ac3bf3c8ea4f45da026d106ab74fec76_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ac3bf3c8ea4f45da026d106ab74fec76_JaffaCakes118
Size

101KB
MD5

ac3bf3c8ea4f45da026d106ab74fec76
SHA1

d113e392873a7d1d80b2054c7ca4a06513458b91
SHA256

d2e2bf2421faec581f6966d1a67da23bdaa725377417df2dd6601ad689d1309e
SHA512

066e511746733259d9fa26af4da168285a27a4ebb5fca6c0f3afc080fd8ca13bf57047fcb452da30425e07af21e7c089101e60844b6520ece07b4cd525f82637
SSDEEP

1536:Yv+A3t+URzbSl0BtMdoEi6RkPQ3/0j4ogU4Kc7yEX6Fkevnv7wgtw8LL:YT1zbo7i64QP6QU4Kc7pKFLnTltw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac3bf3c8ea4f45da026d106ab74fec76_JaffaCakes118

Files

ac3bf3c8ea4f45da026d106ab74fec76_JaffaCakes118
.exe windows:5 windows x86 arch:x86

45594d1546c6594143e611e5ffd66bbd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
SetLastError
GlobalAlloc
GlobalLock
GetLastError
FileTimeToSystemTime
FormatMessageW
WideCharToMultiByte
IsBadReadPtr
FileTimeToLocalFileTime
InterlockedIncrement
GetEnvironmentStringsW
InitializeCriticalSection
QueryPerformanceCounter
LocalReAlloc
GetStartupInfoA
lstrcmpiW
OutputDebugStringW
GetCPInfo
GetSystemWindowsDirectoryW
LocalFree
CloseHandle
GlobalFree
LoadLibraryW
CreateFileW
InterlockedDecrement
GetTickCount
GetCurrentThread
GetSystemTimeAsFileTime
GetModuleHandleA
OutputDebugStringA
GlobalUnlock
lstrcpyW
GetComputerNameW
GetProcAddress
SetUnhandledExceptionFilter
GetModuleFileNameW
GetDateFormatW
GetSystemDefaultLangID
GetCurrentProcess
DeleteCriticalSection

user32

GetWindowLongW
ReleaseDC
DialogBoxParamW
SetFocus
wsprintfW
SetWindowTextW
PostMessageW
SetCursor
LoadImageW
GetDlgItem
LoadIconW
GetParent
SystemParametersInfoW
GetDC
InsertMenuItemW
LoadBitmapW
SendMessageW
SetWindowLongW
GetDlgItemTextA
LoadCursorW
LoadStringW
EnableWindow
RegisterClipboardFormatW
SendDlgItemMessageW
EndDialog
MessageBoxW
SetDlgItemTextW
WinHelpW

msvcrt

_wcsupr
malloc
?terminate@@YAXXZ
vswprintf
free
mbstowcs
__dllonexit
wcscpy
_except_handler3
wcsrchr
_initterm
_onexit
memmove
??2@YAPAXI@Z
wcschr
??3@YAXPAX@Z
_wcsicmp
_adjust_fdiv
wcstoul
__RTDynamicCast
wcsstr
wcslen
wcscmp
??1type_info@@UAE@XZ
wcscat

certcli

CAUpdateCertType
CACertTypeSetSecurity
CACloseCA
CASetCertTypeExtension
CAEnumCertTypes
CAFreeCertTypeProperty
CAFindByName
CACertTypeGetSecurity
CACreateCertType
CASetCertTypeProperty
CAFreeCertTypeExtensions
CAEnumCertTypesForCA
CAUpdateCA
CAEnumNextCertType
CASetCertTypeKeySpec
CAGetCertTypeExtensions
CACloseCertType
CAGetCertTypeKeySpec
CAGetCAProperty
CAGetCertTypeFlags
CARemoveCACertificateType
CAFreeCAProperty
CASetCertTypeFlags
CAGetCertTypeProperty
CAGetCertTypePropertyEx
CAFindCertTypeByName
CAAddCACertificateType

comctl32

PropertySheetW
CreatePropertySheetPageW

advapi32

RegCloseKey
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45594d1546c6594143e611e5ffd66bbd

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

certcli

comctl32

advapi32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 81KB

.rsrc Size: 25KB - Virtual size: 24KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 81KB

.rsrc
Size: 25KB - Virtual size: 24KB