5db1321c96a5a806d033defa5d3f0589_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5db1321c96a5a806d033defa5d3f0589_JaffaCakes118
Size

103KB
MD5

5db1321c96a5a806d033defa5d3f0589
SHA1

562808f443458026613f70ac068cdb5b896cae86
SHA256

4158bec7e81f98fc76586142746dfacf3436b0c3367a4c96f63776faf96773c7
SHA512

fc622c17c193e96806dd34a018ec4a4aad8d7a21ebc07b0eb7005919dc3176d59db41a088d7c27476ce10f6d4ff72fa1829ca60c7f6ab8adba05e98ed9be1d65
SSDEEP

1536:GIFHIGduCi4NfPiXUoUFWoSmHuAWwwnLqN1SiJdkKselLDD:GIFHG+fWIFPS0uwwn+NHJdkKsADD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5db1321c96a5a806d033defa5d3f0589_JaffaCakes118

Files

5db1321c96a5a806d033defa5d3f0589_JaffaCakes118
.exe windows:5 windows x86 arch:x86

57e974aa52e94bb3f605956be25b33f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
QueryPerformanceCounter
GetDateFormatW
GlobalFree
GetProcAddress
OutputDebugStringA
GetCurrentProcess
WideCharToMultiByte
GetSystemTimeAsFileTime
LocalFree
DeleteCriticalSection
InterlockedIncrement
GetLastError
InterlockedDecrement
SetUnhandledExceptionFilter
GlobalLock
GetModuleFileNameW
SetLastError
GetEnvironmentStringsW
FileTimeToLocalFileTime
lstrlenW
GetComputerNameW
GetCPInfo
LocalReAlloc
GetStartupInfoA
GlobalAlloc
GetModuleHandleA
lstrcpyW
GetCurrentThread
GlobalUnlock
CloseHandle
FileTimeToSystemTime
FormatMessageW
OutputDebugStringW
lstrcmpiW
IsBadReadPtr
InitializeCriticalSection
GetSystemWindowsDirectoryW
LoadLibraryW
GetTickCount
GetSystemDefaultLangID

user32

GetWindowLongW
SendDlgItemMessageW
ReleaseDC
wsprintfW
SetFocus
LoadIconW
PostMessageW
SetWindowLongW
SetCursor
LoadImageW
InsertMenuItemW
WinHelpW
GetDlgItemTextA
EnableWindow
SendMessageW
SetDlgItemTextW
RegisterClipboardFormatW
GetDC
DialogBoxParamW
SetWindowTextW
LoadStringW
SystemParametersInfoW
EndDialog
GetParent
LoadCursorW
MessageBoxW
LoadBitmapW
GetDlgItem

msvcrt

wcscat
wcsstr
mbstowcs
wcscpy
_initterm
wcscmp
??3@YAXPAX@Z
_wcsicmp
??1type_info@@UAE@XZ
__RTDynamicCast
vswprintf
_onexit
free
wcschr
?terminate@@YAXXZ
??2@YAPAXI@Z
_adjust_fdiv
_wcsupr
__dllonexit
wcstoul
wcsrchr
memmove
malloc
_except_handler3
wcslen

certcli

CASetCertTypeFlags
CAGetCertTypePropertyEx
CASetCertTypeProperty
CAEnumNextCertType
CACreateCertType
CAGetCertTypeExtensions
CAAddCACertificateType
CAGetCertTypeProperty
CAGetCertTypeKeySpec
CAFindByName
CAEnumCertTypes
CACertTypeSetSecurity
CAFreeCertTypeProperty
CAFreeCAProperty
CAGetCertTypeFlags
CAGetCAProperty
CACloseCA
CARemoveCACertificateType
CAUpdateCA
CASetCertTypeExtension
CASetCertTypeKeySpec
CAEnumCertTypesForCA
CAFreeCertTypeExtensions
CACloseCertType
CACertTypeGetSecurity
CAUpdateCertType
CAFindCertTypeByName

comctl32

CreatePropertySheetPageW
PropertySheetW

advapi32

RegEnumKeyExW
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57e974aa52e94bb3f605956be25b33f3

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

certcli

comctl32

advapi32

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 66KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 66KB

.rsrc
Size: 24KB - Virtual size: 23KB