c64ac9f680ffc033a69e16293c817850_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c64ac9f680ffc033a69e16293c817850_JaffaCakes118
Size

102KB
MD5

c64ac9f680ffc033a69e16293c817850
SHA1

1d4d3d460ed6cfa7609e544481b3cc66df4341f3
SHA256

53924b5eaa4d946e2d0525e6eca94be94e99ca91c69ab6391f6f1be5814d857a
SHA512

88683a99fa176038cce702d9bebd8d9fc0a8b739cb9994e299bb3a1ff5bd8b4ad4640442a209e2c4bfaea73b1977609b43d9ce58c831fbbfcedb12bffd5eda90
SSDEEP

1536:Ior3OXwkTEPVf3kIcQtZTr67Q+78D3VJ6eOs0pGcCS72l5QhB7p8LYj0f5hhh:qE93YQtZTr61Az6eOspu45QhP8zBhhh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c64ac9f680ffc033a69e16293c817850_JaffaCakes118

Files

c64ac9f680ffc033a69e16293c817850_JaffaCakes118
.exe windows:5 windows x86 arch:x86

80e1cf6e620178e7c47999b4785cfac5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameW
GlobalLock
FileTimeToLocalFileTime
LoadLibraryW
GetSystemDefaultLangID
GlobalFree
LocalReAlloc
GetModuleHandleA
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
CreateFileW
GetCPInfo
DeleteCriticalSection
SetUnhandledExceptionFilter
GlobalAlloc
CloseHandle
GetSystemWindowsDirectoryW
InitializeCriticalSection
OutputDebugStringW
GetDateFormatW
OutputDebugStringA
GetProcAddress
GetLastError
IsBadReadPtr
GetStartupInfoA
GetEnvironmentStringsW
lstrlenW
FormatMessageW
WideCharToMultiByte
GetSystemTimeAsFileTime
GetModuleFileNameW
InterlockedIncrement
GlobalUnlock
lstrcpyW
SetLastError
LocalFree
lstrcmpiW
InterlockedDecrement
FileTimeToSystemTime
GetCurrentThread

msvcrt

mbstowcs
wcscat
_wcsupr
wcsrchr
__dllonexit
__RTDynamicCast
vswprintf
wcstoul
??2@YAPAXI@Z
wcschr
memmove
wcscmp
wcsstr
malloc
??3@YAXPAX@Z
free
_except_handler3
?terminate@@YAXXZ
_wcsicmp
_adjust_fdiv
wcscpy
_initterm
wcslen
??1type_info@@UAE@XZ
_onexit

certcli

CACloseCA
CASetCertTypeFlags
CAFindByName
CAEnumCertTypesForCA
CAGetCertTypePropertyEx
CASetCertTypeKeySpec
CAAddCACertificateType
CAFindCertTypeByName
CAUpdateCertType
CAFreeCertTypeExtensions
CAGetCertTypeKeySpec
CASetCertTypeProperty
CAUpdateCA
CAEnumCertTypes
CAGetCertTypeProperty
CAFreeCAProperty
CACreateCertType
CAGetCertTypeExtensions
CACertTypeGetSecurity
CAEnumNextCertType
CACertTypeSetSecurity
CACloseCertType
CAFreeCertTypeProperty
CAGetCAProperty
CARemoveCACertificateType
CASetCertTypeExtension
CAGetCertTypeFlags

advapi32

RegDeleteKeyW
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
RegEnumKeyExW
RegSetValueExW
RegCloseKey
RegCreateKeyExW

user32

SetWindowTextW
GetParent
GetDlgItemTextA
SetFocus
SystemParametersInfoW
RegisterClipboardFormatW
LoadBitmapW
SetCursor
LoadIconW
GetWindowLongW
EndDialog
SetDlgItemTextW
PostMessageW
LoadImageW
InsertMenuItemW
LoadCursorW
LoadStringW
DialogBoxParamW
SetWindowLongW
SendDlgItemMessageW
SendMessageW
GetDlgItem
GetDC
ReleaseDC
WinHelpW
MessageBoxW
wsprintfW
EnableWindow

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80e1cf6e620178e7c47999b4785cfac5

Headers

File Characteristics

Imports

kernel32

msvcrt

certcli

advapi32

user32

comctl32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 120KB

.rsrc Size: 25KB - Virtual size: 24KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 120KB

.rsrc
Size: 25KB - Virtual size: 24KB