c091cb5cec50de400aee0bb8fa1acbb4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c091cb5cec50de400aee0bb8fa1acbb4_JaffaCakes118
Size

101KB
MD5

c091cb5cec50de400aee0bb8fa1acbb4
SHA1

63093bcf7f1d4b449386e09919e67db815dcff05
SHA256

9cce0b81d2042890998b371277589c22572022d40e0aa665f25bd51e91a5abed
SHA512

d6a6ae0d6e65ee4e71eef2d659ccd702818ad2c5a6eee5812de541af5322eea2c9f93fb675208ecf81a791cd409c918127b764a63f16e25ad341c1096236aa39
SSDEEP

3072:GH9wtVYPeHgJTV8wvveNL8UW2AFe5A1GNZo:GxeC+dNYUeUA1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c091cb5cec50de400aee0bb8fa1acbb4_JaffaCakes118

Files

c091cb5cec50de400aee0bb8fa1acbb4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b70aede12ef2e8ce751d4cd07145395e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CASetCertTypeExtension
CAEnumNextCertType
CACertTypeSetSecurity
CAFreeCertTypeProperty
CACloseCertType
CAGetCAProperty
CAFindCertTypeByName
CACreateCertType
CAGetCertTypeProperty
CAGetCertTypeExtensions
CAUpdateCA
CARemoveCACertificateType
CAEnumCertTypesForCA
CAGetCertTypeFlags
CAGetCertTypePropertyEx
CAFreeCertTypeExtensions
CASetCertTypeProperty
CACertTypeGetSecurity
CACloseCA
CASetCertTypeFlags
CAGetCertTypeKeySpec
CAFreeCAProperty
CAAddCACertificateType
CAUpdateCertType
CASetCertTypeKeySpec
CAFindByName
CAEnumCertTypes

advapi32

RegCreateKeyExW
RegEnumKeyExW
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegQueryValueExW

user32

InsertMenuItemW
LoadImageW
SetCursor
MessageBoxW
RegisterClipboardFormatW
SetWindowLongW
GetDC
SetWindowTextW
EnableWindow
PostMessageW
LoadBitmapW
LoadStringW
wsprintfW
DialogBoxParamW
LoadIconW
GetWindowLongW
LoadCursorW
SetFocus
WinHelpW
SendDlgItemMessageW
SendMessageW
EndDialog
GetParent
ReleaseDC
SystemParametersInfoW
GetDlgItem
GetDlgItemTextA
SetDlgItemTextW

msvcrt

_except_handler3
_initterm
memmove
??3@YAXPAX@Z
_adjust_fdiv
wcscmp
vswprintf
_wcsupr
wcsstr
_wcsicmp
__dllonexit
??2@YAPAXI@Z
?terminate@@YAXXZ
_onexit
wcstoul
wcsrchr
wcscat
??1type_info@@UAE@XZ
free
_purecall
mbstowcs
wcscpy
__RTDynamicCast
wcschr
wcslen
malloc

kernel32

OutputDebugStringA
lstrlenW
GetDateFormatW
IsBadReadPtr
GetModuleHandleA
GetStartupInfoA
DeleteCriticalSection
CreateFileW
GlobalFree
LocalFree
LocalReAlloc
CloseHandle
GetTickCount
InterlockedIncrement
GetComputerNameW
GetSystemDefaultLangID
GetSystemWindowsDirectoryW
GetEnvironmentStringsW
WideCharToMultiByte
lstrcpyW
GetSystemTimeAsFileTime
OutputDebugStringW
GetACP
GetLastError
FormatMessageW
GlobalUnlock
GlobalAlloc
LoadLibraryW
RemoveDirectoryA
InterlockedDecrement
QueryPerformanceCounter
SetUnhandledExceptionFilter
SetLastError
FileTimeToLocalFileTime
GlobalLock
lstrcmpiW
GetModuleFileNameW
GetCurrentProcess
FileTimeToSystemTime
InitializeCriticalSection

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b70aede12ef2e8ce751d4cd07145395e

Headers

File Characteristics

Imports

certcli

advapi32

user32

msvcrt

kernel32

comctl32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 121KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 121KB

.rsrc
Size: 24KB - Virtual size: 23KB