fd798c1cf97f316b746e18870c943868_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fd798c1cf97f316b746e18870c943868_JaffaCakes118
Size

99KB
MD5

fd798c1cf97f316b746e18870c943868
SHA1

950a36c986905c8f044306bce0a7eb5f468eaa8b
SHA256

e37785d6aa06b073c0e728cef569fdc743a73cedec5e8cd7c318ea61e858a389
SHA512

c4571a47332f90b2aee6ba6fa60b7210714f2f561c7c7a93cafed498870dbad4b04a04904827248ed150de6da4f66283c77ea0a0ba46ec7c15754f3fb1e5c3e5
SSDEEP

3072:6k0ve7yCl+Hg7aWl5luonxyICEpFyRyeLy1s:P1lygTn9pFyRjes

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd798c1cf97f316b746e18870c943868_JaffaCakes118

Files

fd798c1cf97f316b746e18870c943868_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6dd063eda9e5855c354b2eb44f7e288e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseDC
GetDC
GetWindowLongW
LoadStringW
GetParent
LoadImageW
DialogBoxParamW
SystemParametersInfoW
SetDlgItemTextW
GetDlgItemTextA
EndDialog
SendMessageW
EnableWindow
LoadBitmapW
WinHelpW
SetCursor
SendDlgItemMessageW
wsprintfW
SetFocus
InsertMenuItemW
SetWindowTextW
PostMessageW
MessageBoxW
SetWindowLongW
LoadIconW
LoadCursorW
RegisterClipboardFormatW
GetDlgItem

kernel32

WideCharToMultiByte
CloseHandle
lstrcmpiW
GetLastError
GetCPInfo
SetUnhandledExceptionFilter
GlobalUnlock
GlobalLock
GetSystemTimeAsFileTime
GetComputerNameW
FileTimeToLocalFileTime
IsBadReadPtr
GetProcAddress
GetModuleFileNameW
GetSystemWindowsDirectoryW
DeleteCriticalSection
OutputDebugStringA
QueryPerformanceCounter
GetTickCount
FileTimeToSystemTime
GetDateFormatW
LocalFree
InitializeCriticalSection
lstrlenW
LoadLibraryW
GetSystemDefaultLangID
GetModuleHandleA
SetLastError
OutputDebugStringW
GetEnvironmentStringsW
GlobalFree
LocalReAlloc
GlobalAlloc
GetStartupInfoA
lstrcpyW
GetCurrentThread
GetCurrentProcess
CreateFileW
InterlockedDecrement
FormatMessageW
InterlockedIncrement

certcli

CACertTypeSetSecurity
CAGetCertTypePropertyEx
CAFreeCertTypeProperty
CAFreeCertTypeExtensions
CACloseCertType
CAEnumCertTypesForCA
CAFindCertTypeByName
CAUpdateCA
CASetCertTypeKeySpec
CARemoveCACertificateType
CASetCertTypeExtension
CASetCertTypeProperty
CACertTypeGetSecurity
CACloseCA
CAFindByName
CAGetCertTypeKeySpec
CAGetCertTypeExtensions
CAGetCAProperty
CAEnumCertTypes
CASetCertTypeFlags
CAFreeCAProperty
CAGetCertTypeFlags
CAUpdateCertType
CAAddCACertificateType
CACreateCertType
CAGetCertTypeProperty
CAEnumNextCertType

msvcrt

vswprintf
wcstoul
wcscat
wcscpy
?terminate@@YAXXZ
??3@YAXPAX@Z
wcschr
wcscmp
__RTDynamicCast
_adjust_fdiv
_onexit
mbstowcs
_wcsicmp
wcsrchr
free
_except_handler3
_initterm
??1type_info@@UAE@XZ
_wcsupr
malloc
memmove
??2@YAPAXI@Z
wcsstr
wcslen
__dllonexit

advapi32

RegDeleteKeyW
RegSetValueExW
RegEnumKeyExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6dd063eda9e5855c354b2eb44f7e288e

Headers

File Characteristics

Imports

user32

kernel32

certcli

msvcrt

advapi32

comctl32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 92KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 92KB

.rsrc
Size: 23KB - Virtual size: 22KB