9ef287c961bcf504d450614e958d789f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9ef287c961bcf504d450614e958d789f_JaffaCakes118
Size

100KB
MD5

9ef287c961bcf504d450614e958d789f
SHA1

486c47ee75a9d22a61c07e5e46fe2ed0083cb82b
SHA256

5bc308537209b5e22caf2d5407b4b049172cf6a6b98f1284b882d1c0bd0c8630
SHA512

721cc3c694fc5a795fc16201170c16638f0c5c3f312a2f56562077e3114463bb43683f18771dfd5abff3d32d7ee7ce8988bbcf57d55fe871f120c405efc20b40
SSDEEP

1536:fZ50o0T3D+jU53Joz2ZmhLKlJnzfvjc+PQhut4GOjO46AN4dbor:R50BTijUfoz20uQ3s4JjOX9dbm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
9ef287c961bcf504d450614e958d789f_JaffaCakes118

Files

9ef287c961bcf504d450614e958d789f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c5693d86566327d31fc13f0a55a26add

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memmove
wcschr
wcslen
__dllonexit
?terminate@@YAXXZ
malloc
_wcsupr
free
??3@YAXPAX@Z
wcscat
vswprintf
wcsrchr
wcscmp
??2@YAPAXI@Z
_initterm
_wcsicmp
__RTDynamicCast
_except_handler3
wcsstr
_onexit
mbstowcs
_adjust_fdiv
wcscpy
??1type_info@@UAE@XZ
wcstoul

certcli

CACloseCertType
CACertTypeGetSecurity
CAEnumNextCertType
CAUpdateCertType
CASetCertTypeProperty
CAFindCertTypeByName
CASetCertTypeExtension
CAFreeCertTypeExtensions
CAUpdateCA
CASetCertTypeKeySpec
CASetCertTypeFlags
CAGetCertTypeExtensions
CACreateCertType
CAFreeCAProperty
CAEnumCertTypes
CACertTypeSetSecurity
CAFreeCertTypeProperty
CAFindByName
CAGetCertTypePropertyEx
CAGetCertTypeFlags
CAAddCACertificateType
CARemoveCACertificateType
CAGetCAProperty
CAEnumCertTypesForCA
CAGetCertTypeProperty
CACloseCA
CAGetCertTypeKeySpec

kernel32

GetLastError
SetUnhandledExceptionFilter
LocalFree
LocalReAlloc
GlobalLock
GetComputerNameW
lstrlenW
SetLastError
GlobalFree
GetSystemWindowsDirectoryW
FileTimeToSystemTime
FileTimeToLocalFileTime
GlobalUnlock
CloseHandle
GetModuleFileNameW
CreateFileW
GetCPInfo
GetCurrentProcess
GlobalAlloc
WideCharToMultiByte
GetDateFormatW
QueryPerformanceCounter
OutputDebugStringW
GetSystemDefaultLangID
GetSystemTimeAsFileTime
InterlockedDecrement
FormatMessageW
InterlockedIncrement
lstrcmpiW
IsBadReadPtr
GetEnvironmentStringsW
GetStartupInfoA
GetProcAddress
OutputDebugStringA
InitializeCriticalSection
GetModuleHandleA
LoadLibraryW
GetCurrentThread
DeleteCriticalSection
lstrcpyW
GetTickCount

user32

DialogBoxParamW
LoadIconW
WinHelpW
EnableWindow
SetDlgItemTextW
GetDC
GetWindowLongW
SetCursor
SetFocus
SendMessageW
EndDialog
SetWindowLongW
LoadBitmapW
GetParent
InsertMenuItemW
PostMessageW
MessageBoxW
LoadImageW
GetDlgItem
SystemParametersInfoW
SetWindowTextW
LoadStringW
wsprintfW
LoadCursorW
SendDlgItemMessageW
RegisterClipboardFormatW
ReleaseDC
GetDlgItemTextA

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5693d86566327d31fc13f0a55a26add

Headers

File Characteristics

Imports

msvcrt

certcli

kernel32

user32

advapi32

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 73KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 73KB

.rsrc
Size: 23KB - Virtual size: 23KB