0507cedcc3224542412550f196038057_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0507cedcc3224542412550f196038057_JaffaCakes118
Size

99KB
MD5

0507cedcc3224542412550f196038057
SHA1

11ca8e2241bdf890b6510ac59f3b1e0e792b7d3f
SHA256

377c1825f37d896de6e8c0cd994f077c8f0b289135f648f0e2e807668bb2db1d
SHA512

ccd81aca932387ee31bb1e04e3fe219bdf1718b793d34051a3486e9a5e1004dcc1d39cfded1d8769d734a3caeaaf7240285ee4c41ae24605459979983a69b42f
SSDEEP

1536:8cu5/0JgUWb6UySkfW4Jaq4AlVcg0r1mUOZxHm7YqJB64k+kDkqcl:8BbkSX4JaHA0gOCxHm8k64iDk7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0507cedcc3224542412550f196038057_JaffaCakes118

Files

0507cedcc3224542412550f196038057_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e1d35f922535e77e27099ef3bc26f232

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??2@YAPAXI@Z
wcschr
wcsrchr
_initterm
mbstowcs
_wcsicmp
wcscpy
vswprintf
_wcsupr
free
?terminate@@YAXXZ
memmove
__RTDynamicCast
??1type_info@@UAE@XZ
wcscmp
wcsstr
wcstoul
_adjust_fdiv
_except_handler3
wcslen
wcscat
??3@YAXPAX@Z
_onexit
malloc
__dllonexit

user32

wsprintfW
PostMessageW
MessageBoxW
ReleaseDC
EnableWindow
LoadCursorW
SetDlgItemTextW
WinHelpW
GetDlgItem
GetDC
SetWindowTextW
GetParent
SystemParametersInfoW
EndDialog
SetWindowLongW
SetFocus
LoadIconW
LoadBitmapW
InsertMenuItemW
GetDlgItemTextA
SendMessageW
SetCursor
LoadStringW
GetWindowLongW
RegisterClipboardFormatW
SendDlgItemMessageW
DialogBoxParamW
LoadImageW

kernel32

IsBadReadPtr
lstrcmpiW
GetProcAddress
GetCurrentThread
InterlockedDecrement
CreateFileW
OutputDebugStringW
lstrlenW
GetSystemWindowsDirectoryW
OutputDebugStringA
FormatMessageW
InitializeCriticalSection
GetDateFormatW
GetCPInfo
LoadLibraryW
DeleteCriticalSection
GlobalUnlock
WideCharToMultiByte
GetModuleHandleA
GetSystemDefaultLangID
GetLastError
GlobalFree
FileTimeToLocalFileTime
GetTickCount
GlobalLock
LocalFree
CloseHandle
GetModuleFileNameW
GetSystemTimeAsFileTime
GetEnvironmentStringsW
QueryPerformanceCounter
FileTimeToSystemTime
SetLastError
GetStartupInfoA
GetCurrentProcess
InterlockedIncrement
LocalReAlloc
SetUnhandledExceptionFilter
GetComputerNameW
lstrcpyW
GlobalAlloc

certcli

CAGetCertTypeProperty
CASetCertTypeExtension
CACreateCertType
CAGetCertTypeFlags
CARemoveCACertificateType
CAEnumNextCertType
CAFreeCAProperty
CAFindByName
CAFindCertTypeByName
CAGetCAProperty
CAFreeCertTypeExtensions
CACloseCertType
CASetCertTypeProperty
CAGetCertTypeKeySpec
CACloseCA
CACertTypeGetSecurity
CASetCertTypeKeySpec
CAFreeCertTypeProperty
CAGetCertTypeExtensions
CAUpdateCA
CACertTypeSetSecurity
CAUpdateCertType
CAGetCertTypePropertyEx
CASetCertTypeFlags
CAEnumCertTypes
CAAddCACertificateType
CAEnumCertTypesForCA

advapi32

RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegCreateKeyExW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1d35f922535e77e27099ef3bc26f232

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

certcli

advapi32

comctl32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 106KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 106KB

.rsrc
Size: 23KB - Virtual size: 22KB