b191a19e26d9c7a6acf51fdf071fb4fd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b191a19e26d9c7a6acf51fdf071fb4fd_JaffaCakes118
Size

102KB
MD5

b191a19e26d9c7a6acf51fdf071fb4fd
SHA1

923477e284a465b0d02dd920945e56a66c754cb9
SHA256

b6c078c103827a23b14c95c6c02a19869a4c89697ff16d959ac25c53e709ff61
SHA512

cd9dc78442e2ea138e80dff9716a792eaf3d572e695bbcc9fc142d53ac460c9d79fa27555877acd3caeb404152c76bba5fd5cc8551dc55a90128e57fd32fb4e0
SSDEEP

3072:uU1H5wnzx992sUMgyyGQGFro9OVfJy17TK9n:NN5wzSMqfOVfJe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
b191a19e26d9c7a6acf51fdf071fb4fd_JaffaCakes118

Files

b191a19e26d9c7a6acf51fdf071fb4fd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d870fa7c6e3adf70d666c653723c6e1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfW
InsertMenuItemW
SetDlgItemTextW
SetWindowTextW
SendDlgItemMessageW
DialogBoxParamW
LoadIconW
GetDlgItem
LoadBitmapW
PostMessageW
GetDC
MessageBoxW
RegisterClipboardFormatW
LoadCursorW
ReleaseDC
SendMessageW
GetParent
WinHelpW
EnableWindow
SetFocus
GetWindowLongW
LoadImageW
GetDlgItemTextA
SetCursor
LoadStringW
EndDialog
SystemParametersInfoW
SetWindowLongW

kernel32

LocalFree
GetCurrentProcess
CloseHandle
FormatMessageW
InitializeCriticalSection
RemoveDirectoryA
WideCharToMultiByte
GetModuleFileNameW
GetSystemTimeAsFileTime
GetStartupInfoA
SetUnhandledExceptionFilter
GlobalAlloc
GetComputerNameW
SetLastError
GetSystemWindowsDirectoryW
GlobalLock
IsBadReadPtr
GlobalUnlock
GlobalFree
lstrcmpiW
GetProcAddress
QueryPerformanceCounter
lstrlenW
lstrcpyW
LocalReAlloc
CreateFileW
InterlockedDecrement
FileTimeToLocalFileTime
GetModuleHandleA
GetLastError
LoadLibraryW
OutputDebugStringA
GetTickCount
GetDateFormatW
GetCPInfo
OutputDebugStringW
GetEnvironmentStringsW
GetSystemDefaultLangID
DeleteCriticalSection
FileTimeToSystemTime
InterlockedIncrement

advapi32

RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW

certcli

CAEnumCertTypesForCA
CAFreeCertTypeExtensions
CAFindByName
CAAddCACertificateType
CASetCertTypeProperty
CAFindCertTypeByName
CASetCertTypeExtension
CAFreeCAProperty
CAGetCertTypeKeySpec
CAEnumNextCertType
CAUpdateCA
CAGetCAProperty
CACloseCA
CAFreeCertTypeProperty
CACertTypeGetSecurity
CACloseCertType
CAGetCertTypePropertyEx
CASetCertTypeKeySpec
CACreateCertType
CAUpdateCertType
CASetCertTypeFlags
CAGetCertTypeFlags
CAEnumCertTypes
CACertTypeSetSecurity
CAGetCertTypeExtensions
CAGetCertTypeProperty
CARemoveCACertificateType

msvcrt

wcsrchr
??1type_info@@UAE@XZ
wcslen
_wcsicmp
vswprintf
?terminate@@YAXXZ
_initterm
memmove
wcscmp
_wcsupr
_onexit
wcsstr
wcscat
??3@YAXPAX@Z
mbstowcs
_except_handler3
free
malloc
_adjust_fdiv
__dllonexit
wcstoul
wcschr
wcscpy
??2@YAPAXI@Z
__RTDynamicCast

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d870fa7c6e3adf70d666c653723c6e1c

Headers

File Characteristics

Imports

user32

kernel32

advapi32

certcli

msvcrt

comctl32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 97KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 97KB

.rsrc
Size: 23KB - Virtual size: 23KB