d2c1da367012dd78c46a8476728f734f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d2c1da367012dd78c46a8476728f734f_JaffaCakes118
Size

100KB
MD5

d2c1da367012dd78c46a8476728f734f
SHA1

c4b484b3cc67725a103f61c88488862fc7e13f50
SHA256

1d67bd39318aa2a2c76a978d8b0885efe38fd0edcedf6ee87b27ba27af63e023
SHA512

8c8957e83eaec7c9015ceec5d52980af9256adedd35b44f402b502119db8a1b8f5491c2d004ccaa8b7cb8c71a89091fcbead95c4fb43a7ec994df6648c19a3cc
SSDEEP

1536:bNynxrkH3XVB7SIXjTE0397//jeyNhgg3usO1SgDotL7ISZ0rClefT:ZcQn3XjI0lXjx2fggDotL7n0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2c1da367012dd78c46a8476728f734f_JaffaCakes118

Files

d2c1da367012dd78c46a8476728f734f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ef021c2321a97b0d896cf4d22bf717ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??3@YAXPAX@Z
free
malloc
??1type_info@@UAE@XZ
vswprintf
wcscmp
_wcsicmp
mbstowcs
_onexit
_wcsupr
wcscpy
?terminate@@YAXXZ
_except_handler3
wcsstr
wcsrchr
__RTDynamicCast
__dllonexit
_initterm
wcslen
wcschr
??2@YAPAXI@Z
_adjust_fdiv
wcstoul
wcscat
_purecall
memmove

user32

SetCursor
SetWindowTextW
SystemParametersInfoW
EnableWindow
GetDlgItem
SetFocus
SetWindowLongW
InsertMenuItemW
PostMessageW
ReleaseDC
LoadCursorW
SetDlgItemTextW
GetWindowLongW
MessageBoxW
DialogBoxParamW
GetDC
SendDlgItemMessageW
GetDlgItemTextA
SendMessageW
GetParent
EndDialog
RegisterClipboardFormatW
WinHelpW
wsprintfW
LoadIconW
LoadBitmapW
LoadStringW
LoadImageW

kernel32

InterlockedIncrement
IsBadReadPtr
lstrcpyW
OutputDebugStringA
InitializeCriticalSection
GetTickCount
LocalFree
CreateFileW
GlobalUnlock
GetSystemTimeAsFileTime
GetComputerNameW
CloseHandle
SetUnhandledExceptionFilter
GetSystemWindowsDirectoryW
GetStartupInfoA
FormatMessageW
GlobalFree
FileTimeToLocalFileTime
GetDateFormatW
FileTimeToSystemTime
GetModuleFileNameW
GetACP
GetEnvironmentStringsW
WideCharToMultiByte
QueryPerformanceCounter
GetLastError
GetCurrentProcess
SetLastError
lstrcmpiW
GlobalAlloc
GlobalLock
LoadLibraryW
LocalReAlloc
OutputDebugStringW
InterlockedDecrement
lstrlenW
RemoveDirectoryA
GetModuleHandleA
DeleteCriticalSection
GetSystemDefaultLangID

certcli

CAGetCertTypeProperty
CASetCertTypeProperty
CAAddCACertificateType
CAFreeCertTypeExtensions
CACertTypeGetSecurity
CAFreeCAProperty
CAEnumNextCertType
CASetCertTypeExtension
CACreateCertType
CAGetCAProperty
CACertTypeSetSecurity
CAUpdateCertType
CASetCertTypeFlags
CAGetCertTypeKeySpec
CAEnumCertTypes
CAGetCertTypeExtensions
CAEnumCertTypesForCA
CAFindCertTypeByName
CACloseCA
CAGetCertTypeFlags
CACloseCertType
CAFreeCertTypeProperty
CAGetCertTypePropertyEx
CAFindByName
CARemoveCACertificateType
CASetCertTypeKeySpec
CAUpdateCA

advapi32

RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegDeleteKeyW
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
RegEnumKeyExW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef021c2321a97b0d896cf4d22bf717ac

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

certcli

advapi32

comctl32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 94KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 94KB

.rsrc
Size: 23KB - Virtual size: 23KB