a693835bcf9734c8eae1feacb1a2bda4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a693835bcf9734c8eae1feacb1a2bda4_JaffaCakes118
Size

101KB
MD5

a693835bcf9734c8eae1feacb1a2bda4
SHA1

32bd1f613fd98191d9ec870fff268e91e71d9138
SHA256

244616c337985a3324a867716f8a32cbfb32edf123ecbb13301e53027314ff1f
SHA512

5519219faeb33631ba856ed4e83480ed3eebad107e085b755e6c746b39857c95836a15b26c8a37d073e30262d756fcc487b8e119f46d8161f489f2d1529a69b0
SSDEEP

3072:jBGDcZFqBoo6KaIlaKQCEnFzwWJyQpXoy:jU4HqBoo6KaIeCEn2WPoy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a693835bcf9734c8eae1feacb1a2bda4_JaffaCakes118

Files

a693835bcf9734c8eae1feacb1a2bda4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2369a778d997522b9e1a11948810bf4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
GetDateFormatW
DeleteCriticalSection
GlobalUnlock
CloseHandle
InitializeCriticalSection
InterlockedDecrement
GetSystemWindowsDirectoryW
FileTimeToLocalFileTime
GetSystemDefaultLangID
GetLastError
lstrlenW
WideCharToMultiByte
OutputDebugStringW
SetLastError
OutputDebugStringA
FormatMessageW
RemoveDirectoryA
GlobalAlloc
lstrcmpiW
GetTickCount
LocalReAlloc
FileTimeToSystemTime
GetModuleHandleA
GlobalFree
GetComputerNameW
IsBadReadPtr
LocalFree
GetCurrentProcess
QueryPerformanceCounter
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetStartupInfoA
SetUnhandledExceptionFilter
GetACP
LoadLibraryW
GetModuleFileNameW
GlobalLock
lstrcpyW
InterlockedIncrement

user32

GetDlgItemTextA
SendMessageW
wsprintfW
SystemParametersInfoW
SetCursor
SetFocus
LoadImageW
GetDlgItem
ReleaseDC
LoadStringW
RegisterClipboardFormatW
GetParent
SetWindowTextW
InsertMenuItemW
DialogBoxParamW
SendDlgItemMessageW
WinHelpW
SetWindowLongW
LoadIconW
LoadBitmapW
SetDlgItemTextW
LoadCursorW
GetWindowLongW
MessageBoxW
EnableWindow
PostMessageW
GetDC
EndDialog

certcli

CACloseCA
CAGetCertTypeKeySpec
CAEnumCertTypesForCA
CAFindCertTypeByName
CAFreeCertTypeProperty
CACertTypeGetSecurity
CAGetCAProperty
CAFreeCertTypeExtensions
CAEnumCertTypes
CACertTypeSetSecurity
CASetCertTypeExtension
CAGetCertTypeExtensions
CAUpdateCertType
CACloseCertType
CAGetCertTypeProperty
CAGetCertTypePropertyEx
CAFreeCAProperty
CAFindByName
CAUpdateCA
CAAddCACertificateType
CAGetCertTypeFlags
CARemoveCACertificateType
CASetCertTypeProperty
CASetCertTypeFlags
CAEnumNextCertType
CACreateCertType
CASetCertTypeKeySpec

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW

comctl32

PropertySheetW
CreatePropertySheetPageW

msvcrt

wcstoul
wcschr
wcscmp
__RTDynamicCast
_initterm
memmove
vswprintf
_purecall
_wcsicmp
__dllonexit
??1type_info@@UAE@XZ
wcsstr
free
?terminate@@YAXXZ
_wcsupr
wcsrchr
mbstowcs
malloc
_adjust_fdiv
wcscat
??3@YAXPAX@Z
_except_handler3
wcslen
wcscpy
_onexit
??2@YAPAXI@Z

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2369a778d997522b9e1a11948810bf4f

Headers

File Characteristics

Imports

kernel32

user32

certcli

advapi32

comctl32

msvcrt

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 75KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 75KB

.rsrc
Size: 24KB - Virtual size: 23KB