b85e0939d7b8c32cf324cd15508e9652_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b85e0939d7b8c32cf324cd15508e9652_JaffaCakes118
Size

99KB
MD5

b85e0939d7b8c32cf324cd15508e9652
SHA1

9a6fe9d91114e2c02d4d64ff9a19a5d21364c07f
SHA256

8fab6288a9a72151fc735c5fc9331d2705fcb082c90a6ddcfabd6fbc4a59fb5e
SHA512

0846ff3864fe483049e4c08dd9955793e2f2d686aaaa7a4757978643cde9a6125b850b992aa90945f9c133843eb15ded429dc22dfb3145d9e2107d015275785b
SSDEEP

3072:L2sYciXTtAsL+pR1eDSv90dZmku5Usva5ErrnJn:qsy5VL+pR1eDhmku1aCR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b85e0939d7b8c32cf324cd15508e9652_JaffaCakes118

Files

b85e0939d7b8c32cf324cd15508e9652_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9aa40ffa76d33fa418c90966d295f601

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GlobalUnlock
LocalReAlloc
GetLastError
FormatMessageW
IsBadReadPtr
FileTimeToLocalFileTime
GetComputerNameW
lstrlenW
lstrcmpiW
GlobalLock
GetSystemDefaultLangID
RemoveDirectoryA
OutputDebugStringW
CreateFileW
GetDateFormatW
lstrcpyW
SetLastError
GetSystemWindowsDirectoryW
GlobalAlloc
LocalFree
CloseHandle
LoadLibraryW
InterlockedDecrement
GetStartupInfoA
GlobalFree
GetModuleHandleA
QueryPerformanceCounter
WideCharToMultiByte
InterlockedIncrement
InitializeCriticalSection
SetUnhandledExceptionFilter
GetCurrentProcess
OutputDebugStringA
GetCPInfo
GetEnvironmentStringsW
DeleteCriticalSection
GetSystemTimeAsFileTime
FileTimeToSystemTime
GetModuleFileNameW
GetProcAddress

certcli

CAEnumNextCertType
CACreateCertType
CAEnumCertTypes
CASetCertTypeProperty
CACloseCA
CAFreeCAProperty
CACertTypeGetSecurity
CAUpdateCertType
CASetCertTypeExtension
CAGetCertTypePropertyEx
CASetCertTypeFlags
CAEnumCertTypesForCA
CASetCertTypeKeySpec
CAGetCertTypeProperty
CAAddCACertificateType
CAFindCertTypeByName
CACertTypeSetSecurity
CAUpdateCA
CAFreeCertTypeExtensions
CAGetCAProperty
CAGetCertTypeExtensions
CAFindByName
CACloseCertType
CAGetCertTypeFlags
CARemoveCACertificateType
CAFreeCertTypeProperty
CAGetCertTypeKeySpec

advapi32

RegEnumKeyExW
RegCloseKey
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW

msvcrt

wcschr
_adjust_fdiv
vswprintf
__RTDynamicCast
malloc
wcsstr
wcstoul
??3@YAXPAX@Z
memmove
_except_handler3
??1type_info@@UAE@XZ
wcscmp
wcslen
free
_onexit
_initterm
wcsrchr
wcscpy
_wcsupr
??2@YAPAXI@Z
wcscat
_wcsicmp
?terminate@@YAXXZ
mbstowcs
__dllonexit

user32

GetParent
LoadIconW
SetWindowTextW
LoadBitmapW
RegisterClipboardFormatW
SendDlgItemMessageW
LoadStringW
SetCursor
GetDlgItemTextA
GetDC
GetWindowLongW
MessageBoxW
EndDialog
LoadCursorW
ReleaseDC
SendMessageW
LoadImageW
PostMessageW
SetWindowLongW
DialogBoxParamW
InsertMenuItemW
SetFocus
EnableWindow
SetDlgItemTextW
GetDlgItem
wsprintfW
WinHelpW
SystemParametersInfoW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9aa40ffa76d33fa418c90966d295f601

Headers

File Characteristics

Imports

kernel32

certcli

advapi32

msvcrt

user32

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 68KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 68KB

.rsrc
Size: 23KB - Virtual size: 22KB