c77c5aaaab125641e9b01d06c452d029_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c77c5aaaab125641e9b01d06c452d029_JaffaCakes118
Size

103KB
MD5

c77c5aaaab125641e9b01d06c452d029
SHA1

ec9b7c5fb43bf1f676d97c15710e9dd3ffe92b3b
SHA256

61ca24f4b64642c01796783095c5382f322f58ab42cad8b07ce555d1124945ae
SHA512

7e6ba5132f60fdbeccb5261662be00369e766cdc02ace0a75f97bdcffe46133dacd80153f1ac9de21fe472097baed16fc277df834b8f60ec05fb92cd0e8d1075
SSDEEP

1536:y+5c2j94iqjjBOnAjzO7fUKlLVryXI3k59u3bFEUoTMwpTgmg:759JGjjB2wQNRryY0y3bFEUcMwh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c77c5aaaab125641e9b01d06c452d029_JaffaCakes118

Files

c77c5aaaab125641e9b01d06c452d029_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8f5dedf880d188745b0bead16ec2de6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAUpdateCertType
CAGetCertTypeExtensions
CAAddCACertificateType
CAUpdateCA
CASetCertTypeKeySpec
CAGetCertTypeProperty
CAEnumNextCertType
CAFreeCertTypeProperty
CAEnumCertTypesForCA
CAEnumCertTypes
CAGetCertTypePropertyEx
CASetCertTypeFlags
CAFreeCertTypeExtensions
CACertTypeGetSecurity
CAGetCAProperty
CASetCertTypeProperty
CACloseCA
CAFindByName
CAFreeCAProperty
CARemoveCACertificateType
CACloseCertType
CAFindCertTypeByName
CAGetCertTypeKeySpec
CAGetCertTypeFlags
CASetCertTypeExtension
CACreateCertType
CACertTypeSetSecurity

user32

SetDlgItemTextW
LoadCursorW
RegisterClipboardFormatW
MessageBoxW
LoadImageW
DialogBoxParamW
InsertMenuItemW
GetWindowLongW
LoadBitmapW
EnableWindow
SetWindowTextW
PostMessageW
wsprintfW
GetDlgItemTextA
LoadStringW
SystemParametersInfoW
SetCursor
SendDlgItemMessageW
WinHelpW
SetFocus
LoadIconW
SetWindowLongW
GetDlgItem
EndDialog
GetParent
ReleaseDC
SendMessageW
GetDC

kernel32

SetUnhandledExceptionFilter
GlobalFree
GetTickCount
RemoveDirectoryA
GetComputerNameW
LocalFree
GlobalUnlock
GetDateFormatW
GetSystemDefaultLangID
InitializeCriticalSection
OutputDebugStringA
SetLastError
CreateFileW
LoadLibraryW
GetLastError
lstrcmpiW
FileTimeToSystemTime
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryW
OutputDebugStringW
GetCurrentProcess
lstrcpyW
lstrlenW
GetModuleHandleA
GetCPInfo
GetModuleFileNameW
FileTimeToLocalFileTime
GetEnvironmentStringsW
InterlockedIncrement
GlobalAlloc
LocalReAlloc
WideCharToMultiByte
IsBadReadPtr
InterlockedDecrement
CloseHandle
GetProcAddress
DeleteCriticalSection
FormatMessageW
QueryPerformanceCounter
GetStartupInfoA
GlobalLock

msvcrt

mbstowcs
wcscat
wcsrchr
wcslen
wcschr
wcstoul
_onexit
_wcsicmp
vswprintf
__dllonexit
wcscmp
??3@YAXPAX@Z
_except_handler3
malloc
free
_wcsupr
wcsstr
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
?terminate@@YAXXZ
memmove
__RTDynamicCast
??2@YAPAXI@Z
wcscpy

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f5dedf880d188745b0bead16ec2de6e

Headers

File Characteristics

Imports

certcli

user32

kernel32

msvcrt

advapi32

comctl32

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 103KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 103KB

.rsrc
Size: 23KB - Virtual size: 23KB