f47b7b88b19aa78a351fb715ba60b441_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f47b7b88b19aa78a351fb715ba60b441_JaffaCakes118
Size

100KB
MD5

f47b7b88b19aa78a351fb715ba60b441
SHA1

dc045c9db51a9e21cb2831a77484e6b561f03d02
SHA256

81e894041a1e2ac34b9b046d7c589bd46ba0f24d21d5c353480cd1a816f1743d
SHA512

fd16c4f441c2cf212ec5b121c1da57fdd21454446e3ba373e132b0dda46c4e76026774a2f10b610c75940dde2c6f828771f7403f37d4e1c36e8f30b39471a8bf
SSDEEP

3072:lBItvBXDbbesZTVJFl4cBsiJLU3eSfbZ:lBItvBzbbPxJFlTBHJL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f47b7b88b19aa78a351fb715ba60b441_JaffaCakes118

Files

f47b7b88b19aa78a351fb715ba60b441_JaffaCakes118
.exe windows:5 windows x86 arch:x86

10f29f5873d3c37f0f4b1d0b521b5262

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAFreeCertTypeExtensions
CAFreeCAProperty
CAEnumCertTypes
CAFindCertTypeByName
CACertTypeSetSecurity
CASetCertTypeKeySpec
CAGetCertTypeKeySpec
CACloseCertType
CAUpdateCertType
CACertTypeGetSecurity
CAFreeCertTypeProperty
CAUpdateCA
CACloseCA
CASetCertTypeProperty
CAGetCertTypeFlags
CAEnumNextCertType
CAEnumCertTypesForCA
CAGetCAProperty
CAFindByName
CASetCertTypeExtension
CAGetCertTypeProperty
CAAddCACertificateType
CACreateCertType
CAGetCertTypePropertyEx
CARemoveCACertificateType
CASetCertTypeFlags
CAGetCertTypeExtensions

comctl32

PropertySheetW
CreatePropertySheetPageW

msvcrt

??1type_info@@UAE@XZ
malloc
wcscpy
__RTDynamicCast
free
wcscat
mbstowcs
_onexit
wcstoul
wcsstr
_except_handler3
memmove
_wcsupr
_adjust_fdiv
wcslen
_wcsicmp
wcsrchr
__dllonexit
wcschr
vswprintf
?terminate@@YAXXZ
??3@YAXPAX@Z
_initterm
??2@YAPAXI@Z
wcscmp

kernel32

CreateFileW
GetModuleHandleA
lstrcmpiW
GetSystemTimeAsFileTime
GetProcAddress
GetDateFormatW
FileTimeToSystemTime
GlobalLock
SetLastError
SetUnhandledExceptionFilter
InterlockedDecrement
GetEnvironmentStringsW
WideCharToMultiByte
CloseHandle
LocalReAlloc
QueryPerformanceCounter
OutputDebugStringA
GetStartupInfoA
InitializeCriticalSection
GetSystemWindowsDirectoryW
LoadLibraryW
GlobalAlloc
GetCurrentProcess
OutputDebugStringW
FileTimeToLocalFileTime
GetSystemDefaultLangID
GetLastError
GetTickCount
LocalFree
lstrcpyW
RemoveDirectoryA
InterlockedIncrement
DeleteCriticalSection
GetModuleFileNameW
FormatMessageW
GetComputerNameW
GlobalFree
GetCPInfo
IsBadReadPtr
GlobalUnlock
lstrlenW

user32

ReleaseDC
LoadIconW
LoadImageW
LoadCursorW
InsertMenuItemW
RegisterClipboardFormatW
SetFocus
GetDC
GetDlgItemTextA
SetWindowLongW
GetDlgItem
SendDlgItemMessageW
SetCursor
SendMessageW
EnableWindow
PostMessageW
SetDlgItemTextW
EndDialog
GetWindowLongW
GetParent
WinHelpW
DialogBoxParamW
SetWindowTextW
LoadStringW
LoadBitmapW
wsprintfW
SystemParametersInfoW
MessageBoxW

advapi32

RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegDeleteKeyW
RegQueryValueExW
RegEnumKeyExW
RegCloseKey

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10f29f5873d3c37f0f4b1d0b521b5262

Headers

File Characteristics

Imports

certcli

comctl32

msvcrt

kernel32

user32

advapi32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 79KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 79KB

.rsrc
Size: 23KB - Virtual size: 22KB