df7bcbd79931ca369c0bf849bef90bab_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

df7bcbd79931ca369c0bf849bef90bab_JaffaCakes118
Size

102KB
MD5

df7bcbd79931ca369c0bf849bef90bab
SHA1

4568960fd8f68eed5f4e14acf9ab545d03d18e2d
SHA256

728e6a28ff6482149737ea21f47dd1fd25df83aa385d69bb4e97b65b3d0bd4e3
SHA512

f5a2d7952c56b4a2d84c25a68fdd3f41e4e3ee95b8944c1b076f68bc751439c33afc362df270850ca2c4bfc5fc112bdc86c38a75a43af5367f78aa4690d18d10
SSDEEP

1536:8BSuVpRXjB39lQEevK6zrJQkjfItOOzesMZ0N7wMf29zJfGWD139Bcsn5Qq:IvXjh9uZvzWOkMZ4TWfGWD13/15Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df7bcbd79931ca369c0bf849bef90bab_JaffaCakes118

Files

df7bcbd79931ca369c0bf849bef90bab_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3edebf1d67c40a5dc8d9d10deea7d01b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseDC
WinHelpW
SendMessageW
LoadCursorW
SetDlgItemTextW
LoadIconW
SetFocus
GetDC
LoadBitmapW
GetDlgItem
SystemParametersInfoW
RegisterClipboardFormatW
GetWindowLongW
LoadStringW
SetCursor
SetWindowLongW
SetWindowTextW
EndDialog
GetParent
SendDlgItemMessageW
wsprintfW
InsertMenuItemW
GetDlgItemTextA
LoadImageW
PostMessageW
MessageBoxW
DialogBoxParamW
EnableWindow

kernel32

CreateFileW
CloseHandle
InitializeCriticalSection
GetCurrentProcess
GlobalLock
GetSystemDefaultLangID
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
SetLastError
FileTimeToSystemTime
GlobalAlloc
WideCharToMultiByte
GetModuleHandleA
LocalFree
GetTickCount
GetSystemWindowsDirectoryW
GetComputerNameW
LocalReAlloc
DeleteCriticalSection
lstrlenW
OutputDebugStringA
GetDateFormatW
GetEnvironmentStringsW
LoadLibraryW
GlobalUnlock
OutputDebugStringW
GetCPInfo
SetUnhandledExceptionFilter
lstrcpyW
lstrcmpiW
FormatMessageW
GetLastError
GlobalFree
IsBadReadPtr
InterlockedDecrement
GetModuleFileNameW
QueryPerformanceCounter
InterlockedIncrement
FileTimeToLocalFileTime
RemoveDirectoryA

msvcrt

vswprintf
??2@YAPAXI@Z
wcschr
free
_onexit
wcsrchr
wcsstr
memmove
__RTDynamicCast
_wcsupr
_except_handler3
wcscpy
_initterm
wcscat
_adjust_fdiv
wcstoul
_wcsicmp
??3@YAXPAX@Z
__dllonexit
malloc
wcslen
??1type_info@@UAE@XZ
mbstowcs
?terminate@@YAXXZ
wcscmp

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW

certcli

CAGetCertTypeKeySpec
CASetCertTypeFlags
CACloseCertType
CACertTypeGetSecurity
CAGetCertTypeProperty
CAFindByName
CARemoveCACertificateType
CAGetCertTypeFlags
CAGetCAProperty
CAFreeCAProperty
CAGetCertTypePropertyEx
CAEnumNextCertType
CAFreeCertTypeExtensions
CACloseCA
CAFreeCertTypeProperty
CAAddCACertificateType
CACertTypeSetSecurity
CAEnumCertTypes
CAGetCertTypeExtensions
CASetCertTypeExtension
CASetCertTypeProperty
CAFindCertTypeByName
CAUpdateCA
CAEnumCertTypesForCA
CASetCertTypeKeySpec
CACreateCertType
CAUpdateCertType

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3edebf1d67c40a5dc8d9d10deea7d01b

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

advapi32

certcli

comctl32

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 65KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 65KB

.rsrc
Size: 23KB - Virtual size: 23KB