55fe243c0754570e718625b9233d8ade_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

55fe243c0754570e718625b9233d8ade_JaffaCakes118
Size

102KB
MD5

55fe243c0754570e718625b9233d8ade
SHA1

b2c774d82fbb08610e1f53c40d0102b7ac79e0cb
SHA256

cf2ea9e70741142444adaeca0b1a3251ac45d55273a3cd0aff5c7b251c684720
SHA512

446093a512b7c997773ee364498186a4817d3b3763ae485fe331a97bdb91f2bb1a18036d8e90b53faec2af2d8197bc0877fca41ebbda99a43767c7e08e71458b
SSDEEP

1536:+iQZU7dHoTEtHT3cpsZUXcTOsH+Ft4QOAsAujDggsPFuifQ0lUq:++dGEN3mXQOoiWQOAs/DLskifQ0lU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55fe243c0754570e718625b9233d8ade_JaffaCakes118

Files

55fe243c0754570e718625b9233d8ade_JaffaCakes118
.exe windows:5 windows x86 arch:x86

214cea20f6e51bb739c0157c32d46a46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetComputerNameW
LocalFree
LoadLibraryW
GetSystemWindowsDirectoryW
GetCurrentProcess
RemoveDirectoryA
GlobalLock
lstrlenW
QueryPerformanceCounter
GetTickCount
InterlockedIncrement
GetDateFormatW
LocalReAlloc
GetModuleFileNameW
InitializeCriticalSection
GetProcAddress
GetSystemDefaultLangID
GetModuleHandleA
SetLastError
FileTimeToLocalFileTime
GetCPInfo
FormatMessageW
CloseHandle
lstrcmpiW
CreateFileW
FileTimeToSystemTime
GlobalUnlock
GetStartupInfoA
GlobalAlloc
InterlockedDecrement
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetLastError
IsBadReadPtr
GlobalFree
WideCharToMultiByte
lstrcpyW
OutputDebugStringA
DeleteCriticalSection
OutputDebugStringW

user32

SystemParametersInfoW
WinHelpW
RegisterClipboardFormatW
GetWindowLongW
SendMessageW
DialogBoxParamW
GetDC
GetDlgItem
GetDlgItemTextA
LoadStringW
EndDialog
SetFocus
EnableWindow
wsprintfW
SetWindowTextW
GetParent
SetDlgItemTextW
SendDlgItemMessageW
LoadCursorW
LoadImageW
LoadBitmapW
SetWindowLongW
SetCursor
ReleaseDC
MessageBoxW
InsertMenuItemW
LoadIconW
PostMessageW

certcli

CAFindCertTypeByName
CAEnumCertTypesForCA
CACertTypeSetSecurity
CASetCertTypeKeySpec
CAGetCertTypePropertyEx
CASetCertTypeExtension
CARemoveCACertificateType
CAUpdateCA
CACertTypeGetSecurity
CAUpdateCertType
CAFreeCertTypeExtensions
CACloseCA
CAFindByName
CAEnumNextCertType
CAGetCertTypeExtensions
CAGetCertTypeProperty
CAGetCertTypeKeySpec
CAFreeCAProperty
CASetCertTypeProperty
CACreateCertType
CASetCertTypeFlags
CAGetCAProperty
CAGetCertTypeFlags
CAAddCACertificateType
CAFreeCertTypeProperty
CACloseCertType
CAEnumCertTypes

advapi32

RegDeleteValueW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW

msvcrt

vswprintf
wcschr
_wcsicmp
wcscat
??2@YAPAXI@Z
??3@YAXPAX@Z
_wcsupr
__dllonexit
_except_handler3
__RTDynamicCast
malloc
_adjust_fdiv
wcscpy
wcsstr
memmove
wcsrchr
wcstoul
_onexit
_initterm
mbstowcs
wcslen
??1type_info@@UAE@XZ
free
?terminate@@YAXXZ
wcscmp

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

214cea20f6e51bb739c0157c32d46a46

Headers

File Characteristics

Imports

kernel32

user32

certcli

advapi32

msvcrt

comctl32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 116KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 116KB

.rsrc
Size: 24KB - Virtual size: 24KB