2cdac33f9ff90c011460b9f2e5ebcee8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cdac33f9ff90c011460b9f2e5ebcee8_JaffaCakes118
Size

98KB
MD5

2cdac33f9ff90c011460b9f2e5ebcee8
SHA1

b2a1b517d3c007967392d4667652bf19f615d80f
SHA256

2c71b52bf8035fb26c609a3dd48903881de2812a62c49201d8f15a57ed4cbbc5
SHA512

f451b57097970e5796bf9850ca0f4279a264640776559b523611f37ccc1bb4be325301615afb87bbecdcefcfae8fe3173b9f2b1693a76080c67bf3b1bc82d2e4
SSDEEP

3072:dKeCpPCkHb7xqs53PZAAULW3aBmsuylEOtensbJ:kTRNfxH53GLCqZEOt4uJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cdac33f9ff90c011460b9f2e5ebcee8_JaffaCakes118

Files

2cdac33f9ff90c011460b9f2e5ebcee8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a73a4784cfae2940c0354681e81094e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??3@YAXPAX@Z
_initterm
wcslen
??1type_info@@UAE@XZ
__RTDynamicCast
_wcsupr
wcsstr
wcscmp
_onexit
_purecall
__dllonexit
wcscat
wcscpy
??2@YAPAXI@Z
malloc
_adjust_fdiv
mbstowcs
wcsrchr
memmove
_except_handler3
_wcsicmp
wcstoul
wcschr
free
vswprintf
?terminate@@YAXXZ

kernel32

GlobalUnlock
GetEnvironmentStringsW
GlobalFree
CloseHandle
GetSystemDefaultLangID
GetStartupInfoA
LoadLibraryW
FileTimeToSystemTime
GlobalAlloc
OutputDebugStringA
OutputDebugStringW
GetSystemTimeAsFileTime
DeleteCriticalSection
LocalFree
IsBadReadPtr
SetUnhandledExceptionFilter
GetCurrentProcess
GetLastError
lstrcmpiW
InterlockedIncrement
GetComputerNameW
GetSystemWindowsDirectoryW
SetLastError
InterlockedDecrement
GetACP
LocalReAlloc
FileTimeToLocalFileTime
GetModuleFileNameW
CreateFileW
RemoveDirectoryA
GetTickCount
QueryPerformanceCounter
InitializeCriticalSection
GlobalLock
FormatMessageW
lstrlenW
GetDateFormatW
WideCharToMultiByte
lstrcpyW
GetModuleHandleA

user32

LoadStringW
LoadCursorW
SendMessageW
MessageBoxW
GetParent
SetWindowTextW
SendDlgItemMessageW
LoadBitmapW
SetFocus
PostMessageW
ReleaseDC
EndDialog
SetCursor
DialogBoxParamW
SystemParametersInfoW
SetDlgItemTextW
GetDC
GetDlgItemTextA
LoadImageW
InsertMenuItemW
GetDlgItem
SetWindowLongW
WinHelpW
wsprintfW
RegisterClipboardFormatW
EnableWindow
LoadIconW
GetWindowLongW

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegSetValueExW
RegDeleteValueW
RegCloseKey
RegQueryValueExW
RegEnumKeyExW

comctl32

PropertySheetW
CreatePropertySheetPageW

certcli

CASetCertTypeKeySpec
CARemoveCACertificateType
CAUpdateCA
CAGetCertTypeFlags
CAGetCertTypeKeySpec
CACertTypeGetSecurity
CACloseCertType
CACertTypeSetSecurity
CAFindByName
CAFindCertTypeByName
CAGetCAProperty
CAEnumCertTypes
CASetCertTypeExtension
CAGetCertTypePropertyEx
CAUpdateCertType
CASetCertTypeFlags
CAGetCertTypeExtensions
CASetCertTypeProperty
CAAddCACertificateType
CAGetCertTypeProperty
CACloseCA
CAFreeCAProperty
CAFreeCertTypeExtensions
CAEnumNextCertType
CACreateCertType
CAFreeCertTypeProperty
CAEnumCertTypesForCA

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a73a4784cfae2940c0354681e81094e5

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

comctl32

certcli

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 78KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 78KB

.rsrc
Size: 23KB - Virtual size: 22KB