b7c267a614ea09f25e74eb055f7134c4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b7c267a614ea09f25e74eb055f7134c4_JaffaCakes118
Size

99KB
MD5

b7c267a614ea09f25e74eb055f7134c4
SHA1

62b4140d9e28f1167ce9700cd39629c31302d38d
SHA256

358f622fc21e9b589e8abc92961ec6c605374147e612e5f63e9e9c29f0fe490c
SHA512

6d0c4c182547cad01f8f750d949014566f769ec2b10ad33d1bfd03363fabab0dc88f780ba86ace886c7280633a4dcec63a4ea2457cb64516a6a40801a093b3b2
SSDEEP

1536:mQdrSHd9pL9tKS8nQHQ93Ii5JyDJmJfR/OIWjli/EVchNZ2u/4ClVk:1ed9t18QHQ93I0JAQOll0EoNv/flV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7c267a614ea09f25e74eb055f7134c4_JaffaCakes118

Files

b7c267a614ea09f25e74eb055f7134c4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

141f8fd88fd2e0a584b7f93f6577f119

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegSetValueExW

kernel32

InterlockedDecrement
LoadLibraryW
GetSystemWindowsDirectoryW
RemoveDirectoryA
GlobalAlloc
GetLastError
GetModuleFileNameW
OutputDebugStringW
lstrcpyW
GetDateFormatW
lstrcmpiW
LocalFree
GetEnvironmentStringsW
IsBadReadPtr
CloseHandle
FileTimeToLocalFileTime
GetCPInfo
GlobalUnlock
InitializeCriticalSection
SetUnhandledExceptionFilter
LocalReAlloc
lstrlenW
FormatMessageW
GetProcAddress
SetLastError
GetStartupInfoA
GetSystemDefaultLangID
GetTickCount
DeleteCriticalSection
InterlockedIncrement
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetCurrentProcess
OutputDebugStringA
GetModuleHandleA
GlobalLock
GetComputerNameW
WideCharToMultiByte
CreateFileW
GlobalFree
FileTimeToSystemTime

user32

SetFocus
SetWindowTextW
EnableWindow
SetCursor
ReleaseDC
GetWindowLongW
GetDC
wsprintfW
SetDlgItemTextW
RegisterClipboardFormatW
SendDlgItemMessageW
MessageBoxW
PostMessageW
GetDlgItem
WinHelpW
SystemParametersInfoW
LoadImageW
LoadCursorW
EndDialog
GetDlgItemTextA
SendMessageW
DialogBoxParamW
SetWindowLongW
LoadStringW
GetParent
LoadIconW
LoadBitmapW
InsertMenuItemW

certcli

CASetCertTypeKeySpec
CAEnumCertTypesForCA
CAGetCertTypeExtensions
CACloseCertType
CARemoveCACertificateType
CAEnumCertTypes
CACertTypeSetSecurity
CAFreeCAProperty
CAEnumNextCertType
CAFindCertTypeByName
CAFindByName
CAGetCertTypeProperty
CAUpdateCA
CACloseCA
CASetCertTypeExtension
CACreateCertType
CAFreeCertTypeExtensions
CAGetCertTypePropertyEx
CAGetCertTypeFlags
CACertTypeGetSecurity
CAGetCertTypeKeySpec
CAAddCACertificateType
CASetCertTypeProperty
CAFreeCertTypeProperty
CASetCertTypeFlags
CAUpdateCertType
CAGetCAProperty

msvcrt

__dllonexit
__RTDynamicCast
wcscpy
wcscat
_initterm
malloc
_adjust_fdiv
free
wcsrchr
wcstoul
mbstowcs
_onexit
_wcsicmp
wcschr
_wcsupr
wcscmp
??3@YAXPAX@Z
??2@YAPAXI@Z
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
wcsstr
wcslen
vswprintf
memmove

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

141f8fd88fd2e0a584b7f93f6577f119

Headers

File Characteristics

Imports

advapi32

kernel32

user32

certcli

msvcrt

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 80KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 80KB

.rsrc
Size: 23KB - Virtual size: 22KB