b75c1a2d5de9ce393590079111185a95_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b75c1a2d5de9ce393590079111185a95_JaffaCakes118
Size

101KB
MD5

b75c1a2d5de9ce393590079111185a95
SHA1

2c066600dc7c71083db4151748e89b3c868b544e
SHA256

4e7da6be4f384fe15027b31e34a604aed0d081a4719cf7d1e59758637b33875c
SHA512

78ca673cbc3d7bc200c067fa4bbea1dd347cdadafca3354d0bf4c578c5650f2b3bf0495bfb2aa38ae180eb167cafcec3f8bc207a09a2e8d2100397c24c4e90b5
SSDEEP

3072:eXL86yCVvHJgrZOdETyqvAtsv4jyCFnn:2L8mxAZ6ET7AYCFnn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b75c1a2d5de9ce393590079111185a95_JaffaCakes118

Files

b75c1a2d5de9ce393590079111185a95_JaffaCakes118
.exe windows:5 windows x86 arch:x86

aa59c855cae7ee02680c8014c1c456bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
LocalFree
LoadLibraryW
QueryPerformanceCounter
GetLastError
GetSystemWindowsDirectoryW
CreateFileW
lstrcpyW
GlobalLock
FileTimeToSystemTime
lstrlenW
DeleteCriticalSection
GetSystemTimeAsFileTime
CloseHandle
InterlockedDecrement
lstrcmpiW
FormatMessageW
GetModuleFileNameW
GetEnvironmentStringsW
OutputDebugStringA
GetStartupInfoA
SetLastError
RemoveDirectoryA
OutputDebugStringW
LocalReAlloc
GlobalUnlock
SetUnhandledExceptionFilter
GetCurrentProcess
WideCharToMultiByte
GetModuleHandleA
GetTickCount
InitializeCriticalSection
GetACP
InterlockedIncrement
GetComputerNameW
GlobalAlloc
IsBadReadPtr
GetSystemDefaultLangID
FileTimeToLocalFileTime
GetDateFormatW

msvcrt

wcscat
_onexit
wcsrchr
??1type_info@@UAE@XZ
_initterm
??3@YAXPAX@Z
wcscpy
wcslen
wcstoul
_purecall
_adjust_fdiv
free
?terminate@@YAXXZ
wcschr
malloc
vswprintf
_wcsupr
_except_handler3
wcscmp
mbstowcs
_wcsicmp
memmove
wcsstr
__RTDynamicCast
??2@YAPAXI@Z
__dllonexit

user32

InsertMenuItemW
GetDlgItem
EnableWindow
GetDC
LoadStringW
RegisterClipboardFormatW
SetWindowLongW
SetWindowTextW
LoadBitmapW
SystemParametersInfoW
LoadIconW
SetDlgItemTextW
PostMessageW
GetParent
SetFocus
WinHelpW
LoadImageW
MessageBoxW
ReleaseDC
EndDialog
GetWindowLongW
GetDlgItemTextA
SetCursor
SendDlgItemMessageW
wsprintfW
DialogBoxParamW
LoadCursorW
SendMessageW

advapi32

RegCloseKey
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW

certcli

CAFreeCAProperty
CAEnumCertTypes
CAEnumNextCertType
CAFindByName
CAGetCertTypeProperty
CACreateCertType
CAUpdateCertType
CAFindCertTypeByName
CARemoveCACertificateType
CASetCertTypeProperty
CASetCertTypeFlags
CAGetCertTypeFlags
CAGetCertTypeKeySpec
CASetCertTypeExtension
CAFreeCertTypeExtensions
CASetCertTypeKeySpec
CAAddCACertificateType
CAGetCAProperty
CAGetCertTypeExtensions
CACloseCA
CACloseCertType
CAEnumCertTypesForCA
CACertTypeSetSecurity
CAUpdateCA
CACertTypeGetSecurity
CAFreeCertTypeProperty
CAGetCertTypePropertyEx

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa59c855cae7ee02680c8014c1c456bf

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

certcli

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 98KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 98KB

.rsrc
Size: 24KB - Virtual size: 24KB