ae2e26a8499e4699d15a2a7bbb1af69a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ae2e26a8499e4699d15a2a7bbb1af69a_JaffaCakes118
Size

100KB
MD5

ae2e26a8499e4699d15a2a7bbb1af69a
SHA1

e36b53eb6c3644e57e98769be5fbb7f45d44222f
SHA256

a2ed3c09f5f581b6206be43ae0b8f54ac433068d2f62f4e623f5817b5dfb34ee
SHA512

b00a62c9fa4bd396c6e485cf4d5c82d08c8ffa44fd91f251705f9dedcec8330a63ca4193d54e13cffb89dc1c76090f4c60c1a60b99e4acdc56d34cc865ed162a
SSDEEP

1536:hkP44bl0v9jnvFaty5T0QKT/kE3BJjJieSWayf8YyvjYIrbFMo:hkP4AlAPr5T0wE3dieSGOY0r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae2e26a8499e4699d15a2a7bbb1af69a_JaffaCakes118

Files

ae2e26a8499e4699d15a2a7bbb1af69a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d3087d2b968176efc0625f6377771bdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
lstrcmpiW
SetLastError
GetCurrentProcess
RemoveDirectoryA
lstrcpyW
GetEnvironmentStringsW
GetSystemDefaultLangID
GetProcAddress
GlobalLock
OutputDebugStringW
FileTimeToSystemTime
GetSystemTimeAsFileTime
DeleteCriticalSection
GetSystemWindowsDirectoryW
IsBadReadPtr
GetDateFormatW
WideCharToMultiByte
FormatMessageW
lstrlenW
GlobalAlloc
GetStartupInfoA
GetComputerNameW
LoadLibraryW
LocalReAlloc
OutputDebugStringA
CreateFileW
InitializeCriticalSection
GlobalUnlock
GetModuleHandleA
GlobalFree
GetModuleFileNameW
GetCPInfo
CloseHandle
SetUnhandledExceptionFilter
InterlockedIncrement
GetTickCount
GetLastError
InterlockedDecrement
QueryPerformanceCounter
FileTimeToLocalFileTime

user32

WinHelpW
SetWindowLongW
EnableWindow
GetWindowLongW
SendDlgItemMessageW
GetParent
GetDC
InsertMenuItemW
DialogBoxParamW
GetDlgItem
LoadCursorW
SendMessageW
ReleaseDC
LoadBitmapW
RegisterClipboardFormatW
SetDlgItemTextW
SystemParametersInfoW
SetCursor
LoadIconW
LoadImageW
EndDialog
PostMessageW
SetFocus
MessageBoxW
GetDlgItemTextA
SetWindowTextW
LoadStringW
wsprintfW

certcli

CACloseCertType
CARemoveCACertificateType
CAEnumCertTypes
CASetCertTypeFlags
CAGetCertTypePropertyEx
CACertTypeGetSecurity
CAGetCertTypeFlags
CAGetCertTypeExtensions
CACloseCA
CAEnumCertTypesForCA
CAFreeCertTypeExtensions
CAGetCertTypeKeySpec
CAFreeCAProperty
CASetCertTypeExtension
CACertTypeSetSecurity
CAFindCertTypeByName
CAUpdateCertType
CAFreeCertTypeProperty
CAUpdateCA
CACreateCertType
CAFindByName
CAAddCACertificateType
CAGetCAProperty
CAGetCertTypeProperty
CASetCertTypeKeySpec
CAEnumNextCertType
CASetCertTypeProperty

advapi32

RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegCreateKeyExW

msvcrt

??2@YAPAXI@Z
memmove
__dllonexit
_except_handler3
wcscpy
mbstowcs
??1type_info@@UAE@XZ
free
_onexit
_adjust_fdiv
wcslen
wcscmp
wcstoul
wcschr
??3@YAXPAX@Z
_initterm
wcsrchr
wcscat
?terminate@@YAXXZ
wcsstr
__RTDynamicCast
malloc
_wcsicmp
vswprintf
_wcsupr

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3087d2b968176efc0625f6377771bdc

Headers

File Characteristics

Imports

kernel32

user32

certcli

advapi32

msvcrt

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 96KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 96KB

.rsrc
Size: 23KB - Virtual size: 23KB