df31e9acba7dd0fd7506ef5aff34851d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

df31e9acba7dd0fd7506ef5aff34851d_JaffaCakes118
Size

100KB
MD5

df31e9acba7dd0fd7506ef5aff34851d
SHA1

89ee2b5e10d3a0c6d0dcfe2dd7bd1ea1e6408a0a
SHA256

d6df9b32740ca4016205e833ec79fc09560060a85b49857dd3c9898a9347d241
SHA512

e92f5cfd2209f4d1f5801d7aaadbbfd9c8e961580cc671e3415f5f44b5d52790c5af38988d30256d3a1ff97f13ac67db60be71bb1cd8d755475eb4bbe2c0fb60
SSDEEP

1536:LTpdcq8FrAxgRXlHDefAn2EBsZQJ8th7pqivNbBM1hUm5ga/:Xcq8FrAxg5Z6hkmPrZBM1GmN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df31e9acba7dd0fd7506ef5aff34851d_JaffaCakes118

Files

df31e9acba7dd0fd7506ef5aff34851d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

af71e35435fdb8480e065c22e24745a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
FormatMessageW
GetStartupInfoA
GetSystemWindowsDirectoryW
DeleteCriticalSection
LocalFree
OutputDebugStringW
RemoveDirectoryA
GetDateFormatW
GetModuleHandleA
GetTickCount
LocalReAlloc
GlobalFree
SetLastError
GlobalAlloc
LoadLibraryW
GetEnvironmentStringsW
GetComputerNameW
SetUnhandledExceptionFilter
FileTimeToSystemTime
lstrlenW
QueryPerformanceCounter
GetModuleFileNameW
CreateFileW
OutputDebugStringA
GetSystemTimeAsFileTime
InterlockedIncrement
GetCurrentProcess
IsBadReadPtr
GetCPInfo
GetSystemDefaultLangID
GetProcAddress
WideCharToMultiByte
GlobalUnlock
GetLastError
CloseHandle
lstrcpyW
InitializeCriticalSection
lstrcmpiW
FileTimeToLocalFileTime
GlobalLock

certcli

CACertTypeGetSecurity
CAGetCertTypeExtensions
CASetCertTypeKeySpec
CASetCertTypeExtension
CACertTypeSetSecurity
CACreateCertType
CAAddCACertificateType
CARemoveCACertificateType
CAGetCAProperty
CAFindCertTypeByName
CAFreeCAProperty
CAFreeCertTypeExtensions
CAEnumNextCertType
CASetCertTypeProperty
CAUpdateCertType
CAGetCertTypePropertyEx
CAUpdateCA
CAEnumCertTypesForCA
CACloseCertType
CASetCertTypeFlags
CAEnumCertTypes
CAFindByName
CAGetCertTypeKeySpec
CAFreeCertTypeProperty
CAGetCertTypeProperty
CAGetCertTypeFlags
CACloseCA

advapi32

RegQueryValueExW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegSetValueExW
RegDeleteKeyW
RegOpenKeyExW
RegDeleteValueW

user32

SetCursor
InsertMenuItemW
WinHelpW
SendMessageW
DialogBoxParamW
GetWindowLongW
ReleaseDC
GetDC
SendDlgItemMessageW
wsprintfW
PostMessageW
SystemParametersInfoW
LoadImageW
LoadStringW
GetDlgItem
LoadIconW
LoadBitmapW
SetWindowTextW
SetFocus
EndDialog
GetDlgItemTextA
RegisterClipboardFormatW
EnableWindow
SetDlgItemTextW
LoadCursorW
SetWindowLongW
GetParent
MessageBoxW

msvcrt

__dllonexit
wcscat
wcstoul
memmove
_initterm
??2@YAPAXI@Z
mbstowcs
wcsrchr
wcscmp
wcschr
__RTDynamicCast
_wcsupr
malloc
_onexit
wcslen
wcsstr
wcscpy
_adjust_fdiv
?terminate@@YAXXZ
_except_handler3
??3@YAXPAX@Z
_wcsicmp
??1type_info@@UAE@XZ
free
vswprintf

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af71e35435fdb8480e065c22e24745a4

Headers

File Characteristics

Imports

kernel32

certcli

advapi32

user32

msvcrt

comctl32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 86KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 86KB

.rsrc
Size: 24KB - Virtual size: 24KB