a0a39d704fc5b48ca26c497a040c725a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a0a39d704fc5b48ca26c497a040c725a_JaffaCakes118
Size

101KB
MD5

a0a39d704fc5b48ca26c497a040c725a
SHA1

e903e81dfc47ec04378ce8e2e2a27e957dcac91d
SHA256

052ecfc595e29ca83b0bef559d89e3e30ea0d9d90a272bf76f03c6bacc632ae4
SHA512

3ed5316969fc80436942492f959644cd932c56d414672480e1f91da302dcb36e85e655e9c603181ba678fa3654a2bf6372f06f98930e68f55b211057ad000678
SSDEEP

1536:0/nt8Swh6bM2lvE8/CE5THmWF1utUtJAPQLJ9l4mwBCNiF12hXeHH:MZbflMsCEBGWF7JbL7WHQN/hyH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0a39d704fc5b48ca26c497a040c725a_JaffaCakes118

Files

a0a39d704fc5b48ca26c497a040c725a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bd626abea755bd45e3376b1501e4499e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatW
LoadLibraryW
GetModuleHandleA
OutputDebugStringW
GetCPInfo
LocalReAlloc
CreateFileW
GetSystemTimeAsFileTime
OutputDebugStringA
InterlockedDecrement
FileTimeToSystemTime
CloseHandle
GetStartupInfoA
GlobalLock
GlobalUnlock
GetModuleFileNameW
GetComputerNameW
FileTimeToLocalFileTime
GetTickCount
QueryPerformanceCounter
GetCurrentProcess
SetLastError
SetUnhandledExceptionFilter
GlobalAlloc
GetProcAddress
RemoveDirectoryA
LocalFree
lstrcmpiW
InitializeCriticalSection
GetSystemWindowsDirectoryW
IsBadReadPtr
GetLastError
FormatMessageW
InterlockedIncrement
lstrlenW
GetEnvironmentStringsW
GetSystemDefaultLangID
WideCharToMultiByte
GlobalFree
lstrcpyW
DeleteCriticalSection

certcli

CAGetCertTypePropertyEx
CAGetCertTypeFlags
CASetCertTypeProperty
CAFreeCAProperty
CAGetCertTypeExtensions
CAEnumNextCertType
CASetCertTypeKeySpec
CAFreeCertTypeProperty
CASetCertTypeFlags
CACertTypeSetSecurity
CAAddCACertificateType
CAFreeCertTypeExtensions
CAGetCAProperty
CACloseCA
CAEnumCertTypes
CACloseCertType
CAUpdateCA
CAGetCertTypeProperty
CACertTypeGetSecurity
CARemoveCACertificateType
CAFindByName
CAGetCertTypeKeySpec
CAUpdateCertType
CASetCertTypeExtension
CACreateCertType
CAEnumCertTypesForCA
CAFindCertTypeByName

user32

SendMessageW
PostMessageW
InsertMenuItemW
LoadStringW
LoadBitmapW
GetWindowLongW
DialogBoxParamW
SystemParametersInfoW
MessageBoxW
SendDlgItemMessageW
wsprintfW
EndDialog
LoadIconW
GetDlgItem
GetDlgItemTextA
GetParent
LoadCursorW
SetCursor
LoadImageW
EnableWindow
SetDlgItemTextW
GetDC
SetWindowTextW
SetFocus
WinHelpW
SetWindowLongW
ReleaseDC
RegisterClipboardFormatW

msvcrt

_initterm
wcscpy
wcschr
wcscmp
free
__dllonexit
wcslen
??3@YAXPAX@Z
memmove
mbstowcs
malloc
_wcsupr
vswprintf
?terminate@@YAXXZ
wcscat
wcsrchr
_except_handler3
??1type_info@@UAE@XZ
_adjust_fdiv
??2@YAPAXI@Z
_wcsicmp
wcsstr
__RTDynamicCast
wcstoul
_onexit

comctl32

CreatePropertySheetPageW
PropertySheetW

advapi32

RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCloseKey

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd626abea755bd45e3376b1501e4499e

Headers

File Characteristics

Imports

kernel32

certcli

user32

msvcrt

comctl32

advapi32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 96KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 96KB

.rsrc
Size: 24KB - Virtual size: 24KB