bbf1efcbb5a9dc095753fe45f7956890_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bbf1efcbb5a9dc095753fe45f7956890_JaffaCakes118
Size

102KB
MD5

bbf1efcbb5a9dc095753fe45f7956890
SHA1

51edfcafd1e1d6eb3013411c5aded5f79684e5df
SHA256

34c4ed06d50ff821c90a422a31666d6892dd30879a28e08617133aa87859b33c
SHA512

2e609b35ba01a451eaced8e579d4336bbefe178c93b97c06cea927f8578410860e6582d5daebc2a8dea3040b5dc8a6a86b9c005cbead0a3b8ab29847f709f4ff
SSDEEP

1536:bWkm98PehwKPMJLIcvX7MS/FHyjpntkuRVKjDQvh2hr57zBzBz:zN2hTMJZYSRydnmuUDQvh2hr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbf1efcbb5a9dc095753fe45f7956890_JaffaCakes118

Files

bbf1efcbb5a9dc095753fe45f7956890_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3661d495f264a4f9f515d7e29985e037

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetComputerNameW
LocalReAlloc
GetACP
LoadLibraryW
GlobalUnlock
CreateFileW
QueryPerformanceCounter
lstrcpyW
GetCurrentProcess
FileTimeToSystemTime
OutputDebugStringA
GlobalLock
IsBadReadPtr
GlobalAlloc
lstrlenW
GlobalFree
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LocalFree
GetSystemWindowsDirectoryW
lstrcmpiW
GetTickCount
GetEnvironmentStringsW
GetLastError
FormatMessageW
DeleteCriticalSection
GetModuleFileNameW
GetModuleHandleA
CloseHandle
RemoveDirectoryA
InterlockedDecrement
InitializeCriticalSection
GetDateFormatW
FileTimeToLocalFileTime
WideCharToMultiByte
SetLastError
InterlockedIncrement
GetSystemDefaultLangID
OutputDebugStringW

msvcrt

??1type_info@@UAE@XZ
_onexit
wcsstr
_except_handler3
wcscat
wcscpy
??2@YAPAXI@Z
free
_adjust_fdiv
malloc
_wcsicmp
_initterm
mbstowcs
__RTDynamicCast
wcscmp
_wcsupr
?terminate@@YAXXZ
??3@YAXPAX@Z
wcstoul
wcschr
memmove
__dllonexit
wcsrchr
wcslen
_purecall
vswprintf

certcli

CAGetCAProperty
CAFreeCertTypeProperty
CAAddCACertificateType
CACertTypeSetSecurity
CAEnumCertTypes
CAFreeCAProperty
CAGetCertTypeProperty
CASetCertTypeExtension
CASetCertTypeProperty
CASetCertTypeFlags
CAFindByName
CASetCertTypeKeySpec
CACreateCertType
CACloseCertType
CAFreeCertTypeExtensions
CAGetCertTypeKeySpec
CAEnumCertTypesForCA
CAEnumNextCertType
CACloseCA
CARemoveCACertificateType
CAGetCertTypeExtensions
CAUpdateCA
CAFindCertTypeByName
CAUpdateCertType
CAGetCertTypeFlags
CACertTypeGetSecurity
CAGetCertTypePropertyEx

user32

GetDlgItemTextA
GetDC
MessageBoxW
RegisterClipboardFormatW
LoadStringW
SendMessageW
SendDlgItemMessageW
EndDialog
LoadCursorW
DialogBoxParamW
SetDlgItemTextW
LoadBitmapW
WinHelpW
GetDlgItem
SetFocus
SetCursor
LoadIconW
SetWindowLongW
SetWindowTextW
PostMessageW
GetWindowLongW
wsprintfW
SystemParametersInfoW
ReleaseDC
LoadImageW
EnableWindow
GetParent
InsertMenuItemW

comctl32

PropertySheetW
CreatePropertySheetPageW

advapi32

RegQueryValueExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegCloseKey

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3661d495f264a4f9f515d7e29985e037

Headers

File Characteristics

Imports

kernel32

msvcrt

certcli

user32

comctl32

advapi32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 97KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 97KB

.rsrc
Size: 25KB - Virtual size: 25KB