c36a4be86d70b011ee01d1bb90a958b2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c36a4be86d70b011ee01d1bb90a958b2_JaffaCakes118
Size

100KB
MD5

c36a4be86d70b011ee01d1bb90a958b2
SHA1

360815c31844e151652c336f29d07e4a76f277cc
SHA256

a87d44c8ec1a5931fe54901ce25b9d1cc0e1d5f7074c5c755a16913536fe0f33
SHA512

c0f25cc7d4d7eabb0d1a08f0ed9ad18347b4ed370c17ee0479d887f460b3799a4bd49d30668985cdec0641651e85f0c6e72f4b8d154fdfbc8fab9bc3f89ddf1a
SSDEEP

3072:ZnJ+21vj6xcBqK8q8UsOGd8lSgdD/spOYYY:pHucE1rOSMDEp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c36a4be86d70b011ee01d1bb90a958b2_JaffaCakes118

Files

c36a4be86d70b011ee01d1bb90a958b2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

48b7bed21e2c351246032e39dfb5b9bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
GetDateFormatW
IsBadReadPtr
InterlockedDecrement
LocalFree
GetCPInfo
GlobalAlloc
SetLastError
OutputDebugStringW
GetSystemWindowsDirectoryW
GetComputerNameW
GetStartupInfoA
FormatMessageW
lstrlenW
LocalReAlloc
GetTickCount
GetProcAddress
lstrcmpiW
CloseHandle
RemoveDirectoryA
GetLastError
SetUnhandledExceptionFilter
GlobalUnlock
FileTimeToLocalFileTime
QueryPerformanceCounter
GetModuleHandleA
GlobalFree
InterlockedIncrement
CreateFileW
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
GetSystemTimeAsFileTime
lstrcpyW
FileTimeToSystemTime
LoadLibraryW
GetSystemDefaultLangID
GetCurrentProcess
GlobalLock
OutputDebugStringA
WideCharToMultiByte

msvcrt

__RTDynamicCast
wcscpy
wcstoul
_adjust_fdiv
wcsstr
??1type_info@@UAE@XZ
_initterm
wcslen
_onexit
??3@YAXPAX@Z
wcscat
memmove
wcscmp
free
wcschr
vswprintf
__dllonexit
mbstowcs
?terminate@@YAXXZ
wcsrchr
_except_handler3
??2@YAPAXI@Z
_wcsicmp
_wcsupr
malloc

certcli

CARemoveCACertificateType
CACertTypeGetSecurity
CACreateCertType
CAUpdateCertType
CAFindCertTypeByName
CAFreeCertTypeProperty
CASetCertTypeFlags
CAUpdateCA
CAAddCACertificateType
CAGetCertTypeKeySpec
CAFreeCertTypeExtensions
CAFindByName
CAGetCertTypeProperty
CAGetCertTypePropertyEx
CAGetCertTypeFlags
CAEnumCertTypes
CAGetCertTypeExtensions
CACloseCA
CASetCertTypeProperty
CAGetCAProperty
CACertTypeSetSecurity
CAEnumNextCertType
CASetCertTypeExtension
CAEnumCertTypesForCA
CACloseCertType
CASetCertTypeKeySpec
CAFreeCAProperty

comctl32

PropertySheetW
CreatePropertySheetPageW

user32

InsertMenuItemW
GetDlgItem
SendDlgItemMessageW
LoadCursorW
LoadStringW
LoadIconW
SetDlgItemTextW
GetWindowLongW
RegisterClipboardFormatW
MessageBoxW
wsprintfW
ReleaseDC
SetWindowLongW
PostMessageW
LoadImageW
GetParent
WinHelpW
SetCursor
SystemParametersInfoW
EndDialog
EnableWindow
SetFocus
GetDlgItemTextA
SetWindowTextW
GetDC
SendMessageW
DialogBoxParamW
LoadBitmapW

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegDeleteKeyW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48b7bed21e2c351246032e39dfb5b9bc

Headers

File Characteristics

Imports

kernel32

msvcrt

certcli

comctl32

user32

advapi32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 71KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 71KB

.rsrc
Size: 24KB - Virtual size: 23KB