0fe63ebda2adb025bb00aa2a5820e918_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0fe63ebda2adb025bb00aa2a5820e918_JaffaCakes118
Size

102KB
MD5

0fe63ebda2adb025bb00aa2a5820e918
SHA1

0502a180056167cd92f80f81562173aec671ead3
SHA256

af17756d968e6ebf7b43276061ea5e0f5d15ba0b0f501c0bc682fa5c71079095
SHA512

4af18aa5190ffd44b08af7afdb11f0ab9aca0fce626f904097829ea89cacdb2308d0389e7071315bb6851f88edd9e2750764edbf6097d24d165553f8696bda14
SSDEEP

3072:6DO5263YmNruFe+dYSVwN87+CeKZsBUF:6DO52g1ruVYNc+XKZsB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fe63ebda2adb025bb00aa2a5820e918_JaffaCakes118

Files

0fe63ebda2adb025bb00aa2a5820e918_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c8039dbd6630ef4f3bc75801ae5eba17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
wcslen
vswprintf
??3@YAXPAX@Z
wcsrchr
wcschr
wcscpy
free
??2@YAPAXI@Z
__RTDynamicCast
_initterm
_onexit
memmove
malloc
?terminate@@YAXXZ
_wcsicmp
wcstoul
_wcsupr
_adjust_fdiv
mbstowcs
_purecall
wcscat
wcscmp
??1type_info@@UAE@XZ
wcsstr
__dllonexit

certcli

CASetCertTypeExtension
CAEnumCertTypes
CASetCertTypeFlags
CAUpdateCA
CAGetCAProperty
CAEnumNextCertType
CACloseCertType
CAAddCACertificateType
CACreateCertType
CAGetCertTypePropertyEx
CACertTypeSetSecurity
CAGetCertTypeFlags
CAFindByName
CAFreeCertTypeExtensions
CASetCertTypeProperty
CAGetCertTypeProperty
CACertTypeGetSecurity
CACloseCA
CAFindCertTypeByName
CASetCertTypeKeySpec
CAEnumCertTypesForCA
CAGetCertTypeExtensions
CAGetCertTypeKeySpec
CAUpdateCertType
CARemoveCACertificateType
CAFreeCertTypeProperty
CAFreeCAProperty

kernel32

IsBadReadPtr
GlobalLock
OutputDebugStringA
GlobalAlloc
InterlockedDecrement
GetEnvironmentStringsW
GetSystemDefaultLangID
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
RemoveDirectoryA
LocalReAlloc
SetLastError
GetModuleHandleA
lstrcmpiW
GetACP
GetComputerNameW
GlobalFree
CloseHandle
DeleteCriticalSection
OutputDebugStringW
FormatMessageW
QueryPerformanceCounter
GlobalUnlock
GetCurrentProcess
WideCharToMultiByte
lstrlenW
LoadLibraryW
InitializeCriticalSection
lstrcpyW
FileTimeToSystemTime
CreateFileW
GetDateFormatW
GetTickCount
LocalFree
GetLastError
GetModuleFileNameW
GetSystemWindowsDirectoryW
InterlockedIncrement
GetStartupInfoA

user32

LoadBitmapW
SetFocus
EnableWindow
LoadCursorW
RegisterClipboardFormatW
LoadImageW
MessageBoxW
LoadStringW
GetDlgItem
SendDlgItemMessageW
SetCursor
wsprintfW
SystemParametersInfoW
PostMessageW
SetWindowTextW
SendMessageW
GetDlgItemTextA
InsertMenuItemW
WinHelpW
SetDlgItemTextW
GetWindowLongW
DialogBoxParamW
ReleaseDC
SetWindowLongW
EndDialog
GetParent
GetDC
LoadIconW

comctl32

CreatePropertySheetPageW
PropertySheetW

advapi32

RegDeleteValueW
RegSetValueExW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8039dbd6630ef4f3bc75801ae5eba17

Headers

File Characteristics

Imports

msvcrt

certcli

kernel32

user32

comctl32

advapi32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 123KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 123KB

.rsrc
Size: 24KB - Virtual size: 23KB