cd42da837c94a2f6d2283e813239bf48_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cd42da837c94a2f6d2283e813239bf48_JaffaCakes118
Size

100KB
MD5

cd42da837c94a2f6d2283e813239bf48
SHA1

c1ae87eb0276bc5dc01a9ba763c0313a94098090
SHA256

26d3c9ee11690766b1bdc8588c95a3e1d3c373e1a2e74ee7262d00622bd41d0d
SHA512

dba9adcf92256d77290a8b170a32209e5cac2ce861f96b7dafe03b7a94c8bcd25cf1bf8b61d216a17ef7abb185f155a245a5e2a4a66e3a86af6a7bca47136da3
SSDEEP

3072:J3zw1lwH4ZWjG3heh/FYjHWK/6K8qVMSRX:dzws7Q2/FMHv6K8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd42da837c94a2f6d2283e813239bf48_JaffaCakes118

Files

cd42da837c94a2f6d2283e813239bf48_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4311f9a203b899359cd29f826332dbdf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAGetCertTypeFlags
CACertTypeGetSecurity
CAUpdateCA
CAFreeCertTypeExtensions
CAGetCertTypeProperty
CACloseCA
CASetCertTypeKeySpec
CAEnumNextCertType
CACertTypeSetSecurity
CAGetCertTypeKeySpec
CAEnumCertTypes
CAFindCertTypeByName
CACreateCertType
CARemoveCACertificateType
CAFindByName
CACloseCertType
CAEnumCertTypesForCA
CASetCertTypeFlags
CAUpdateCertType
CAGetCertTypePropertyEx
CAGetCertTypeExtensions
CAFreeCAProperty
CASetCertTypeExtension
CAAddCACertificateType
CASetCertTypeProperty
CAGetCAProperty
CAFreeCertTypeProperty

user32

GetWindowLongW
LoadBitmapW
EnableWindow
LoadImageW
GetDlgItemTextA
LoadIconW
RegisterClipboardFormatW
SetDlgItemTextW
SendMessageW
SendDlgItemMessageW
LoadStringW
SystemParametersInfoW
SetWindowTextW
SetWindowLongW
WinHelpW
EndDialog
SetFocus
GetParent
GetDC
PostMessageW
DialogBoxParamW
LoadCursorW
MessageBoxW
GetDlgItem
ReleaseDC
InsertMenuItemW
SetCursor
wsprintfW

msvcrt

_adjust_fdiv
wcsstr
vswprintf
wcslen
__dllonexit
mbstowcs
_wcsicmp
??1type_info@@UAE@XZ
??3@YAXPAX@Z
free
_onexit
wcschr
_wcsupr
?terminate@@YAXXZ
malloc
__RTDynamicCast
_initterm
wcstoul
wcscpy
memmove
wcscat
wcsrchr
??2@YAPAXI@Z
wcscmp
_except_handler3

comctl32

CreatePropertySheetPageW
PropertySheetW

kernel32

lstrcmpiW
LocalReAlloc
DeleteCriticalSection
GetLastError
RemoveDirectoryA
GetSystemWindowsDirectoryW
OutputDebugStringA
GetTickCount
GetCPInfo
GlobalUnlock
WideCharToMultiByte
InterlockedDecrement
GetSystemDefaultLangID
CloseHandle
GlobalLock
SetUnhandledExceptionFilter
OutputDebugStringW
GetSystemTimeAsFileTime
GetEnvironmentStringsW
lstrcpyW
GetProcAddress
lstrlenW
GetCurrentProcess
SetLastError
InterlockedIncrement
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleHandleA
CreateFileW
GlobalFree
QueryPerformanceCounter
IsBadReadPtr
GetStartupInfoA
FormatMessageW
LoadLibraryW
GlobalAlloc
GetDateFormatW
GetModuleFileNameW
LocalFree
GetComputerNameW
InitializeCriticalSection

advapi32

RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4311f9a203b899359cd29f826332dbdf

Headers

File Characteristics

Imports

certcli

user32

msvcrt

comctl32

kernel32

advapi32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 119KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 119KB

.rsrc
Size: 24KB - Virtual size: 23KB