be872da2e8b6218fb3e4b0b43e265bc8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

be872da2e8b6218fb3e4b0b43e265bc8_JaffaCakes118
Size

102KB
MD5

be872da2e8b6218fb3e4b0b43e265bc8
SHA1

3b2b5bc558a293812c2746e77c809a6f564fff7f
SHA256

311abe601a7d1675e9337c0f4918aeb60907de37b773a6e0c8f289ad0496d857
SHA512

a0118a2eee93546bce1edc37a4e1994f1b06ff77f138b717a78bb946d1ba45b2bc23a2c2aad1777ac0c73841209a037378ba15be762ab92a12cd5e224d58398f
SSDEEP

1536:bxZf29SmtBE7XdIUaaPMDFgIMBy7rWb0l9+GU+j8RmSkvta47AGLRfRhth:dZObfQXgEc+y7rWY3U/QSk17/N/b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be872da2e8b6218fb3e4b0b43e265bc8_JaffaCakes118

Files

be872da2e8b6218fb3e4b0b43e265bc8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0b75d7c1703fff47447d3ef3b39940e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAFindCertTypeByName
CASetCertTypeProperty
CAFreeCertTypeProperty
CACreateCertType
CAEnumNextCertType
CAGetCertTypePropertyEx
CAEnumCertTypesForCA
CAGetCAProperty
CACloseCA
CAEnumCertTypes
CAUpdateCA
CASetCertTypeExtension
CAGetCertTypeFlags
CACloseCertType
CAFreeCAProperty
CAAddCACertificateType
CARemoveCACertificateType
CAGetCertTypeKeySpec
CACertTypeSetSecurity
CAGetCertTypeProperty
CAFindByName
CAFreeCertTypeExtensions
CASetCertTypeKeySpec
CASetCertTypeFlags
CAGetCertTypeExtensions
CACertTypeGetSecurity
CAUpdateCertType

msvcrt

wcscpy
??2@YAPAXI@Z
__RTDynamicCast
??1type_info@@UAE@XZ
_adjust_fdiv
wcscmp
wcslen
wcscat
wcstoul
_wcsupr
?terminate@@YAXXZ
??3@YAXPAX@Z
wcschr
_onexit
_except_handler3
malloc
memmove
wcsrchr
_initterm
wcsstr
_purecall
vswprintf
mbstowcs
free
__dllonexit
_wcsicmp

kernel32

SetLastError
OutputDebugStringW
CreateFileW
QueryPerformanceCounter
lstrcpyW
InterlockedIncrement
FileTimeToLocalFileTime
GlobalFree
InitializeCriticalSection
lstrlenW
GlobalAlloc
FileTimeToSystemTime
DeleteCriticalSection
GetSystemDefaultLangID
GetComputerNameW
GetEnvironmentStringsW
GetLastError
CloseHandle
LocalFree
GetStartupInfoA
WideCharToMultiByte
GetDateFormatW
GetSystemTimeAsFileTime
GlobalUnlock
GetACP
GetModuleHandleA
lstrcmpiW
FormatMessageW
OutputDebugStringA
InterlockedDecrement
GetModuleFileNameW
GlobalLock
GetCurrentProcess
LocalReAlloc
SetUnhandledExceptionFilter
IsBadReadPtr
GetTickCount
LoadLibraryW
GetSystemWindowsDirectoryW
RemoveDirectoryA

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW

user32

GetWindowLongW
GetDlgItemTextA
DialogBoxParamW
LoadIconW
EndDialog
LoadStringW
GetDC
LoadBitmapW
SystemParametersInfoW
EnableWindow
RegisterClipboardFormatW
LoadCursorW
SetCursor
SetWindowTextW
InsertMenuItemW
SetFocus
ReleaseDC
PostMessageW
LoadImageW
SetDlgItemTextW
SetWindowLongW
SendDlgItemMessageW
SendMessageW
MessageBoxW
wsprintfW
WinHelpW
GetDlgItem
GetParent

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b75d7c1703fff47447d3ef3b39940e1

Headers

File Characteristics

Imports

certcli

msvcrt

kernel32

advapi32

user32

comctl32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 95KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 95KB

.rsrc
Size: 24KB - Virtual size: 23KB