b05f1c18ab6071c2180db8b5d6119fb1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b05f1c18ab6071c2180db8b5d6119fb1_JaffaCakes118
Size

101KB
MD5

b05f1c18ab6071c2180db8b5d6119fb1
SHA1

bf04b6a842fa7e66172cd029866b95986d467649
SHA256

962a3e65afa66786a33557eb0a13b6293b4a9ce607e20786a86956e1a1a64944
SHA512

9b6929fc4deb01f1f22e6472dc79d7f89c9c958d7a01c4c95a68ee3816c4c8d7e1f992feb08ebafb8ed5b2a9ea4b251909c3feb996c598db63b161ac6ba000f6
SSDEEP

3072:QnnCqm5oXIDmlumTm8ssxaP2qUbZXI9Z/:aCqm5sNumS8sfPfeZYj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b05f1c18ab6071c2180db8b5d6119fb1_JaffaCakes118

Files

b05f1c18ab6071c2180db8b5d6119fb1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3a5a5b8901ac0638d92343ee7f3af8a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CACertTypeGetSecurity
CAFreeCertTypeProperty
CACertTypeSetSecurity
CAEnumCertTypes
CAFindCertTypeByName
CARemoveCACertificateType
CAEnumNextCertType
CAUpdateCA
CAGetCertTypePropertyEx
CAFindByName
CAGetCertTypeExtensions
CASetCertTypeKeySpec
CAAddCACertificateType
CASetCertTypeFlags
CAUpdateCertType
CAEnumCertTypesForCA
CACloseCA
CAFreeCAProperty
CAGetCertTypeFlags
CACreateCertType
CAFreeCertTypeExtensions
CASetCertTypeExtension
CAGetCAProperty
CACloseCertType
CASetCertTypeProperty
CAGetCertTypeProperty
CAGetCertTypeKeySpec

kernel32

FileTimeToSystemTime
GlobalUnlock
GetEnvironmentStringsW
LocalFree
GetTickCount
GlobalLock
LocalReAlloc
CloseHandle
RemoveDirectoryA
GetSystemDefaultLangID
GetCPInfo
InterlockedDecrement
GetCurrentProcess
CreateFileW
OutputDebugStringA
lstrcpyW
lstrlenW
GetModuleFileNameW
SetLastError
lstrcmpiW
InterlockedIncrement
GetProcAddress
IsBadReadPtr
DeleteCriticalSection
GetModuleHandleA
SetUnhandledExceptionFilter
FormatMessageW
GetLastError
OutputDebugStringW
GetSystemWindowsDirectoryW
GetDateFormatW
WideCharToMultiByte
QueryPerformanceCounter
GlobalFree
GlobalAlloc
InitializeCriticalSection
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
LoadLibraryW
GetStartupInfoA
GetComputerNameW

user32

ReleaseDC
LoadStringW
DialogBoxParamW
RegisterClipboardFormatW
GetParent
InsertMenuItemW
GetDlgItemTextA
SystemParametersInfoW
SetDlgItemTextW
LoadBitmapW
SetWindowLongW
PostMessageW
EnableWindow
SetWindowTextW
MessageBoxW
WinHelpW
GetDC
SendDlgItemMessageW
LoadImageW
SetFocus
SetCursor
SendMessageW
GetDlgItem
wsprintfW
GetWindowLongW
LoadCursorW
EndDialog
LoadIconW

msvcrt

wcsrchr
?terminate@@YAXXZ
free
mbstowcs
__dllonexit
wcscpy
_onexit
_wcsicmp
??1type_info@@UAE@XZ
__RTDynamicCast
wcslen
wcscat
??3@YAXPAX@Z
_wcsupr
vswprintf
wcschr
wcscmp
_except_handler3
malloc
wcsstr
_adjust_fdiv
wcstoul
_initterm
memmove
??2@YAPAXI@Z

advapi32

RegCloseKey
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a5a5b8901ac0638d92343ee7f3af8a6

Headers

File Characteristics

Imports

certcli

kernel32

user32

msvcrt

advapi32

comctl32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 113KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 113KB

.rsrc
Size: 23KB - Virtual size: 22KB