ce86e3c9696570e809cdc198a1d28260_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ce86e3c9696570e809cdc198a1d28260_JaffaCakes118
Size

98KB
MD5

ce86e3c9696570e809cdc198a1d28260
SHA1

102a43af6fdc334e8a64700035b19607d2c52722
SHA256

5fa7f5218f2963f339c27a955d5709b62c526cfc47bb789db9f5a56d68f4b727
SHA512

96b4ae3cec3e51427ba8d08037a2f5e810f7cf4e90b1f5c015ee49f6c0dd5c6283993c13604b5361251fc74c986220be11c78ea45574d75aa48dc5c1bf48a47c
SSDEEP

1536:Ww4tuBPgEz9ZgtcGG/N7QgA7ivX+b88BRsinC/EqRzzhuB0CXysYnLZ2+CAiECbt:6ueEzScN0gAm+b88BqinTczzkYjCVb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce86e3c9696570e809cdc198a1d28260_JaffaCakes118

Files

ce86e3c9696570e809cdc198a1d28260_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6aa52cb3c86c1d296792a6189342b246

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CASetCertTypeFlags
CAFreeCertTypeProperty
CARemoveCACertificateType
CAFreeCertTypeExtensions
CAFindCertTypeByName
CAGetCAProperty
CASetCertTypeProperty
CAFreeCAProperty
CASetCertTypeKeySpec
CACloseCA
CAGetCertTypeFlags
CAUpdateCertType
CASetCertTypeExtension
CAEnumCertTypes
CACertTypeSetSecurity
CAGetCertTypePropertyEx
CAGetCertTypeKeySpec
CAEnumNextCertType
CAAddCACertificateType
CAFindByName
CACloseCertType
CAGetCertTypeExtensions
CAUpdateCA
CAEnumCertTypesForCA
CACertTypeGetSecurity
CAGetCertTypeProperty
CACreateCertType

advapi32

RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW

kernel32

QueryPerformanceCounter
lstrcmpiW
GlobalAlloc
InterlockedIncrement
GetCPInfo
OutputDebugStringW
GetModuleFileNameW
InitializeCriticalSection
OutputDebugStringA
GetLastError
LocalReAlloc
LocalFree
LoadLibraryW
SetLastError
GlobalLock
GetTickCount
GetEnvironmentStringsW
GetSystemWindowsDirectoryW
GetSystemDefaultLangID
FileTimeToLocalFileTime
CreateFileW
FormatMessageW
GetModuleHandleA
GetStartupInfoA
lstrlenW
RemoveDirectoryA
CloseHandle
FileTimeToSystemTime
GetProcAddress
DeleteCriticalSection
SetUnhandledExceptionFilter
WideCharToMultiByte
GetCurrentProcess
GetComputerNameW
GetDateFormatW
GetSystemTimeAsFileTime
lstrcpyW
GlobalUnlock
InterlockedDecrement
GlobalFree
IsBadReadPtr

user32

SetFocus
GetDC
LoadStringW
GetDlgItemTextA
GetParent
SendDlgItemMessageW
PostMessageW
ReleaseDC
InsertMenuItemW
GetWindowLongW
LoadBitmapW
EndDialog
wsprintfW
LoadIconW
SendMessageW
SetCursor
DialogBoxParamW
SetWindowTextW
MessageBoxW
SystemParametersInfoW
LoadCursorW
RegisterClipboardFormatW
WinHelpW
GetDlgItem
SetDlgItemTextW
LoadImageW
EnableWindow
SetWindowLongW

msvcrt

mbstowcs
_wcsupr
wcslen
wcscmp
wcscpy
memmove
__dllonexit
__RTDynamicCast
wcsrchr
_except_handler3
malloc
_wcsicmp
wcsstr
?terminate@@YAXXZ
free
wcstoul
??1type_info@@UAE@XZ
wcschr
??2@YAPAXI@Z
_initterm
wcscat
_onexit
vswprintf
??3@YAXPAX@Z
_adjust_fdiv

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6aa52cb3c86c1d296792a6189342b246

Headers

File Characteristics

Imports

certcli

advapi32

kernel32

user32

msvcrt

comctl32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 116KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 116KB

.rsrc
Size: 23KB - Virtual size: 22KB