f27113935128da8aafc25114a9e3b86f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f27113935128da8aafc25114a9e3b86f_JaffaCakes118
Size

99KB
MD5

f27113935128da8aafc25114a9e3b86f
SHA1

88074a6d5c39faa018f816575dd4628903609c40
SHA256

8741a9c6c5d56b6f6333b71badb51e7a6cd54c5932292bfc5e68311b07fc5a09
SHA512

74dc6cc5466c7921e08f9f528a69babc387ba683dda24bb324ede2dba9506f7cec3bdab320f5ced6a08604266065387ac0107b58ee0beb5cca92687bbfc1f0a8
SSDEEP

1536:UTYOfCDIH2Cg9PZXINpbBZMgfOF8C67fGqbF7eFMMsMnedo:IYOfCMHahZYNvZTC67GqRqFMMXnedo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f27113935128da8aafc25114a9e3b86f_JaffaCakes118

Files

f27113935128da8aafc25114a9e3b86f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

21a8058af22813e05527305fb9c4d951

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
IsBadReadPtr
GetComputerNameW
LocalFree
GetLastError
CloseHandle
LoadLibraryW
lstrlenW
GetStartupInfoA
SetLastError
GetCurrentProcess
GetDateFormatW
FileTimeToSystemTime
FormatMessageW
QueryPerformanceCounter
InitializeCriticalSection
GetACP
OutputDebugStringA
OutputDebugStringW
InterlockedDecrement
WideCharToMultiByte
SetUnhandledExceptionFilter
GlobalFree
lstrcmpiW
GlobalLock
GetModuleFileNameW
LocalReAlloc
CreateFileW
GetModuleHandleA
GetEnvironmentStringsW
GetSystemWindowsDirectoryW
GetTickCount
GlobalUnlock
GetSystemTimeAsFileTime
GetSystemDefaultLangID
InterlockedIncrement
RemoveDirectoryA
FileTimeToLocalFileTime
DeleteCriticalSection
lstrcpyW

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW

certcli

CAGetCertTypeExtensions
CAGetCertTypeKeySpec
CAFindByName
CAEnumCertTypes
CAGetCAProperty
CARemoveCACertificateType
CACloseCertType
CACreateCertType
CACertTypeSetSecurity
CACloseCA
CAFreeCAProperty
CAGetCertTypeProperty
CAFindCertTypeByName
CAFreeCertTypeProperty
CAEnumNextCertType
CAGetCertTypeFlags
CAAddCACertificateType
CAFreeCertTypeExtensions
CACertTypeGetSecurity
CAEnumCertTypesForCA
CAUpdateCA
CAGetCertTypePropertyEx
CASetCertTypeFlags
CASetCertTypeProperty
CASetCertTypeKeySpec
CASetCertTypeExtension
CAUpdateCertType

comctl32

PropertySheetW
CreatePropertySheetPageW

msvcrt

__dllonexit
wcschr
_wcsupr
_onexit
wcsstr
??2@YAPAXI@Z
wcsrchr
_except_handler3
free
_purecall
vswprintf
??1type_info@@UAE@XZ
mbstowcs
_wcsicmp
_adjust_fdiv
wcscmp
malloc
wcscpy
??3@YAXPAX@Z
wcscat
?terminate@@YAXXZ
memmove
wcslen
wcstoul
__RTDynamicCast
_initterm

user32

EndDialog
GetDlgItemTextA
SetWindowLongW
SystemParametersInfoW
GetWindowLongW
GetParent
SetFocus
EnableWindow
SetCursor
PostMessageW
SetWindowTextW
WinHelpW
GetDlgItem
LoadCursorW
wsprintfW
RegisterClipboardFormatW
LoadBitmapW
SendDlgItemMessageW
DialogBoxParamW
SetDlgItemTextW
LoadImageW
LoadStringW
SendMessageW
MessageBoxW
ReleaseDC
InsertMenuItemW
GetDC
LoadIconW

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21a8058af22813e05527305fb9c4d951

Headers

File Characteristics

Imports

kernel32

advapi32

certcli

comctl32

msvcrt

user32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 93KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 93KB

.rsrc
Size: 24KB - Virtual size: 23KB