c0c2283124b8678bcb41f7f8382185ca_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c0c2283124b8678bcb41f7f8382185ca_JaffaCakes118
Size

100KB
MD5

c0c2283124b8678bcb41f7f8382185ca
SHA1

0457eacd0b2e5fe03b5f3a671dfb6e6d910b5f2d
SHA256

07d9b67451990e4fa5603a640160ca42ba22aa551fce2e302753360a32bebe58
SHA512

62e3ee9cc0f9cc990addfb08190edfe8e67a10623bc63effb01224e07cb91a67aae6aa6be80f23349d8c4f229bca51723b114b9ac76d965801c7aea42c30fc99
SSDEEP

1536:em2gwa003EpW0+rq071iLQvODTRycSl7vf23lbPDjuII3M6HBvHaXZ:VhwQUpmG071iMvOPRMW57j5I3XfaJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0c2283124b8678bcb41f7f8382185ca_JaffaCakes118

Files

c0c2283124b8678bcb41f7f8382185ca_JaffaCakes118
.exe windows:5 windows x86 arch:x86

20aaad322fd25b8d0d534b233ace5cbb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExW
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW

certcli

CAFindByName
CACloseCertType
CACertTypeSetSecurity
CASetCertTypeProperty
CAGetCertTypePropertyEx
CACertTypeGetSecurity
CARemoveCACertificateType
CAUpdateCA
CAEnumCertTypes
CAGetCertTypeKeySpec
CAAddCACertificateType
CAEnumCertTypesForCA
CACreateCertType
CAGetCertTypeFlags
CAGetCertTypeProperty
CAGetCertTypeExtensions
CASetCertTypeExtension
CAUpdateCertType
CAEnumNextCertType
CAFreeCertTypeProperty
CAFreeCertTypeExtensions
CAGetCAProperty
CASetCertTypeKeySpec
CAFindCertTypeByName
CASetCertTypeFlags
CACloseCA
CAFreeCAProperty

kernel32

IsBadReadPtr
OutputDebugStringA
CloseHandle
InterlockedDecrement
GlobalUnlock
GlobalAlloc
LocalFree
lstrcpyW
GetEnvironmentStringsW
LocalReAlloc
WideCharToMultiByte
GetDateFormatW
SetUnhandledExceptionFilter
FormatMessageW
GetCPInfo
GetCurrentThread
DeleteCriticalSection
GetStartupInfoA
FileTimeToSystemTime
lstrcmpiW
GetTickCount
GetCurrentProcess
GlobalLock
GetSystemDefaultLangID
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetLastError
GlobalFree
lstrlenW
InitializeCriticalSection
FileTimeToLocalFileTime
LoadLibraryW
GetLastError
GetModuleHandleA
GetModuleFileNameW
CreateFileW
OutputDebugStringW
GetProcAddress
GetSystemWindowsDirectoryW
InterlockedIncrement
GetComputerNameW

msvcrt

??1type_info@@UAE@XZ
wcslen
wcsrchr
wcscpy
??2@YAPAXI@Z
_onexit
_wcsicmp
malloc
_initterm
wcschr
_adjust_fdiv
wcsstr
??3@YAXPAX@Z
free
?terminate@@YAXXZ
wcscmp
wcstoul
__dllonexit
_except_handler3
mbstowcs
__RTDynamicCast
wcscat
memmove
_wcsupr
vswprintf

user32

SetFocus
SendDlgItemMessageW
InsertMenuItemW
LoadIconW
PostMessageW
LoadStringW
RegisterClipboardFormatW
GetParent
LoadBitmapW
MessageBoxW
SetWindowTextW
SetDlgItemTextW
WinHelpW
SetCursor
GetDlgItem
LoadCursorW
GetDC
DialogBoxParamW
GetWindowLongW
EndDialog
SendMessageW
ReleaseDC
EnableWindow
LoadImageW
wsprintfW
GetDlgItemTextA
SystemParametersInfoW
SetWindowLongW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20aaad322fd25b8d0d534b233ace5cbb

Headers

File Characteristics

Imports

advapi32

certcli

kernel32

msvcrt

user32

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 117KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 117KB

.rsrc
Size: 23KB - Virtual size: 23KB