d422b2a4c9c98cee80626bbb1f5cb784_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d422b2a4c9c98cee80626bbb1f5cb784_JaffaCakes118
Size

102KB
MD5

d422b2a4c9c98cee80626bbb1f5cb784
SHA1

3e2f595358561ebc81459255824cd6ab21da50fb
SHA256

93e11da600dc50fcfffe14799125ab01221e207e9e6c192930128082295a5d30
SHA512

1f16892bb12b02bae050c93aeab6f18f6dff8a554ba27910e895e265adf6f005b599a7815f5196196b034181654fe1919fbbec95359776dc3ff96d6293d267e1
SSDEEP

1536:MF/9Sbezfw6hbyA9+FgvxZn9m5VQG/jyLrFIWZU8jF1lWR74Gej:ggOfwfA0gvwQ0jyJZU85WR74Ge

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d422b2a4c9c98cee80626bbb1f5cb784_JaffaCakes118

Files

d422b2a4c9c98cee80626bbb1f5cb784_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bd0a28de96902c19ffde776c84077422

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetCursor
SetDlgItemTextW
RegisterClipboardFormatW
PostMessageW
EnableWindow
SetWindowTextW
LoadCursorW
EndDialog
GetDlgItem
LoadBitmapW
ReleaseDC
SystemParametersInfoW
GetParent
SetFocus
InsertMenuItemW
GetWindowLongW
LoadStringW
LoadIconW
MessageBoxW
DialogBoxParamW
GetDC
GetDlgItemTextA
SendMessageW
wsprintfW
LoadImageW
SetWindowLongW
SendDlgItemMessageW
WinHelpW

kernel32

RemoveDirectoryA
GetTickCount
IsBadReadPtr
GetSystemTimeAsFileTime
GetStartupInfoA
FileTimeToSystemTime
LoadLibraryW
GetDateFormatW
DeleteCriticalSection
GetCurrentProcess
SetUnhandledExceptionFilter
InterlockedDecrement
GlobalLock
CloseHandle
SetLastError
GlobalFree
GetProcAddress
GetEnvironmentStringsW
LocalFree
QueryPerformanceCounter
FormatMessageW
GetCPInfo
InitializeCriticalSection
lstrcmpiW
OutputDebugStringA
CreateFileW
FileTimeToLocalFileTime
GetModuleHandleA
OutputDebugStringW
GlobalAlloc
GetComputerNameW
lstrcpyW
WideCharToMultiByte
LocalReAlloc
GetSystemWindowsDirectoryW
GetLastError
GetSystemDefaultLangID
InterlockedIncrement
lstrlenW
GlobalUnlock
GetModuleFileNameW

certcli

CAFreeCertTypeExtensions
CAFindCertTypeByName
CASetCertTypeKeySpec
CAUpdateCA
CAFreeCertTypeProperty
CAEnumNextCertType
CASetCertTypeExtension
CAFreeCAProperty
CASetCertTypeFlags
CAAddCACertificateType
CAGetCertTypePropertyEx
CACertTypeGetSecurity
CASetCertTypeProperty
CAEnumCertTypesForCA
CAGetCertTypeProperty
CAGetCertTypeKeySpec
CACloseCA
CAGetCertTypeFlags
CACloseCertType
CAEnumCertTypes
CAFindByName
CACertTypeSetSecurity
CAGetCAProperty
CARemoveCACertificateType
CAUpdateCertType
CACreateCertType
CAGetCertTypeExtensions

msvcrt

?terminate@@YAXXZ
wcsstr
??3@YAXPAX@Z
memmove
_wcsupr
wcschr
_adjust_fdiv
wcscpy
_except_handler3
free
wcslen
wcsrchr
__RTDynamicCast
mbstowcs
??2@YAPAXI@Z
wcscmp
_onexit
_initterm
_wcsicmp
malloc
wcstoul
wcscat
__dllonexit
vswprintf
??1type_info@@UAE@XZ

comctl32

CreatePropertySheetPageW
PropertySheetW

advapi32

RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd0a28de96902c19ffde776c84077422

Headers

File Characteristics

Imports

user32

kernel32

certcli

msvcrt

comctl32

advapi32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 118KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 118KB

.rsrc
Size: 24KB - Virtual size: 24KB