c142ef795a9e8e3252540f02dae1dba4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c142ef795a9e8e3252540f02dae1dba4_JaffaCakes118
Size

101KB
MD5

c142ef795a9e8e3252540f02dae1dba4
SHA1

ff82ad38b7404d9880964855f503f7dcecdd86ac
SHA256

dadc9657e4315041c7bc8d52141409ed7b4e301a3d9d9bdf82d55a65f023df75
SHA512

a6671ea78eb8a1cc6d87ccb9def323c4221f0b9fe1058d841d644478fb468758ebbd21df9f42ed5283cbf289d3dbe154666234f4aca848c4ed38d7a2c535a51b
SSDEEP

3072:/I9wBn0P+qzQlR1hEd3hlXrZryalS2bPrn://B0Pglv2d3XrZr5l1z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c142ef795a9e8e3252540f02dae1dba4_JaffaCakes118

Files

c142ef795a9e8e3252540f02dae1dba4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

46850f5c90332ba4240ca6d46988d6fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
lstrlenW
GetCurrentProcess
GetTickCount
FormatMessageW
SetLastError
GetProcAddress
GetEnvironmentStringsW
LocalFree
CloseHandle
GetSystemDefaultLangID
GetDateFormatW
RemoveDirectoryA
GetComputerNameW
GetSystemTimeAsFileTime
lstrcpyW
GetCPInfo
FileTimeToSystemTime
GetModuleHandleA
GetStartupInfoA
GlobalLock
GetSystemWindowsDirectoryW
GetLastError
CreateFileW
InterlockedDecrement
GetModuleFileNameW
FileTimeToLocalFileTime
GlobalFree
QueryPerformanceCounter
WideCharToMultiByte
DeleteCriticalSection
SetUnhandledExceptionFilter
lstrcmpiW
OutputDebugStringW
IsBadReadPtr
GlobalAlloc
GlobalUnlock
InterlockedIncrement
LocalReAlloc
InitializeCriticalSection
OutputDebugStringA

user32

EnableWindow
RegisterClipboardFormatW
SendDlgItemMessageW
EndDialog
SetDlgItemTextW
SetWindowTextW
LoadBitmapW
InsertMenuItemW
wsprintfW
DialogBoxParamW
GetDlgItem
SetWindowLongW
LoadIconW
SystemParametersInfoW
ReleaseDC
LoadCursorW
GetWindowLongW
LoadImageW
MessageBoxW
SendMessageW
PostMessageW
SetFocus
WinHelpW
LoadStringW
GetDlgItemTextA
GetParent
SetCursor
GetDC

certcli

CAFreeCAProperty
CAUpdateCA
CAFreeCertTypeExtensions
CACloseCA
CAGetCAProperty
CAEnumCertTypesForCA
CASetCertTypeFlags
CAFindCertTypeByName
CAEnumNextCertType
CACertTypeGetSecurity
CAEnumCertTypes
CASetCertTypeProperty
CASetCertTypeExtension
CACloseCertType
CAGetCertTypeFlags
CAFreeCertTypeProperty
CAGetCertTypeProperty
CACertTypeSetSecurity
CASetCertTypeKeySpec
CAGetCertTypeExtensions
CACreateCertType
CAUpdateCertType
CARemoveCACertificateType
CAAddCACertificateType
CAGetCertTypeKeySpec
CAFindByName
CAGetCertTypePropertyEx

msvcrt

mbstowcs
??1type_info@@UAE@XZ
?terminate@@YAXXZ
free
wcschr
_onexit
malloc
wcscpy
wcsstr
wcscmp
vswprintf
??3@YAXPAX@Z
_initterm
__dllonexit
wcslen
_wcsicmp
wcscat
wcstoul
_adjust_fdiv
wcsrchr
_wcsupr
_except_handler3
__RTDynamicCast
memmove
??2@YAPAXI@Z

comctl32

PropertySheetW
CreatePropertySheetPageW

advapi32

RegCloseKey
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46850f5c90332ba4240ca6d46988d6fd

Headers

File Characteristics

Imports

kernel32

user32

certcli

msvcrt

comctl32

advapi32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 90KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 90KB

.rsrc
Size: 24KB - Virtual size: 24KB