a697b3a5568f47c3584d2301b59b6f72_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a697b3a5568f47c3584d2301b59b6f72_JaffaCakes118
Size

102KB
MD5

a697b3a5568f47c3584d2301b59b6f72
SHA1

358a686010755152e699267b0d7c9aeb8be429ab
SHA256

4e8a720bc22f25f837505797f4bc4218d7d3e4b1d616454de09d71daa945c154
SHA512

c9fc312b69e5e9c8d1da9ebf261e95fe060cd645af670c005dccc1cbebf3df84b3c1b9c3cd7902919d10bf2653200d380da3a9183e1721be6b0f7af40eb2e89f
SSDEEP

1536:zT04T7Jw5a5fQENYOuy9BO6ZxZgnmhWgB8tzP2I5RzKdmi1hTlw4gUraH:zPJwU5aSF2E8hnzKvo4c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a697b3a5568f47c3584d2301b59b6f72_JaffaCakes118

Files

a697b3a5568f47c3584d2301b59b6f72_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b6172f3c2ace36113d644bc036fae0f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextA
SetDlgItemTextW
GetDC
GetDlgItem
SetWindowTextW
LoadImageW
InsertMenuItemW
EndDialog
LoadStringW
GetParent
MessageBoxW
SystemParametersInfoW
SetFocus
SetWindowLongW
PostMessageW
ReleaseDC
WinHelpW
SendDlgItemMessageW
wsprintfW
DialogBoxParamW
SendMessageW
SetCursor
LoadIconW
EnableWindow
GetWindowLongW
RegisterClipboardFormatW
LoadBitmapW
LoadCursorW

kernel32

LocalFree
SetUnhandledExceptionFilter
GetCurrentProcess
GetComputerNameW
GetSystemDefaultLangID
GlobalFree
GetDateFormatW
InterlockedIncrement
CreateFileW
GetModuleFileNameW
GetLastError
LocalReAlloc
GlobalUnlock
QueryPerformanceCounter
DeleteCriticalSection
InterlockedDecrement
FileTimeToSystemTime
CloseHandle
RemoveDirectoryA
OutputDebugStringW
LoadLibraryW
GlobalLock
GetEnvironmentStringsW
GetStartupInfoA
GetSystemWindowsDirectoryW
SetLastError
lstrcpyW
GetModuleHandleA
lstrcmpiW
InitializeCriticalSection
GetProcAddress
GetTickCount
FileTimeToLocalFileTime
OutputDebugStringA
IsBadReadPtr
WideCharToMultiByte
GetSystemTimeAsFileTime
FormatMessageW
lstrlenW
GetCPInfo
GlobalAlloc

msvcrt

wcscmp
_except_handler3
??3@YAXPAX@Z
free
memmove
_wcsupr
_initterm
wcslen
__dllonexit
wcscat
_adjust_fdiv
__RTDynamicCast
malloc
wcstoul
?terminate@@YAXXZ
??1type_info@@UAE@XZ
wcscpy
_wcsicmp
mbstowcs
??2@YAPAXI@Z
wcsrchr
wcsstr
vswprintf
_onexit
wcschr

comctl32

CreatePropertySheetPageW
PropertySheetW

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegCloseKey
RegDeleteValueW
RegEnumKeyExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW

certcli

CAEnumCertTypesForCA
CAGetCertTypePropertyEx
CASetCertTypeExtension
CAEnumNextCertType
CASetCertTypeProperty
CAEnumCertTypes
CAAddCACertificateType
CARemoveCACertificateType
CAFreeCertTypeProperty
CASetCertTypeKeySpec
CASetCertTypeFlags
CAGetCertTypeProperty
CACertTypeSetSecurity
CACertTypeGetSecurity
CAGetCAProperty
CACreateCertType
CAFindByName
CACloseCertType
CAGetCertTypeFlags
CACloseCA
CAUpdateCertType
CAUpdateCA
CAGetCertTypeKeySpec
CAFindCertTypeByName
CAFreeCAProperty
CAGetCertTypeExtensions
CAFreeCertTypeExtensions

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6172f3c2ace36113d644bc036fae0f9

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

comctl32

advapi32

certcli

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 72KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 72KB

.rsrc
Size: 24KB - Virtual size: 24KB