a5a3f5da8f4a6e14e20229beacb35fa8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a5a3f5da8f4a6e14e20229beacb35fa8_JaffaCakes118
Size

100KB
MD5

a5a3f5da8f4a6e14e20229beacb35fa8
SHA1

cfe789a2e8fe361420d2aea063999aaf4a60c2a6
SHA256

819d0d21ae481fabbe0f11d42dc226f8d6d1ce60c0bc169497e4c7faab31b22e
SHA512

9d8c283947eb8205a5df9187ef837a83a7059438ef16e0082064c9c3469b32226c75af9f54e6a808dc6e99a7c4b6f06c2a229773accef8b43c87ba1c9d97d5a7
SSDEEP

1536:GnzLSinxQ+h3NfYE9beOb/fq0Wr5JEPR5ih0hRZlb/z2iEFrIdgNN:GVQ+h3lY+d7g5JI4Elb6iYI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5a3f5da8f4a6e14e20229beacb35fa8_JaffaCakes118

Files

a5a3f5da8f4a6e14e20229beacb35fa8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

811df03884daf5827e1c56477a6cdd65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetFocus
SystemParametersInfoW
SetCursor
SetWindowLongW
LoadIconW
LoadImageW
SendDlgItemMessageW
SetWindowTextW
GetParent
DialogBoxParamW
GetDlgItemTextA
InsertMenuItemW
WinHelpW
GetDC
LoadCursorW
MessageBoxW
GetWindowLongW
PostMessageW
EnableWindow
ReleaseDC
wsprintfW
RegisterClipboardFormatW
SendMessageW
LoadBitmapW
LoadStringW
EndDialog
GetDlgItem
SetDlgItemTextW

kernel32

GlobalLock
InterlockedDecrement
GetComputerNameW
GetTickCount
GetStartupInfoA
IsBadReadPtr
GetModuleFileNameW
LocalFree
GetModuleHandleA
GetDateFormatW
GetCurrentProcess
OutputDebugStringW
LocalReAlloc
CreateFileW
GetSystemWindowsDirectoryW
DeleteCriticalSection
QueryPerformanceCounter
RemoveDirectoryA
FormatMessageW
OutputDebugStringA
lstrcmpiW
CloseHandle
GlobalUnlock
GetLastError
GetSystemTimeAsFileTime
GetProcAddress
SetLastError
WideCharToMultiByte
GetSystemDefaultLangID
FileTimeToSystemTime
SetUnhandledExceptionFilter
InterlockedIncrement
GetCPInfo
GlobalFree
GlobalAlloc
lstrlenW
FileTimeToLocalFileTime
GetEnvironmentStringsW
InitializeCriticalSection
lstrcpyW
LoadLibraryW

msvcrt

wcscat
free
__dllonexit
_wcsicmp
??2@YAPAXI@Z
?terminate@@YAXXZ
wcsstr
??1type_info@@UAE@XZ
mbstowcs
_wcsupr
_onexit
_except_handler3
wcslen
_adjust_fdiv
malloc
__RTDynamicCast
wcstoul
??3@YAXPAX@Z
wcscmp
wcschr
memmove
wcsrchr
_initterm
wcscpy
vswprintf

certcli

CARemoveCACertificateType
CAGetCertTypeKeySpec
CASetCertTypeFlags
CACreateCertType
CAFindByName
CAGetCertTypeExtensions
CAUpdateCA
CAGetCertTypeFlags
CAFindCertTypeByName
CAFreeCertTypeExtensions
CAEnumNextCertType
CASetCertTypeProperty
CACertTypeGetSecurity
CAGetCertTypePropertyEx
CACertTypeSetSecurity
CAFreeCertTypeProperty
CASetCertTypeKeySpec
CACloseCertType
CAEnumCertTypes
CAFreeCAProperty
CACloseCA
CAAddCACertificateType
CAGetCAProperty
CASetCertTypeExtension
CAGetCertTypeProperty
CAUpdateCertType
CAEnumCertTypesForCA

advapi32

RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

811df03884daf5827e1c56477a6cdd65

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

certcli

advapi32

comctl32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 100KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 100KB

.rsrc
Size: 23KB - Virtual size: 23KB