ba9834eaa4bfda2cc70980d24ceccc47_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ba9834eaa4bfda2cc70980d24ceccc47_JaffaCakes118
Size

99KB
MD5

ba9834eaa4bfda2cc70980d24ceccc47
SHA1

9f1e6ad54226ffe3aff31e468f4a6b3ec3ce760b
SHA256

6d4dec54d7ba8361e5a840d6a92daa356fa3a217ce60f3d75bd17458fb109efe
SHA512

dbc35d38faea0cd38d82baca3eda0fb5c3871681ab84628a60ba66d2991fdc6c6b1768422204651d8ebf5e9f25ec54556e92d35538a17429ed7f07f3c528a47f
SSDEEP

3072:dh6n/vTn1NtTXkclKEyix3j9INNxq73EPQc:dh8b1NFkcgAUNqP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba9834eaa4bfda2cc70980d24ceccc47_JaffaCakes118

Files

ba9834eaa4bfda2cc70980d24ceccc47_JaffaCakes118
.exe windows:5 windows x86 arch:x86

aa89f11ef9d35c24a683e1caf22fdac1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

free
_except_handler3
_wcsupr
wcscat
wcscpy
__RTDynamicCast
malloc
_onexit
memmove
?terminate@@YAXXZ
__dllonexit
_adjust_fdiv
wcsstr
_wcsicmp
wcscmp
wcschr
??3@YAXPAX@Z
??2@YAPAXI@Z
wcsrchr
mbstowcs
??1type_info@@UAE@XZ
vswprintf
wcslen
wcstoul
_initterm

kernel32

GetEnvironmentStringsW
GetCPInfo
GetModuleFileNameW
GetModuleHandleA
lstrlenW
FileTimeToLocalFileTime
InterlockedDecrement
SetUnhandledExceptionFilter
GetLastError
OutputDebugStringW
LoadLibraryW
GlobalFree
IsBadReadPtr
GetCurrentProcess
GetSystemDefaultLangID
GetComputerNameW
FormatMessageW
SetLastError
LocalReAlloc
InterlockedIncrement
CreateFileW
GetTickCount
WideCharToMultiByte
GetStartupInfoA
CloseHandle
DeleteCriticalSection
RemoveDirectoryA
QueryPerformanceCounter
OutputDebugStringA
GlobalAlloc
GetProcAddress
GetSystemWindowsDirectoryW
LocalFree
lstrcpyW
lstrcmpiW
FileTimeToSystemTime
GlobalLock
GetSystemTimeAsFileTime
InitializeCriticalSection
GlobalUnlock
GetDateFormatW

advapi32

RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey

certcli

CARemoveCACertificateType
CAGetCertTypeFlags
CAUpdateCA
CACloseCA
CACertTypeGetSecurity
CAGetCAProperty
CAGetCertTypeExtensions
CAFreeCertTypeProperty
CAFreeCertTypeExtensions
CASetCertTypeProperty
CAGetCertTypeKeySpec
CAEnumCertTypes
CAGetCertTypeProperty
CAFindByName
CAEnumNextCertType
CAAddCACertificateType
CASetCertTypeFlags
CACloseCertType
CASetCertTypeExtension
CACertTypeSetSecurity
CAGetCertTypePropertyEx
CAFindCertTypeByName
CAFreeCAProperty
CASetCertTypeKeySpec
CAUpdateCertType
CAEnumCertTypesForCA
CACreateCertType

user32

SetWindowTextW
LoadBitmapW
SendDlgItemMessageW
LoadCursorW
SetDlgItemTextW
LoadImageW
MessageBoxW
GetDC
SetCursor
EnableWindow
InsertMenuItemW
PostMessageW
LoadStringW
LoadIconW
wsprintfW
ReleaseDC
DialogBoxParamW
SetWindowLongW
GetWindowLongW
RegisterClipboardFormatW
GetParent
GetDlgItem
WinHelpW
SetFocus
GetDlgItemTextA
EndDialog
SystemParametersInfoW
SendMessageW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa89f11ef9d35c24a683e1caf22fdac1

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

certcli

user32

comctl32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 110KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 110KB

.rsrc
Size: 23KB - Virtual size: 23KB