fa1c57dbeaf4da21076490ccfb05d7be_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fa1c57dbeaf4da21076490ccfb05d7be_JaffaCakes118
Size

103KB
MD5

fa1c57dbeaf4da21076490ccfb05d7be
SHA1

6c04676c8faeca732a8c6adfd629dc2d917b413f
SHA256

3694e864b7682eb8dd38391a6a096945cfa50b1d4d46add52e9caa845ad66f58
SHA512

17355bdaaa2b96a50281995503df4e905a80ecd4688f4731a71fabd147ba0296c51aff30eabfd57e0c38958717fca609fc6b6fe6c0a0087742c9f7c1a59e5322
SSDEEP

3072:g4wx8RZHccyTIHMayMvkR8cQbJfdIZKYS:XqgctaFcQaK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa1c57dbeaf4da21076490ccfb05d7be_JaffaCakes118

Files

fa1c57dbeaf4da21076490ccfb05d7be_JaffaCakes118
.exe windows:5 windows x86 arch:x86

98fbaabe2c01c0b4e38ba97a74258858

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAEnumNextCertType
CACloseCA
CARemoveCACertificateType
CAGetCertTypeExtensions
CAGetCertTypePropertyEx
CACloseCertType
CASetCertTypeExtension
CAFindByName
CAUpdateCA
CAFreeCAProperty
CAEnumCertTypes
CAFreeCertTypeExtensions
CASetCertTypeKeySpec
CAEnumCertTypesForCA
CASetCertTypeFlags
CAFreeCertTypeProperty
CAAddCACertificateType
CACertTypeGetSecurity
CAGetCertTypeFlags
CACertTypeSetSecurity
CAFindCertTypeByName
CASetCertTypeProperty
CAGetCertTypeProperty
CAUpdateCertType
CAGetCAProperty
CAGetCertTypeKeySpec
CACreateCertType

user32

GetParent
GetDlgItem
EnableWindow
InsertMenuItemW
GetDC
SendMessageW
LoadIconW
LoadStringW
GetDlgItemTextA
PostMessageW
LoadCursorW
SendDlgItemMessageW
SetWindowTextW
SetFocus
LoadImageW
RegisterClipboardFormatW
SetDlgItemTextW
DialogBoxParamW
EndDialog
LoadBitmapW
SetCursor
WinHelpW
ReleaseDC
MessageBoxW
wsprintfW
GetWindowLongW
SetWindowLongW
SystemParametersInfoW

advapi32

RegCreateKeyExW
RegQueryValueExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW

kernel32

SetUnhandledExceptionFilter
CloseHandle
FileTimeToSystemTime
GetLastError
GetTickCount
GlobalLock
GetModuleFileNameW
DeleteCriticalSection
LocalReAlloc
GetSystemTimeAsFileTime
SetLastError
GlobalFree
WideCharToMultiByte
CreateFileW
InterlockedDecrement
GlobalUnlock
GetACP
GetDateFormatW
GetEnvironmentStringsW
lstrlenW
IsBadReadPtr
lstrcpyW
lstrcmpiW
QueryPerformanceCounter
InterlockedIncrement
OutputDebugStringW
LocalFree
GetStartupInfoA
FormatMessageW
RemoveDirectoryA
OutputDebugStringA
FileTimeToLocalFileTime
LoadLibraryW
GetSystemDefaultLangID
GetComputerNameW
GetModuleHandleA
GetSystemWindowsDirectoryW
GetCurrentProcess
InitializeCriticalSection
GlobalAlloc

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
wcsstr
malloc
??3@YAXPAX@Z
free
wcstoul
wcschr
wcscpy
wcsrchr
_wcsicmp
?terminate@@YAXXZ
_initterm
??2@YAPAXI@Z
__dllonexit
vswprintf
wcscmp
_onexit
__RTDynamicCast
_wcsupr
_purecall
_except_handler3
wcslen
mbstowcs
memmove
wcscat

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98fbaabe2c01c0b4e38ba97a74258858

Headers

File Characteristics

Imports

certcli

user32

advapi32

kernel32

msvcrt

comctl32

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 68KB

.rsrc Size: 25KB - Virtual size: 24KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 68KB

.rsrc
Size: 25KB - Virtual size: 24KB