c94c2ff9b5d0bb9d144c3a6625d9062c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c94c2ff9b5d0bb9d144c3a6625d9062c_JaffaCakes118
Size

100KB
MD5

c94c2ff9b5d0bb9d144c3a6625d9062c
SHA1

34ce134ed5c2634535e722d7eb4fd4197b19220f
SHA256

ef9da77c58fef5b0e5856f61e8bbc61a2258dd727f0ae323d3a400606253ce3e
SHA512

47bca2195b2c575e2933a1713031614312d88c27a48250a54b4857c0b1f0b5ebe5a86b1b605ad4ca6e0be107de79cee7d3d42f65dce03b7bfa1f583c0cfc3ce5
SSDEEP

3072:WC4hcvDwc3TndJFGjaTTG3SiSX6ACAck:N4ho337dJFM+a3OvCAc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c94c2ff9b5d0bb9d144c3a6625d9062c_JaffaCakes118

Files

c94c2ff9b5d0bb9d144c3a6625d9062c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f80cf82e8685818dd8d4acb787378f49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
SetLastError
GetCPInfo
GlobalUnlock
IsBadReadPtr
GetEnvironmentStringsW
GetProcAddress
InterlockedIncrement
GetCurrentProcess
GetTickCount
DeleteCriticalSection
FileTimeToSystemTime
FormatMessageW
GetComputerNameW
GlobalFree
OutputDebugStringA
GetDateFormatW
GlobalLock
InitializeCriticalSection
LoadLibraryW
GetSystemDefaultLangID
OutputDebugStringW
lstrcmpiW
SetUnhandledExceptionFilter
lstrcpyW
GetModuleFileNameW
LocalReAlloc
RemoveDirectoryA
FileTimeToLocalFileTime
WideCharToMultiByte
CreateFileW
LocalFree
InterlockedDecrement
GlobalAlloc
CloseHandle
GetModuleHandleA
GetSystemWindowsDirectoryW
lstrlenW
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime

user32

WinHelpW
GetWindowLongW
SetDlgItemTextW
MessageBoxW
GetParent
LoadStringW
RegisterClipboardFormatW
SystemParametersInfoW
LoadImageW
DialogBoxParamW
LoadBitmapW
SetWindowTextW
GetDlgItemTextA
SetCursor
LoadCursorW
SendMessageW
EnableWindow
ReleaseDC
LoadIconW
wsprintfW
SetFocus
SendDlgItemMessageW
GetDlgItem
SetWindowLongW
InsertMenuItemW
GetDC
EndDialog
PostMessageW

msvcrt

_wcsupr
wcscat
memmove
vswprintf
wcstoul
_adjust_fdiv
mbstowcs
wcslen
wcsrchr
__RTDynamicCast
_initterm
wcschr
wcsstr
_except_handler3
free
malloc
??3@YAXPAX@Z
??2@YAPAXI@Z
__dllonexit
_wcsicmp
??1type_info@@UAE@XZ
_onexit
wcscmp
?terminate@@YAXXZ
wcscpy

certcli

CACertTypeGetSecurity
CAAddCACertificateType
CASetCertTypeKeySpec
CAGetCAProperty
CARemoveCACertificateType
CAEnumCertTypesForCA
CAGetCertTypePropertyEx
CAEnumCertTypes
CAFreeCertTypeProperty
CAFreeCertTypeExtensions
CAUpdateCertType
CAGetCertTypeKeySpec
CAGetCertTypeFlags
CACreateCertType
CAFreeCAProperty
CASetCertTypeExtension
CAUpdateCA
CAGetCertTypeProperty
CACertTypeSetSecurity
CASetCertTypeProperty
CAGetCertTypeExtensions
CASetCertTypeFlags
CACloseCertType
CAFindCertTypeByName
CAEnumNextCertType
CAFindByName
CACloseCA

advapi32

RegDeleteValueW
RegQueryValueExW
RegEnumKeyExW
RegSetValueExW
RegDeleteKeyW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f80cf82e8685818dd8d4acb787378f49

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

certcli

advapi32

comctl32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 87KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 87KB

.rsrc
Size: 23KB - Virtual size: 22KB