aa2234cb21a71e4d414bed3b644dacb2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aa2234cb21a71e4d414bed3b644dacb2_JaffaCakes118
Size

101KB
MD5

aa2234cb21a71e4d414bed3b644dacb2
SHA1

3fd923e9144404cdeed850efa5c1222d65cc40ae
SHA256

6ef81d0a2ec5467c7ee2db0678f1d0d567a715067525f2ea435b257cd96922d1
SHA512

4060346c013e076d0c1d9a84d5be3442bed949180f3e87f4d2ad95d8edb2586519ef7a8d521b251e3245319de9cc49f4ee9852c16b7b74265afe139810135a07
SSDEEP

1536:jCmigaWJg3nAdMxaTBibtNNPVS5bQs51U6R+rD92wpYSXBUbo9/RZIMMp8mITPvH:GoKAWxdtb9+YBDXBUCRZgp8mGvH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa2234cb21a71e4d414bed3b644dacb2_JaffaCakes118

Files

aa2234cb21a71e4d414bed3b644dacb2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4e3d58f614c34e111e8ed8f73d3f8a2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowTextW
GetDC
GetDlgItem
MessageBoxW
RegisterClipboardFormatW
GetDlgItemTextA
wsprintfW
InsertMenuItemW
SetDlgItemTextW
SetWindowLongW
LoadBitmapW
SetCursor
SendDlgItemMessageW
GetParent
SystemParametersInfoW
LoadIconW
ReleaseDC
SendMessageW
LoadCursorW
EndDialog
GetWindowLongW
LoadStringW
EnableWindow
SetFocus
LoadImageW
WinHelpW
DialogBoxParamW
PostMessageW

kernel32

LocalFree
GetDateFormatW
CloseHandle
GetSystemWindowsDirectoryW
GetTickCount
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
FileTimeToSystemTime
GetACP
GlobalAlloc
GetCurrentProcess
GetStartupInfoA
IsBadReadPtr
GetLastError
GetEnvironmentStringsW
WideCharToMultiByte
OutputDebugStringA
lstrcpyW
InitializeCriticalSection
DeleteCriticalSection
GetSystemDefaultLangID
GlobalFree
GlobalLock
CreateFileW
OutputDebugStringW
lstrlenW
InterlockedDecrement
InterlockedIncrement
SetUnhandledExceptionFilter
SetLastError
GetModuleFileNameW
lstrcmpiW
LoadLibraryW
RemoveDirectoryA
FormatMessageW
GlobalUnlock
GetModuleHandleA
GetComputerNameW
LocalReAlloc
QueryPerformanceCounter

msvcrt

wcsstr
wcstoul
malloc
??3@YAXPAX@Z
vswprintf
_initterm
_adjust_fdiv
_onexit
__dllonexit
??2@YAPAXI@Z
wcscmp
wcslen
wcsrchr
wcschr
??1type_info@@UAE@XZ
wcscpy
_wcsupr
wcscat
_purecall
__RTDynamicCast
_except_handler3
_wcsicmp
mbstowcs
?terminate@@YAXXZ
free
memmove

certcli

CAGetCAProperty
CAFreeCertTypeProperty
CAGetCertTypeExtensions
CAFindByName
CAEnumCertTypesForCA
CAGetCertTypeProperty
CASetCertTypeExtension
CACloseCA
CAEnumCertTypes
CAGetCertTypeKeySpec
CACreateCertType
CAEnumNextCertType
CAUpdateCertType
CACloseCertType
CASetCertTypeKeySpec
CAFreeCAProperty
CAAddCACertificateType
CAGetCertTypeFlags
CARemoveCACertificateType
CASetCertTypeProperty
CACertTypeGetSecurity
CACertTypeSetSecurity
CASetCertTypeFlags
CAFindCertTypeByName
CAGetCertTypePropertyEx
CAFreeCertTypeExtensions
CAUpdateCA

advapi32

RegQueryValueExW
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e3d58f614c34e111e8ed8f73d3f8a2b

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

certcli

advapi32

comctl32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 110KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 110KB

.rsrc
Size: 23KB - Virtual size: 22KB