ba379dddb7c11601b77ae2c842649b86_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ba379dddb7c11601b77ae2c842649b86_JaffaCakes118
Size

100KB
MD5

ba379dddb7c11601b77ae2c842649b86
SHA1

8a32864e80edf9c24065ceb854b445ed0422eec7
SHA256

c6f62b4a04d29451bbfa08c34366d3b1d406ea21c413c0d4f760840ae6e42cd0
SHA512

ede98f1c712a4a8b093fdf6858ce2b249e70db140f2f66c46ec4ef7ca5bff4d324c551221f72e7bdd59f3b591686e3b0d79641cfdd14b9d62fb6c99b78b4bcc2
SSDEEP

1536:AtbtLBbT6gSbuLFKRPcJUfuybaVAM1wDOdRQywaDw59gGWrNk96zTF:APlODuLScJhOuldRPwaE59gGm66zT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba379dddb7c11601b77ae2c842649b86_JaffaCakes118

Files

ba379dddb7c11601b77ae2c842649b86_JaffaCakes118
.exe windows:5 windows x86 arch:x86

21b29be9bf0e357e75b5a0529170b32d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

malloc
wcscmp
free
?terminate@@YAXXZ
_wcsupr
_adjust_fdiv
memmove
??3@YAXPAX@Z
_wcsicmp
wcslen
wcsstr
_except_handler3
_onexit
wcsrchr
_purecall
__RTDynamicCast
__dllonexit
_initterm
wcschr
wcscat
wcstoul
vswprintf
wcscpy
??2@YAPAXI@Z
??1type_info@@UAE@XZ
mbstowcs

user32

InsertMenuItemW
EndDialog
SetFocus
GetParent
EnableWindow
LoadIconW
SetCursor
SystemParametersInfoW
GetWindowLongW
LoadBitmapW
ReleaseDC
SendMessageW
DialogBoxParamW
RegisterClipboardFormatW
SendDlgItemMessageW
SetWindowLongW
GetDC
LoadCursorW
SetWindowTextW
MessageBoxW
wsprintfW
PostMessageW
WinHelpW
GetDlgItem
SetDlgItemTextW
LoadStringW
LoadImageW
GetDlgItemTextA

kernel32

QueryPerformanceCounter
GetComputerNameW
GlobalLock
InterlockedDecrement
FileTimeToSystemTime
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetSystemDefaultLangID
OutputDebugStringA
CloseHandle
RemoveDirectoryA
GetCurrentProcess
GetACP
InterlockedIncrement
LocalReAlloc
GetModuleHandleA
SetUnhandledExceptionFilter
GlobalFree
OutputDebugStringW
SetLastError
LocalFree
GlobalUnlock
GlobalAlloc
DeleteCriticalSection
GetStartupInfoA
lstrlenW
GetModuleFileNameW
FileTimeToLocalFileTime
LoadLibraryW
WideCharToMultiByte
GetTickCount
GetSystemWindowsDirectoryW
GetDateFormatW
IsBadReadPtr
GetLastError
FormatMessageW
InitializeCriticalSection
lstrcpyW
lstrcmpiW
CreateFileW

certcli

CAGetCAProperty
CASetCertTypeExtension
CACertTypeSetSecurity
CAEnumNextCertType
CASetCertTypeFlags
CACloseCA
CASetCertTypeKeySpec
CAGetCertTypeProperty
CAFreeCertTypeProperty
CAFreeCAProperty
CAFreeCertTypeExtensions
CAUpdateCA
CASetCertTypeProperty
CAGetCertTypeExtensions
CARemoveCACertificateType
CAGetCertTypePropertyEx
CAGetCertTypeKeySpec
CAFindCertTypeByName
CAFindByName
CACloseCertType
CACreateCertType
CACertTypeGetSecurity
CAGetCertTypeFlags
CAEnumCertTypesForCA
CAUpdateCertType
CAAddCACertificateType
CAEnumCertTypes

advapi32

RegCloseKey
RegDeleteKeyW
RegQueryValueExW
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21b29be9bf0e357e75b5a0529170b32d

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

certcli

advapi32

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 97KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 97KB

.rsrc
Size: 24KB - Virtual size: 23KB