9ccf71f492f8b55817511731110622b6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9ccf71f492f8b55817511731110622b6_JaffaCakes118
Size

102KB
MD5

9ccf71f492f8b55817511731110622b6
SHA1

d6c31f3598e6272e029260dc017fd069ae90a303
SHA256

4034cf5b34b78eb4e072842bc1fc90c814d4c095cf3eefea2379bbdcd74de795
SHA512

e4957326756dfdd07bcce228199f391e6c281f83c370efca12867095ebc60d3c991ed349dd5af16d16b23390cc2c25b487a7d79d67af380b0f76f66cb82afb79
SSDEEP

1536:WRrbX4pvWDccWAXVBRjuey0GcsB88sx5NfLbQSc8olGri2rwO3:WRgpvWDccWAXVBcHjB88sdvQx8b22F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ccf71f492f8b55817511731110622b6_JaffaCakes118

Files

9ccf71f492f8b55817511731110622b6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

974dd72dd64b3422da3a37542c5fc605

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
QueryPerformanceCounter
FileTimeToSystemTime
GlobalAlloc
InterlockedDecrement
GlobalLock
CloseHandle
GetProcAddress
GetEnvironmentStringsW
lstrcmpiW
SetLastError
RemoveDirectoryA
IsBadReadPtr
GetStartupInfoA
lstrlenW
FileTimeToLocalFileTime
InterlockedIncrement
GlobalUnlock
GlobalFree
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
lstrcpyW
GetCurrentProcess
GetSystemWindowsDirectoryW
LocalFree
InitializeCriticalSection
OutputDebugStringW
GetDateFormatW
GetModuleHandleA
LoadLibraryW
CreateFileW
GetTickCount
OutputDebugStringA
WideCharToMultiByte
FormatMessageW
GetCPInfo
LocalReAlloc
GetSystemDefaultLangID
GetComputerNameW
GetLastError
DeleteCriticalSection

certcli

CAAddCACertificateType
CAEnumCertTypes
CACloseCA
CAEnumNextCertType
CACreateCertType
CAEnumCertTypesForCA
CACloseCertType
CAGetCertTypePropertyEx
CAGetCertTypeFlags
CAFindByName
CAGetCertTypeExtensions
CASetCertTypeExtension
CAFreeCAProperty
CAFindCertTypeByName
CASetCertTypeFlags
CACertTypeGetSecurity
CASetCertTypeKeySpec
CASetCertTypeProperty
CAUpdateCA
CACertTypeSetSecurity
CAUpdateCertType
CAGetCertTypeKeySpec
CAFreeCertTypeProperty
CAFreeCertTypeExtensions
CAGetCertTypeProperty
CAGetCAProperty
CARemoveCACertificateType

msvcrt

wcscpy
_wcsicmp
??2@YAPAXI@Z
wcschr
wcscat
malloc
??3@YAXPAX@Z
_onexit
__dllonexit
??1type_info@@UAE@XZ
wcstoul
_wcsupr
__RTDynamicCast
_adjust_fdiv
_except_handler3
free
wcscmp
memmove
_initterm
vswprintf
wcsstr
wcslen
mbstowcs
wcsrchr
?terminate@@YAXXZ

user32

SetCursor
MessageBoxW
SystemParametersInfoW
LoadStringW
GetDlgItem
EndDialog
DialogBoxParamW
SetWindowTextW
SetDlgItemTextW
InsertMenuItemW
SendMessageW
WinHelpW
ReleaseDC
SetFocus
wsprintfW
RegisterClipboardFormatW
LoadCursorW
GetDlgItemTextA
PostMessageW
LoadImageW
LoadIconW
SendDlgItemMessageW
GetDC
SetWindowLongW
LoadBitmapW
GetWindowLongW
GetParent
EnableWindow

advapi32

RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

974dd72dd64b3422da3a37542c5fc605

Headers

File Characteristics

Imports

kernel32

certcli

msvcrt

user32

advapi32

comctl32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 77KB

.rsrc Size: 25KB - Virtual size: 24KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 77KB

.rsrc
Size: 25KB - Virtual size: 24KB