fd757a2822a7e82f119f2394784aa647_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fd757a2822a7e82f119f2394784aa647_JaffaCakes118
Size

99KB
MD5

fd757a2822a7e82f119f2394784aa647
SHA1

ef6db0d6238d4a8f2125ffd747693c75b9994db0
SHA256

3d4cc300770736670ce47e11da99141d4404617ce617045b504c59333dfb0c52
SHA512

a1999e4e2e43d9af9df4643abd78f8cfd3bf5df3e9bc2777acc657135cb8cf7f1df5a887b4b4ca535784cb7a1d3b0681f196b88235c5eb86c955c83190369729
SSDEEP

1536:HseA3lVz0r2szc3jyHbf4wOQETNY3f6QwV67CkdMFCAr1Ke3otnr3y:HseAjzKq3jy7f4jWyQMkdMFrkgoTy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd757a2822a7e82f119f2394784aa647_JaffaCakes118

Files

fd757a2822a7e82f119f2394784aa647_JaffaCakes118
.exe windows:5 windows x86 arch:x86

95af82079f852bd52b9c7d1e77f05ba3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetModuleHandleA
lstrlenW
InterlockedIncrement
GlobalLock
DeleteCriticalSection
WideCharToMultiByte
GetLastError
lstrcmpiW
LocalReAlloc
LocalFree
RemoveDirectoryA
GlobalUnlock
GetSystemWindowsDirectoryW
GetTickCount
OutputDebugStringA
CreateFileW
InitializeCriticalSection
GlobalAlloc
InterlockedDecrement
CloseHandle
GetEnvironmentStringsW
GetSystemDefaultLangID
GlobalFree
OutputDebugStringW
SetLastError
GetComputerNameW
SetUnhandledExceptionFilter
LoadLibraryW
FormatMessageW
GetSystemTimeAsFileTime
GetCurrentProcess
FileTimeToLocalFileTime
QueryPerformanceCounter
GetProcAddress
GetCPInfo
GetModuleFileNameW
FileTimeToSystemTime
lstrcpyW
GetDateFormatW
IsBadReadPtr

msvcrt

malloc
memmove
wcsrchr
_wcsicmp
??3@YAXPAX@Z
??2@YAPAXI@Z
??1type_info@@UAE@XZ
free
wcslen
_adjust_fdiv
wcsstr
_onexit
_except_handler3
wcscat
wcschr
_initterm
wcscpy
wcstoul
mbstowcs
vswprintf
?terminate@@YAXXZ
__dllonexit
__RTDynamicCast
_wcsupr
wcscmp

certcli

CACertTypeGetSecurity
CAUpdateCA
CACloseCertType
CAUpdateCertType
CAGetCertTypePropertyEx
CAGetCertTypeFlags
CASetCertTypeKeySpec
CAFreeCAProperty
CAFreeCertTypeExtensions
CACertTypeSetSecurity
CAEnumNextCertType
CACloseCA
CAGetCertTypeKeySpec
CAFindCertTypeByName
CAGetCAProperty
CARemoveCACertificateType
CACreateCertType
CAEnumCertTypes
CAGetCertTypeExtensions
CASetCertTypeExtension
CAFreeCertTypeProperty
CAFindByName
CAGetCertTypeProperty
CAAddCACertificateType
CASetCertTypeProperty
CAEnumCertTypesForCA
CASetCertTypeFlags

user32

SetCursor
LoadStringW
PostMessageW
SendMessageW
GetParent
GetDlgItemTextA
SystemParametersInfoW
wsprintfW
LoadIconW
GetDC
EnableWindow
EndDialog
SendDlgItemMessageW
InsertMenuItemW
ReleaseDC
LoadImageW
WinHelpW
DialogBoxParamW
LoadBitmapW
GetDlgItem
RegisterClipboardFormatW
SetWindowLongW
MessageBoxW
SetWindowTextW
LoadCursorW
SetDlgItemTextW
GetWindowLongW
SetFocus

advapi32

RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95af82079f852bd52b9c7d1e77f05ba3

Headers

File Characteristics

Imports

kernel32

msvcrt

certcli

user32

advapi32

comctl32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 74KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 74KB

.rsrc
Size: 23KB - Virtual size: 22KB