0e0ddd8da52d28bf23589d2fcacbe72e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0e0ddd8da52d28bf23589d2fcacbe72e_JaffaCakes118
Size

102KB
MD5

0e0ddd8da52d28bf23589d2fcacbe72e
SHA1

acaa305be23dd9791f4d79b2a3d7723b8986f4a9
SHA256

79cfa8956ff1bda696fb165c704e07d73f02cbeb1c4a6b26c7edabc790b92410
SHA512

ae713150b0a69a553af6616a3dc4f0724237f666cb7bef5a8b24377ef87c2418a5659b1e790bfb0e823d4686d33f7b2bad103a33305a4c2e2b172bea5ba16685
SSDEEP

1536:nVpideCh9GnRd+/7wzrci3os2+JcAztgBEREVQLXsoE2tt7hB2EBOE6qcg:VpGeO8n0k93X2qVEVQLXsob7aE8+c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e0ddd8da52d28bf23589d2fcacbe72e_JaffaCakes118

Files

0e0ddd8da52d28bf23589d2fcacbe72e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e8b7cc881c7c96c48da8d8e81fdf47eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAEnumNextCertType
CAFreeCertTypeExtensions
CACreateCertType
CAGetCertTypeExtensions
CACloseCA
CAFindByName
CAGetCertTypeFlags
CACertTypeSetSecurity
CAEnumCertTypes
CACloseCertType
CAUpdateCA
CAFreeCertTypeProperty
CARemoveCACertificateType
CAFreeCAProperty
CAUpdateCertType
CAFindCertTypeByName
CAGetCAProperty
CASetCertTypeKeySpec
CAGetCertTypeProperty
CASetCertTypeExtension
CAEnumCertTypesForCA
CACertTypeGetSecurity
CASetCertTypeProperty
CASetCertTypeFlags
CAGetCertTypePropertyEx
CAAddCACertificateType
CAGetCertTypeKeySpec

kernel32

InterlockedIncrement
lstrcpyW
GetDateFormatW
lstrlenW
OutputDebugStringA
GetCurrentProcess
GetTickCount
SetLastError
GlobalLock
InitializeCriticalSection
FormatMessageW
GetComputerNameW
DeleteCriticalSection
SetUnhandledExceptionFilter
GetACP
GetSystemTimeAsFileTime
CreateFileW
GetStartupInfoA
LocalReAlloc
GetLastError
FileTimeToLocalFileTime
GlobalAlloc
GetSystemDefaultLangID
GetModuleHandleA
GetEnvironmentStringsW
CloseHandle
LoadLibraryW
GlobalUnlock
FileTimeToSystemTime
WideCharToMultiByte
RemoveDirectoryA
IsBadReadPtr
lstrcmpiW
GetModuleFileNameW
GetSystemWindowsDirectoryW
QueryPerformanceCounter
GlobalFree
InterlockedDecrement
OutputDebugStringW
LocalFree

user32

RegisterClipboardFormatW
SendMessageW
EndDialog
InsertMenuItemW
SendDlgItemMessageW
DialogBoxParamW
wsprintfW
LoadCursorW
GetParent
PostMessageW
GetDlgItem
GetWindowLongW
EnableWindow
LoadBitmapW
SetWindowTextW
SetDlgItemTextW
SetFocus
MessageBoxW
SetWindowLongW
GetDlgItemTextA
SetCursor
LoadIconW
LoadStringW
GetDC
WinHelpW
ReleaseDC
LoadImageW
SystemParametersInfoW

comctl32

PropertySheetW
CreatePropertySheetPageW

msvcrt

??2@YAPAXI@Z
wcscmp
wcstoul
__dllonexit
wcsrchr
_purecall
?terminate@@YAXXZ
??3@YAXPAX@Z
wcscpy
_except_handler3
mbstowcs
??1type_info@@UAE@XZ
wcsstr
memmove
wcschr
_initterm
malloc
_wcsupr
free
_onexit
_adjust_fdiv
wcslen
wcscat
__RTDynamicCast
vswprintf
_wcsicmp

advapi32

RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8b7cc881c7c96c48da8d8e81fdf47eb

Headers

File Characteristics

Imports

certcli

kernel32

user32

comctl32

msvcrt

advapi32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 72KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 72KB

.rsrc
Size: 23KB - Virtual size: 22KB