e9399b1537c2108c6324072b8f2fd9f7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e9399b1537c2108c6324072b8f2fd9f7_JaffaCakes118
Size

100KB
MD5

e9399b1537c2108c6324072b8f2fd9f7
SHA1

660b56812886884a793c65c84ba758242db17ad4
SHA256

0d3bb2afeb22e285e9f111717924ec7d9c95c81f35212708c7d33f1f5ba60486
SHA512

c41697fa352ef8330031b79f67a0c87edb92207cd323dff61249989973801e7a3e6559a52b6ff50d301af7a4bb313485a8d9a4ec9dd3057c9bbb857256a375c2
SSDEEP

1536:LSBn9zA49Om5p1Qc+mVgFxNSSM0QRWUlLagP2ONwN+L3Ksj2vxzwc:eBBZ5w/SSLkWMaQOYKsj8xzw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9399b1537c2108c6324072b8f2fd9f7_JaffaCakes118

Files

e9399b1537c2108c6324072b8f2fd9f7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

73526bccc6530077e0b3c4226e082e61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfW
PostMessageW
RegisterClipboardFormatW
LoadStringW
GetParent
GetDlgItemTextA
SendDlgItemMessageW
GetDC
DialogBoxParamW
LoadCursorW
ReleaseDC
LoadIconW
EndDialog
SetWindowTextW
SendMessageW
LoadBitmapW
GetDlgItem
WinHelpW
SystemParametersInfoW
LoadImageW
SetDlgItemTextW
SetWindowLongW
MessageBoxW
EnableWindow
InsertMenuItemW
GetWindowLongW
SetFocus
SetCursor

msvcrt

_initterm
wcsstr
_wcsupr
??1type_info@@UAE@XZ
??2@YAPAXI@Z
wcscpy
wcslen
??3@YAXPAX@Z
wcstoul
__RTDynamicCast
wcschr
wcsrchr
wcscat
mbstowcs
free
_onexit
memmove
?terminate@@YAXXZ
malloc
__dllonexit
_except_handler3
vswprintf
_wcsicmp
_adjust_fdiv
wcscmp

kernel32

InitializeCriticalSection
WideCharToMultiByte
GetDateFormatW
GetLastError
GetSystemTimeAsFileTime
GetCPInfo
CreateFileW
DeleteCriticalSection
QueryPerformanceCounter
GetEnvironmentStringsW
OutputDebugStringW
IsBadReadPtr
LocalFree
InterlockedDecrement
lstrcmpiW
GetSystemDefaultLangID
GetTickCount
LocalReAlloc
GetSystemWindowsDirectoryW
OutputDebugStringA
GlobalFree
GlobalLock
RemoveDirectoryA
GetCurrentProcess
GlobalUnlock
GlobalAlloc
LoadLibraryW
GetModuleHandleA
InterlockedIncrement
SetUnhandledExceptionFilter
GetComputerNameW
FormatMessageW
lstrcpyW
FileTimeToLocalFileTime
lstrlenW
SetLastError
FileTimeToSystemTime
CloseHandle
GetStartupInfoA
GetProcAddress
GetModuleFileNameW

certcli

CAGetCertTypeKeySpec
CAGetCertTypePropertyEx
CASetCertTypeExtension
CACertTypeGetSecurity
CAFreeCertTypeProperty
CAGetCertTypeFlags
CAFreeCAProperty
CAGetCertTypeProperty
CACloseCA
CAAddCACertificateType
CAGetCAProperty
CAEnumCertTypes
CAGetCertTypeExtensions
CAEnumCertTypesForCA
CAFindCertTypeByName
CAUpdateCA
CARemoveCACertificateType
CACreateCertType
CAEnumNextCertType
CACertTypeSetSecurity
CACloseCertType
CAUpdateCertType
CASetCertTypeProperty
CAFreeCertTypeExtensions
CASetCertTypeFlags
CAFindByName
CASetCertTypeKeySpec

comctl32

PropertySheetW
CreatePropertySheetPageW

advapi32

RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73526bccc6530077e0b3c4226e082e61

Headers

File Characteristics

Imports

user32

msvcrt

kernel32

certcli

comctl32

advapi32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 82KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 82KB

.rsrc
Size: 23KB - Virtual size: 23KB