b91f1d2535f280e178301f565c14b7de_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b91f1d2535f280e178301f565c14b7de_JaffaCakes118
Size

99KB
MD5

b91f1d2535f280e178301f565c14b7de
SHA1

1aa5e82a33557143f95ff5c6058f30df74343a31
SHA256

179ee571aa898130bdc4d5fdf5a29018c4550fea77f3a5efc99b0e2c636ecf73
SHA512

612ce0bf73afda2f4da84bd0ae64cedc1348b13369e1f03484ade8aa866c175bf52b027e8a9e032524b7f585e6bf7407fa8fc8eb78a189659da221d5cd01c4d9
SSDEEP

3072:0Hm3Pcb0jk952KPJqitaHYXsSmNS6wTeJW:Khb0g/7s+yi5mNXYeI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b91f1d2535f280e178301f565c14b7de_JaffaCakes118

Files

b91f1d2535f280e178301f565c14b7de_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b0b6e2695f2ea1ad9597b2b685f6cca2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameW
GetCPInfo
FileTimeToSystemTime
InitializeCriticalSection
FormatMessageW
LocalReAlloc
GetDateFormatW
GetEnvironmentStringsW
GetCurrentThread
OutputDebugStringW
GetProcAddress
CloseHandle
GlobalAlloc
GetModuleFileNameW
SetUnhandledExceptionFilter
GetSystemDefaultLangID
GetStartupInfoA
IsBadReadPtr
GlobalUnlock
lstrcpyW
QueryPerformanceCounter
GetLastError
GlobalFree
GetModuleHandleA
InterlockedDecrement
GetSystemTimeAsFileTime
LoadLibraryW
OutputDebugStringA
lstrlenW
DeleteCriticalSection
GlobalLock
GetCurrentProcess
InterlockedIncrement
GetSystemWindowsDirectoryW
GetTickCount
LocalFree
FileTimeToLocalFileTime
CreateFileW
lstrcmpiW
WideCharToMultiByte
SetLastError

certcli

CAGetCertTypeFlags
CASetCertTypeFlags
CACloseCertType
CAGetCertTypePropertyEx
CAGetCertTypeKeySpec
CAGetCAProperty
CASetCertTypeProperty
CAGetCertTypeProperty
CACloseCA
CAFreeCertTypeExtensions
CAUpdateCertType
CACertTypeSetSecurity
CAFindByName
CAFreeCertTypeProperty
CACertTypeGetSecurity
CASetCertTypeKeySpec
CAGetCertTypeExtensions
CASetCertTypeExtension
CAUpdateCA
CAFreeCAProperty
CAFindCertTypeByName
CACreateCertType
CAAddCACertificateType
CAEnumCertTypesForCA
CARemoveCACertificateType
CAEnumCertTypes
CAEnumNextCertType

user32

SetCursor
EnableWindow
InsertMenuItemW
LoadCursorW
SendMessageW
MessageBoxW
PostMessageW
GetWindowLongW
EndDialog
SetFocus
RegisterClipboardFormatW
ReleaseDC
SetWindowTextW
SetDlgItemTextW
LoadStringW
SystemParametersInfoW
SendDlgItemMessageW
WinHelpW
wsprintfW
SetWindowLongW
LoadImageW
GetParent
LoadIconW
GetDlgItem
GetDlgItemTextA
GetDC
DialogBoxParamW
LoadBitmapW

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW

msvcrt

??1type_info@@UAE@XZ
__dllonexit
??3@YAXPAX@Z
??2@YAPAXI@Z
wcscpy
_onexit
mbstowcs
_wcsupr
vswprintf
malloc
_except_handler3
wcscat
free
memmove
wcstoul
_wcsicmp
wcsstr
__RTDynamicCast
wcslen
wcscmp
_initterm
?terminate@@YAXXZ
_adjust_fdiv
wcschr
wcsrchr

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0b6e2695f2ea1ad9597b2b685f6cca2

Headers

File Characteristics

Imports

kernel32

certcli

user32

advapi32

msvcrt

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 84KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 84KB

.rsrc
Size: 23KB - Virtual size: 22KB