a263cd076fa92bc7cb022a9bf3399b7c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a263cd076fa92bc7cb022a9bf3399b7c_JaffaCakes118
Size

101KB
MD5

a263cd076fa92bc7cb022a9bf3399b7c
SHA1

2049c744c4de6c149da3b593254700ac4164c92e
SHA256

bea6c7403853ad2a8a8d86eb2076b6568b6098c490421ee1d5f5436184a8910e
SHA512

32c7deee9b402d50166fcbca465c6edcf7a9839271c4ca6fae2127bca246b5dd9ac0a956ce51dccb012245d05284f60fd7d556a9d9d82a8f84a71881f90d35ab
SSDEEP

1536:2XbJ11jGF6UsPVwWZQLqV/RMuThNQ75nXz4Nga+81I+XTHeYEePvY1iRqRpoq:mFXGcDVSWV/vNNiziJ5jHZPwcq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a263cd076fa92bc7cb022a9bf3399b7c_JaffaCakes118

Files

a263cd076fa92bc7cb022a9bf3399b7c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d3b790322f6bd2248b85113b376be45e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??2@YAPAXI@Z
wcscmp
memmove
__dllonexit
wcslen
_wcsicmp
_onexit
wcsrchr
_initterm
__RTDynamicCast
?terminate@@YAXXZ
vswprintf
_adjust_fdiv
_wcsupr
wcschr
wcsstr
free
wcscpy
??3@YAXPAX@Z
malloc
_except_handler3
mbstowcs
wcscat
??1type_info@@UAE@XZ
wcstoul

kernel32

LoadLibraryW
GetComputerNameW
lstrlenW
GetStartupInfoA
InitializeCriticalSection
GetSystemDefaultLangID
GetEnvironmentStringsW
FileTimeToSystemTime
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryW
IsBadReadPtr
GlobalFree
GetProcAddress
OutputDebugStringA
lstrcmpiW
SetLastError
RemoveDirectoryA
LocalReAlloc
GlobalUnlock
GetCPInfo
GetLastError
SetUnhandledExceptionFilter
InterlockedDecrement
CloseHandle
WideCharToMultiByte
GetTickCount
GetModuleFileNameW
InterlockedIncrement
DeleteCriticalSection
lstrcpyW
GlobalAlloc
CreateFileW
GetModuleHandleA
FileTimeToLocalFileTime
FormatMessageW
GlobalLock
GetDateFormatW
OutputDebugStringW
LocalFree
GetCurrentProcess

certcli

CAUpdateCA
CACertTypeGetSecurity
CAEnumNextCertType
CACloseCertType
CAGetCAProperty
CAFreeCAProperty
CAFreeCertTypeProperty
CASetCertTypeExtension
CACertTypeSetSecurity
CAFindCertTypeByName
CAUpdateCertType
CAGetCertTypeKeySpec
CAGetCertTypeFlags
CASetCertTypeFlags
CASetCertTypeKeySpec
CAEnumCertTypes
CAFreeCertTypeExtensions
CAEnumCertTypesForCA
CAGetCertTypePropertyEx
CACreateCertType
CACloseCA
CASetCertTypeProperty
CAAddCACertificateType
CAGetCertTypeProperty
CAGetCertTypeExtensions
CAFindByName
CARemoveCACertificateType

user32

ReleaseDC
GetDlgItem
GetDlgItemTextA
SystemParametersInfoW
LoadBitmapW
GetDC
SetWindowTextW
LoadIconW
SetDlgItemTextW
EndDialog
InsertMenuItemW
GetWindowLongW
WinHelpW
SetCursor
LoadImageW
MessageBoxW
SetWindowLongW
wsprintfW
EnableWindow
SendMessageW
PostMessageW
DialogBoxParamW
SetFocus
LoadStringW
GetParent
LoadCursorW
SendDlgItemMessageW
RegisterClipboardFormatW

advapi32

RegQueryValueExW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
RegDeleteKeyW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3b790322f6bd2248b85113b376be45e

Headers

File Characteristics

Imports

msvcrt

kernel32

certcli

user32

advapi32

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 104KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 104KB

.rsrc
Size: 24KB - Virtual size: 24KB