555275bdae71aad49b60acfa16c611a7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

555275bdae71aad49b60acfa16c611a7_JaffaCakes118
Size

101KB
MD5

555275bdae71aad49b60acfa16c611a7
SHA1

596af83cb49cbbe4178b6518d24881333c5d004a
SHA256

7409a65c27625a8cb77b58456c01656eaf3cc55459b66aa9b29cfd22599354eb
SHA512

4852dd093fa9505f97bddfe8aa3ec96f7a43f491ba4a7ce31bd96dadcf0cd729fb7fd53491e6e1d5c6160897897f79e634bbb801a78ca94bfd0a599620993b83
SSDEEP

1536:5dVmhFurWywP3SU0fbHzrQo3XHEJsBtCsILrstT+ey6CYjsK0e:1mhFurWr/SU0fPHcyIPLrstTa69jsKT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
555275bdae71aad49b60acfa16c611a7_JaffaCakes118

Files

555275bdae71aad49b60acfa16c611a7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

15acf2e75322abdf60d528afac25288b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DialogBoxParamW
RegisterClipboardFormatW
LoadIconW
SetCursor
ReleaseDC
LoadImageW
EnableWindow
MessageBoxW
SendMessageW
SendDlgItemMessageW
SystemParametersInfoW
SetWindowLongW
SetWindowTextW
GetDlgItem
GetDlgItemTextA
wsprintfW
GetWindowLongW
LoadCursorW
InsertMenuItemW
PostMessageW
WinHelpW
GetParent
LoadStringW
SetFocus
SetDlgItemTextW
EndDialog
LoadBitmapW
GetDC

kernel32

FormatMessageW
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GlobalAlloc
GlobalLock
LocalFree
OutputDebugStringW
LocalReAlloc
OutputDebugStringA
LoadLibraryW
InterlockedIncrement
GetModuleHandleA
GetSystemDefaultLangID
RemoveDirectoryA
CreateFileW
GetProcAddress
InitializeCriticalSection
GetSystemWindowsDirectoryW
GetCurrentProcess
CloseHandle
SetLastError
GetCPInfo
GetDateFormatW
WideCharToMultiByte
GetStartupInfoA
QueryPerformanceCounter
GlobalUnlock
FileTimeToSystemTime
lstrlenW
InterlockedDecrement
GetLastError
FileTimeToLocalFileTime
GetModuleFileNameW
GetComputerNameW
GlobalFree
lstrcpyW
DeleteCriticalSection
IsBadReadPtr
lstrcmpiW
SetUnhandledExceptionFilter
GetTickCount

advapi32

RegQueryValueExW
RegDeleteValueW
RegCloseKey
RegDeleteKeyW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW

certcli

CARemoveCACertificateType
CAUpdateCA
CAFreeCAProperty
CAEnumCertTypesForCA
CAGetCertTypeExtensions
CAAddCACertificateType
CAFreeCertTypeProperty
CAFreeCertTypeExtensions
CAFindByName
CAGetCertTypeFlags
CACreateCertType
CAEnumNextCertType
CACertTypeGetSecurity
CAEnumCertTypes
CACloseCA
CAGetCertTypeProperty
CASetCertTypeKeySpec
CACloseCertType
CASetCertTypeExtension
CASetCertTypeProperty
CACertTypeSetSecurity
CAUpdateCertType
CAFindCertTypeByName
CAGetCAProperty
CASetCertTypeFlags
CAGetCertTypeKeySpec
CAGetCertTypePropertyEx

msvcrt

_wcsicmp
??3@YAXPAX@Z
_onexit
wcsstr
??1type_info@@UAE@XZ
wcsrchr
mbstowcs
wcscpy
_wcsupr
_initterm
wcstoul
vswprintf
_adjust_fdiv
?terminate@@YAXXZ
wcscat
wcscmp
__dllonexit
wcschr
free
malloc
??2@YAPAXI@Z
__RTDynamicCast
memmove
wcslen
_except_handler3

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15acf2e75322abdf60d528afac25288b

Headers

File Characteristics

Imports

user32

kernel32

advapi32

certcli

msvcrt

comctl32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 98KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 98KB

.rsrc
Size: 23KB - Virtual size: 23KB