047bee1de282e29ceff848662b32bf22_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

047bee1de282e29ceff848662b32bf22_JaffaCakes118
Size

102KB
MD5

047bee1de282e29ceff848662b32bf22
SHA1

ebd2877acbf8a86d4279772d5acf8c208fea4701
SHA256

50f29e1426b6d51779168690e3d7f9acdb5620f12e6013b999b2cd3779db94cf
SHA512

17f1c5ef61a4aac2b5b71514eebe56793c09159d81f272f6d0f47ef45f57149782e0b7285d993c74f5a16a1afc22b779b10c754fa4a832dae8eafa9795caaa77
SSDEEP

3072:RemCejxPosdau99MvCPuwx+r6poEUlyr8Ssk6lCb:RCiVXNcCmZryB7sk6l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
047bee1de282e29ceff848662b32bf22_JaffaCakes118

Files

047bee1de282e29ceff848662b32bf22_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bcd60a08e5ae571aff8e7bb055c1aff1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcschr
??2@YAPAXI@Z
_except_handler3
_wcsicmp
_adjust_fdiv
mbstowcs
wcscpy
free
_onexit
wcscat
?terminate@@YAXXZ
??1type_info@@UAE@XZ
vswprintf
wcslen
wcstoul
wcscmp
memmove
__RTDynamicCast
??3@YAXPAX@Z
__dllonexit
_wcsupr
_initterm
wcsstr
wcsrchr
malloc

certcli

CAUpdateCA
CACloseCA
CAGetCertTypePropertyEx
CAEnumNextCertType
CAFreeCAProperty
CAUpdateCertType
CACertTypeGetSecurity
CACertTypeSetSecurity
CAFindByName
CAGetCertTypeFlags
CACreateCertType
CASetCertTypeProperty
CAFindCertTypeByName
CAGetCertTypeExtensions
CAFreeCertTypeExtensions
CAGetCertTypeProperty
CAEnumCertTypes
CAGetCertTypeKeySpec
CACloseCertType
CASetCertTypeFlags
CAFreeCertTypeProperty
CASetCertTypeKeySpec
CARemoveCACertificateType
CAAddCACertificateType
CASetCertTypeExtension
CAGetCAProperty
CAEnumCertTypesForCA

user32

EndDialog
GetDlgItemTextA
LoadImageW
SendMessageW
DialogBoxParamW
GetDC
EnableWindow
SetWindowTextW
GetParent
LoadCursorW
GetDlgItem
WinHelpW
SendDlgItemMessageW
SetFocus
GetWindowLongW
LoadStringW
PostMessageW
InsertMenuItemW
MessageBoxW
RegisterClipboardFormatW
wsprintfW
SetWindowLongW
SetDlgItemTextW
ReleaseDC
SystemParametersInfoW
LoadBitmapW
LoadIconW
SetCursor

kernel32

GetCurrentProcess
GetSystemDefaultLangID
GlobalAlloc
OutputDebugStringA
lstrcmpiW
InterlockedDecrement
GetModuleFileNameW
LocalFree
DeleteCriticalSection
GetLastError
FileTimeToSystemTime
SetUnhandledExceptionFilter
lstrcpyW
lstrlenW
SetLastError
LoadLibraryW
FileTimeToLocalFileTime
GlobalFree
GlobalUnlock
CreateFileW
GetTickCount
LocalReAlloc
InitializeCriticalSection
GetCurrentThread
GetEnvironmentStringsW
InterlockedIncrement
GetProcAddress
GetSystemWindowsDirectoryW
GlobalLock
FormatMessageW
GetSystemTimeAsFileTime
WideCharToMultiByte
GetModuleHandleA
OutputDebugStringW
IsBadReadPtr
GetCPInfo
GetStartupInfoA
CloseHandle
GetDateFormatW
GetComputerNameW
QueryPerformanceCounter

advapi32

RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
RegEnumKeyExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcd60a08e5ae571aff8e7bb055c1aff1

Headers

File Characteristics

Imports

msvcrt

certcli

user32

kernel32

advapi32

comctl32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 122KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 122KB

.rsrc
Size: 23KB - Virtual size: 22KB