f9af548e2c4d65420221d5885ed92a47_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f9af548e2c4d65420221d5885ed92a47_JaffaCakes118
Size

99KB
MD5

f9af548e2c4d65420221d5885ed92a47
SHA1

6b75c426da781cc370d83a10fb83b94277cf2d94
SHA256

48459a24a4b40dd6516adc23d8118c9f50bfa322413729fd2fdf7759f1a9f8cf
SHA512

6a958ceafaab855ce00182febc750a9b03decb944c75411e94a4e0ed0a4741e2dbcfcb371deb62a07412aef571b8a91f438585bc3499bb61a8d2846213e6b5bf
SSDEEP

3072:lS1CNNOcVtbfID70pbjrxwD7e6ibEkz7:8CNoQbfID7II7e6ibb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9af548e2c4d65420221d5885ed92a47_JaffaCakes118

Files

f9af548e2c4d65420221d5885ed92a47_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a3031998a378a37dfda693bcb1d3f022

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseDC
SetWindowTextW
EnableWindow
InsertMenuItemW
LoadBitmapW
wsprintfW
GetDlgItem
GetWindowLongW
LoadIconW
GetDC
SystemParametersInfoW
DialogBoxParamW
GetParent
MessageBoxW
SendMessageW
SetCursor
SetWindowLongW
LoadCursorW
LoadStringW
LoadImageW
PostMessageW
WinHelpW
SetFocus
SetDlgItemTextW
SendDlgItemMessageW
GetDlgItemTextA
RegisterClipboardFormatW
EndDialog

msvcrt

malloc
wcscat
wcstoul
wcscmp
wcsstr
vswprintf
_onexit
__dllonexit
_wcsicmp
_wcsupr
wcschr
__RTDynamicCast
?terminate@@YAXXZ
wcsrchr
wcslen
mbstowcs
_adjust_fdiv
free
_purecall
wcscpy
??1type_info@@UAE@XZ
??3@YAXPAX@Z
_except_handler3
_initterm
memmove
??2@YAPAXI@Z

kernel32

CreateFileW
WideCharToMultiByte
LocalFree
InterlockedIncrement
RemoveDirectoryA
DeleteCriticalSection
GlobalAlloc
InterlockedDecrement
GlobalUnlock
GetSystemWindowsDirectoryW
QueryPerformanceCounter
GetStartupInfoA
GetCurrentProcess
GlobalFree
GetEnvironmentStringsW
SetLastError
GetModuleFileNameW
GetModuleHandleA
GetSystemTimeAsFileTime
lstrlenW
OutputDebugStringA
FileTimeToSystemTime
GetLastError
LoadLibraryW
GetSystemDefaultLangID
GetACP
SetUnhandledExceptionFilter
IsBadReadPtr
OutputDebugStringW
GetComputerNameW
InitializeCriticalSection
LocalReAlloc
lstrcpyW
FileTimeToLocalFileTime
GlobalLock
lstrcmpiW
GetDateFormatW
FormatMessageW
CloseHandle
GetTickCount

certcli

CAFreeCertTypeExtensions
CACertTypeSetSecurity
CASetCertTypeKeySpec
CASetCertTypeFlags
CAEnumCertTypes
CAAddCACertificateType
CAUpdateCertType
CAGetCertTypeKeySpec
CASetCertTypeProperty
CAEnumCertTypesForCA
CACloseCA
CACertTypeGetSecurity
CAGetCertTypeExtensions
CAEnumNextCertType
CAGetCertTypePropertyEx
CARemoveCACertificateType
CAGetCertTypeProperty
CAFreeCertTypeProperty
CAGetCertTypeFlags
CACloseCertType
CAGetCAProperty
CAUpdateCA
CAFreeCAProperty
CASetCertTypeExtension
CACreateCertType
CAFindCertTypeByName
CAFindByName

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW

gdi32

DeleteObject
GetDeviceCaps
CreateFontIndirectW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3031998a378a37dfda693bcb1d3f022

Headers

File Characteristics

Imports

user32

msvcrt

kernel32

certcli

advapi32

gdi32

comctl32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 113KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 113KB

.rsrc
Size: 24KB - Virtual size: 23KB