4951ae6fde1818ba1f252885a66c09b3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4951ae6fde1818ba1f252885a66c09b3_JaffaCakes118
Size

100KB
MD5

4951ae6fde1818ba1f252885a66c09b3
SHA1

d1d1a32f3b552b7a04d6b5b162d0a5a3ddc7896b
SHA256

cad7fc56ec7b9a795312b0031a8b8ece71c168c14a9f9e27e8872dd2872ad9d3
SHA512

25a04fda1ff539e41f6eb605fa1e64c09b5334be2f19837c62d6ee9e317c43ff61a9c3e77b41c3d702965df35e00403ad12ef4955334c2f507fc7c2d28aa4804
SSDEEP

1536:tiE50zX5vZ6cl1n7arrW0V9WJDYpORwPra/Z/doZhbQ3po3n6ueNd9t8zyML/:94pvZ6clFarTmrRa0/Q4S3S9aN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4951ae6fde1818ba1f252885a66c09b3_JaffaCakes118

Files

4951ae6fde1818ba1f252885a66c09b3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9e734c5d7e433fff707471d26952f22c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAFindCertTypeByName
CAGetCertTypeProperty
CASetCertTypeFlags
CAGetCAProperty
CAEnumCertTypesForCA
CAFreeCertTypeExtensions
CAGetCertTypeKeySpec
CACreateCertType
CASetCertTypeProperty
CAAddCACertificateType
CARemoveCACertificateType
CASetCertTypeExtension
CACloseCertType
CAGetCertTypePropertyEx
CACertTypeSetSecurity
CAUpdateCertType
CAGetCertTypeExtensions
CAGetCertTypeFlags
CACertTypeGetSecurity
CAFreeCAProperty
CAFreeCertTypeProperty
CAUpdateCA
CAEnumNextCertType
CACloseCA
CASetCertTypeKeySpec
CAFindByName
CAEnumCertTypes

kernel32

WideCharToMultiByte
GetCPInfo
CloseHandle
CreateFileW
GetModuleFileNameW
GlobalAlloc
IsBadReadPtr
FormatMessageW
FileTimeToLocalFileTime
GetLastError
GetProcAddress
InitializeCriticalSection
GlobalFree
lstrlenW
GetSystemTimeAsFileTime
GetModuleHandleA
lstrcmpiW
InterlockedDecrement
GetSystemWindowsDirectoryW
OutputDebugStringW
LoadLibraryW
InterlockedIncrement
LocalFree
GlobalUnlock
GetStartupInfoA
LocalReAlloc
GetSystemDefaultLangID
DeleteCriticalSection
SetLastError
GetComputerNameW
GetTickCount
GlobalLock
GetCurrentThread
FileTimeToSystemTime
QueryPerformanceCounter
GetDateFormatW
lstrcpyW
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetCurrentProcess
OutputDebugStringA

user32

LoadStringW
LoadImageW
SetFocus
GetWindowLongW
SendDlgItemMessageW
LoadCursorW
SetDlgItemTextW
MessageBoxW
LoadIconW
SetCursor
RegisterClipboardFormatW
wsprintfW
LoadBitmapW
SendMessageW
GetParent
DialogBoxParamW
SystemParametersInfoW
WinHelpW
SetWindowLongW
GetDlgItem
ReleaseDC
GetDlgItemTextA
GetDC
InsertMenuItemW
EnableWindow
PostMessageW
SetWindowTextW
EndDialog

msvcrt

vswprintf
_initterm
wcsstr
mbstowcs
free
??1type_info@@UAE@XZ
__dllonexit
wcstoul
__RTDynamicCast
_except_handler3
wcscpy
memmove
??3@YAXPAX@Z
_wcsupr
wcslen
_onexit
wcschr
?terminate@@YAXXZ
??2@YAPAXI@Z
_wcsicmp
wcscmp
wcsrchr
_adjust_fdiv
malloc
wcscat

comctl32

CreatePropertySheetPageW
PropertySheetW

advapi32

RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e734c5d7e433fff707471d26952f22c

Headers

File Characteristics

Imports

certcli

kernel32

user32

msvcrt

comctl32

advapi32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 70KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 70KB

.rsrc
Size: 23KB - Virtual size: 22KB