5f688b95171a97d149b746cc90e9f56f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5f688b95171a97d149b746cc90e9f56f_JaffaCakes118
Size

101KB
MD5

5f688b95171a97d149b746cc90e9f56f
SHA1

f643c2fd0f5ed5df672b858976f9f188db7785fc
SHA256

9e37062ae84e222f5b00c5be1fca50fad149b4829dd596c76855d46d55615b30
SHA512

d538f66bc2e230a6954f2327ddd5b57d9ba0c2f28dad9cb36e8ba5e73923c471693fd7c47bc981ac45f30e8b51915facb344bbefeb43f519dbb1a0c37da8eac1
SSDEEP

1536:1HsVPOtKfDV8EDYsxqr7Cecu71QF/RNdAnj12c0CE4k1Vufm84:1M1wKfD9WCer71QFGnjwcDE49O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f688b95171a97d149b746cc90e9f56f_JaffaCakes118

Files

5f688b95171a97d149b746cc90e9f56f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a2e3e71f7a2be268b87f9ae635761221

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseDC
GetParent
EndDialog
WinHelpW
PostMessageW
LoadImageW
GetDlgItemTextA
GetDlgItem
LoadIconW
RegisterClipboardFormatW
GetDC
EnableWindow
SetFocus
SystemParametersInfoW
SetCursor
wsprintfW
SendDlgItemMessageW
LoadBitmapW
SetWindowLongW
GetWindowLongW
SetDlgItemTextW
MessageBoxW
SendMessageW
InsertMenuItemW
LoadStringW
LoadCursorW
DialogBoxParamW
SetWindowTextW

kernel32

GlobalUnlock
InterlockedIncrement
OutputDebugStringA
DeleteCriticalSection
LocalFree
GetSystemWindowsDirectoryW
CloseHandle
GetStartupInfoA
CreateFileW
GetSystemDefaultLangID
GetDateFormatW
GlobalFree
LoadLibraryW
GetCurrentProcess
GetProcAddress
GetTickCount
GetLastError
WideCharToMultiByte
InterlockedDecrement
GetModuleFileNameW
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalReAlloc
GetModuleHandleA
lstrcmpiW
OutputDebugStringW
IsBadReadPtr
FormatMessageW
lstrlenW
GetCPInfo
RemoveDirectoryA
GetComputerNameW
InitializeCriticalSection
GlobalAlloc
SetLastError
lstrcpyW
SetUnhandledExceptionFilter
GlobalLock
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW

msvcrt

_wcsicmp
__dllonexit
_adjust_fdiv
_initterm
wcstoul
?terminate@@YAXXZ
wcschr
wcsrchr
malloc
??3@YAXPAX@Z
vswprintf
??2@YAPAXI@Z
wcslen
free
_onexit
memmove
wcscmp
??1type_info@@UAE@XZ
_except_handler3
wcscpy
mbstowcs
_wcsupr
__RTDynamicCast
wcscat
wcsstr

certcli

CAFreeCertTypeProperty
CAUpdateCertType
CASetCertTypeKeySpec
CASetCertTypeFlags
CAFreeCAProperty
CARemoveCACertificateType
CAGetCertTypePropertyEx
CAFindCertTypeByName
CACertTypeGetSecurity
CAGetCertTypeKeySpec
CAAddCACertificateType
CAGetCertTypeExtensions
CAFreeCertTypeExtensions
CAUpdateCA
CACreateCertType
CAEnumNextCertType
CAEnumCertTypesForCA
CACertTypeSetSecurity
CAGetCertTypeProperty
CACloseCertType
CASetCertTypeProperty
CASetCertTypeExtension
CAFindByName
CAGetCertTypeFlags
CAEnumCertTypes
CAGetCAProperty
CACloseCA

comctl32

CreatePropertySheetPageW
PropertySheetW

advapi32

RegQueryValueExW
RegDeleteKeyW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2e3e71f7a2be268b87f9ae635761221

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

certcli

comctl32

advapi32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 82KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 82KB

.rsrc
Size: 23KB - Virtual size: 23KB