caf34bcabc3f3d5265d3c0c6996e383d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

caf34bcabc3f3d5265d3c0c6996e383d_JaffaCakes118
Size

99KB
MD5

caf34bcabc3f3d5265d3c0c6996e383d
SHA1

1147468323872d12dd176e35c383cdadf7127c86
SHA256

2291f8a5a9fa92b49915f7c9381ba15f31d0599d9e320e380ca74e57c381ca77
SHA512

21118ae0269b90e35a74fcdacdec493ada974772597b16e7701ba034a7bb6ebe7d830e8bec38373e900c8f0a8df90cfe4508dee1684d1687f4fcd80e39fef1b0
SSDEEP

1536:BKH5b/Us3U42RFOHvOeiEHkVQprf10b3zcxnm/HgpGlGMxePY0MqnzYAl:QR/hkUO8EWl1zZ7pzM8PXhzYA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
caf34bcabc3f3d5265d3c0c6996e383d_JaffaCakes118

Files

caf34bcabc3f3d5265d3c0c6996e383d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9a4808fc73d3d2bcdceba01e068cbd23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey

kernel32

InitializeCriticalSection
GetModuleFileNameW
LocalReAlloc
CloseHandle
GlobalUnlock
GlobalLock
GetSystemWindowsDirectoryW
IsBadReadPtr
SetUnhandledExceptionFilter
GetProcAddress
GetSystemTimeAsFileTime
GlobalAlloc
DeleteCriticalSection
GetSystemDefaultLangID
lstrcmpiW
OutputDebugStringA
GetTickCount
GetEnvironmentStringsW
GetDateFormatW
GlobalFree
QueryPerformanceCounter
SetLastError
InterlockedIncrement
GetLastError
lstrcpyW
RemoveDirectoryA
GetCPInfo
lstrlenW
InterlockedDecrement
OutputDebugStringW
GetStartupInfoA
GetComputerNameW
GetModuleHandleA
FileTimeToSystemTime
LocalFree
FormatMessageW
LoadLibraryW
GetCurrentProcess
FileTimeToLocalFileTime
CreateFileW
WideCharToMultiByte

user32

GetDlgItem
GetDlgItemTextA
LoadCursorW
EndDialog
EnableWindow
LoadStringW
SendMessageW
MessageBoxW
GetDC
SetDlgItemTextW
GetWindowLongW
GetParent
WinHelpW
RegisterClipboardFormatW
SendDlgItemMessageW
SetWindowTextW
PostMessageW
SetWindowLongW
LoadIconW
ReleaseDC
InsertMenuItemW
LoadBitmapW
wsprintfW
DialogBoxParamW
SystemParametersInfoW
SetFocus
SetCursor
LoadImageW

msvcrt

??2@YAPAXI@Z
wcslen
_onexit
wcscmp
wcsstr
wcschr
mbstowcs
__RTDynamicCast
?terminate@@YAXXZ
__dllonexit
memmove
??3@YAXPAX@Z
free
vswprintf
_wcsicmp
_adjust_fdiv
wcsrchr
wcstoul
malloc
wcscat
_wcsupr
??1type_info@@UAE@XZ
_initterm
_except_handler3
wcscpy

certcli

CAUpdateCA
CASetCertTypeFlags
CAEnumCertTypesForCA
CAGetCertTypeFlags
CASetCertTypeKeySpec
CACreateCertType
CASetCertTypeExtension
CAFindByName
CAEnumCertTypes
CAGetCertTypeProperty
CAAddCACertificateType
CAGetCertTypeKeySpec
CAFreeCertTypeProperty
CACloseCA
CACertTypeSetSecurity
CACertTypeGetSecurity
CACloseCertType
CAFreeCAProperty
CAUpdateCertType
CAGetCertTypePropertyEx
CASetCertTypeProperty
CAGetCAProperty
CAFindCertTypeByName
CAGetCertTypeExtensions
CARemoveCACertificateType
CAEnumNextCertType
CAFreeCertTypeExtensions

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a4808fc73d3d2bcdceba01e068cbd23

Headers

File Characteristics

Imports

advapi32

kernel32

user32

msvcrt

certcli

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 87KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 87KB

.rsrc
Size: 23KB - Virtual size: 22KB