bf6506bbf00e71c79ed84_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ade203019626ca4a9bf6e8a726bb05cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadImageW
LoadIconW
ReleaseDC
GetDC
SystemParametersInfoW
EndDialog
GetWindowLongW
GetDlgItemTextA
SetCursor
SendDlgItemMessageW
SetWindowTextW
RegisterClipboardFormatW
InsertMenuItemW
WinHelpW
GetDlgItem
SetWindowLongW
SendMessageW
LoadBitmapW
wsprintfW
MessageBoxW
DialogBoxParamW
SetFocus
PostMessageW
LoadStringW
GetParent
LoadCursorW
SetDlgItemTextW
EnableWindow

certcli

CAEnumCertTypesForCA
CAFindCertTypeByName
CASetCertTypeExtension
CASetCertTypeFlags
CASetCertTypeKeySpec
CACloseCertType
CACertTypeSetSecurity
CARemoveCACertificateType
CAGetCertTypeProperty
CAFreeCAProperty
CAGetCertTypeExtensions
CACertTypeGetSecurity
CAGetCertTypeKeySpec
CAFindByName
CAEnumNextCertType
CACreateCertType
CAGetCertTypeFlags
CAEnumCertTypes
CASetCertTypeProperty
CAFreeCertTypeExtensions
CAFreeCertTypeProperty
CAUpdateCertType
CAAddCACertificateType
CAGetCAProperty
CAGetCertTypePropertyEx
CAUpdateCA
CACloseCA

kernel32

GetComputerNameW
LoadLibraryW
GetDateFormatW
GlobalFree
SetLastError
LocalFree
CreateFileW
GlobalUnlock
lstrcmpiW
GetTickCount
GetProcAddress
DeleteCriticalSection
GlobalAlloc
RemoveDirectoryA
GetCurrentProcess
QueryPerformanceCounter
GetModuleHandleA
GetSystemWindowsDirectoryW
FormatMessageW
CloseHandle
InterlockedIncrement
GetSystemTimeAsFileTime
lstrcpyW
LocalReAlloc
GetEnvironmentStringsW
GetCPInfo
SetUnhandledExceptionFilter
GlobalLock
OutputDebugStringW
InterlockedDecrement
OutputDebugStringA
WideCharToMultiByte
lstrlenW
FileTimeToLocalFileTime
GetLastError
IsBadReadPtr
GetStartupInfoA
GetModuleFileNameW
InitializeCriticalSection
GetSystemDefaultLangID
FileTimeToSystemTime

msvcrt

wcschr
wcstoul
_onexit
wcsrchr
??1type_info@@UAE@XZ
wcscat
_adjust_fdiv
wcscpy
_initterm
wcslen
wcsstr
malloc
?terminate@@YAXXZ
??3@YAXPAX@Z
vswprintf
_wcsicmp
mbstowcs
memmove
??2@YAPAXI@Z
wcscmp
free
__dllonexit
_except_handler3
__RTDynamicCast
_wcsupr

comctl32

CreatePropertySheetPageW
PropertySheetW

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ade203019626ca4a9bf6e8a726bb05cb

Headers

File Characteristics

Imports

user32

certcli

kernel32

msvcrt

comctl32

advapi32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 99KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 99KB

.rsrc
Size: 23KB - Virtual size: 22KB