e246287161e2b52a84b8d7226bb4e0f2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e246287161e2b52a84b8d7226bb4e0f2_JaffaCakes118
Size

98KB
MD5

e246287161e2b52a84b8d7226bb4e0f2
SHA1

a91d0f40443f7d7b817bfac5342f96e1f811ca72
SHA256

2ca585f17c94f6cc5bb9c12217449370d27c86ddca64d6ea4592ae9fec2a27f2
SHA512

17b4ba72642a2e6689b59e9ed0b1e81539fe456c17576a8e685da6b85b931afcfc289b1e3035ec48f042c94122e12d7a36f9fe63095d8eb59694423112348ac6
SSDEEP

3072:hKxHfoZhPSv7FP+1j/tErAgexukWAMEAwgSUzBeximJ6:hKHQZaV+F/tyAgyukWAwtSUsImJ6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e246287161e2b52a84b8d7226bb4e0f2_JaffaCakes118

Files

e246287161e2b52a84b8d7226bb4e0f2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8fa7fecc38567109f0d6275e21d2cfa8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAGetCAProperty
CASetCertTypeProperty
CAUpdateCertType
CAEnumCertTypesForCA
CASetCertTypeFlags
CAEnumNextCertType
CACertTypeGetSecurity
CAGetCertTypePropertyEx
CAFindCertTypeByName
CAFreeCertTypeExtensions
CAGetCertTypeExtensions
CARemoveCACertificateType
CACloseCA
CACreateCertType
CACertTypeSetSecurity
CAFreeCertTypeProperty
CAGetCertTypeFlags
CAFindByName
CAGetCertTypeKeySpec
CAUpdateCA
CAEnumCertTypes
CAGetCertTypeProperty
CAAddCACertificateType
CAFreeCAProperty
CACloseCertType
CASetCertTypeExtension
CASetCertTypeKeySpec

user32

SendMessageW
EndDialog
MessageBoxW
GetDC
ReleaseDC
wsprintfW
GetWindowLongW
EnableWindow
LoadStringW
SetDlgItemTextW
GetParent
LoadCursorW
SetCursor
LoadIconW
GetDlgItemTextA
LoadBitmapW
SetFocus
GetDlgItem
SendDlgItemMessageW
RegisterClipboardFormatW
PostMessageW
WinHelpW
SystemParametersInfoW
SetWindowLongW
DialogBoxParamW
SetWindowTextW
LoadImageW
InsertMenuItemW

msvcrt

?terminate@@YAXXZ
wcscmp
memmove
wcslen
_adjust_fdiv
??2@YAPAXI@Z
_wcsupr
wcsrchr
_onexit
mbstowcs
__RTDynamicCast
wcschr
??3@YAXPAX@Z
wcstoul
_except_handler3
_wcsicmp
wcsstr
free
malloc
wcscat
vswprintf
??1type_info@@UAE@XZ
wcscpy
_initterm
__dllonexit

kernel32

GetModuleHandleA
lstrlenW
GlobalAlloc
GetSystemTimeAsFileTime
WideCharToMultiByte
LoadLibraryW
LocalReAlloc
CloseHandle
CreateFileW
OutputDebugStringW
SetUnhandledExceptionFilter
GlobalFree
GetCurrentProcess
GetCPInfo
QueryPerformanceCounter
FormatMessageW
GetComputerNameW
GetSystemWindowsDirectoryW
LocalFree
RemoveDirectoryA
IsBadReadPtr
GetLastError
SetLastError
OutputDebugStringA
lstrcpyW
GetDateFormatW
GetProcAddress
FileTimeToSystemTime
InterlockedDecrement
InitializeCriticalSection
lstrcmpiW
GlobalLock
GetTickCount
DeleteCriticalSection
GlobalUnlock
GetSystemDefaultLangID
GetModuleFileNameW
InterlockedIncrement
GetEnvironmentStringsW
FileTimeToLocalFileTime
GetStartupInfoA

advapi32

RegSetValueExW
RegQueryValueExW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fa7fecc38567109f0d6275e21d2cfa8

Headers

File Characteristics

Imports

certcli

user32

msvcrt

kernel32

advapi32

comctl32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 80KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 80KB

.rsrc
Size: 23KB - Virtual size: 22KB