c33947cfe330b09d4f02f35283c89d1c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c33947cfe330b09d4f02f35283c89d1c_JaffaCakes118
Size

101KB
MD5

c33947cfe330b09d4f02f35283c89d1c
SHA1

2593ebc91093119b0fcd02c714ec4b75a5c17162
SHA256

b4a36e5e9510e09c83a1513e7f0fa492b751467b73769345791844f70dccfe30
SHA512

12b291e5d9918845047c8a0b50a376d85ac888fade59a301fde746fbdf9ff3263760f85b655421648828d08c96398e313cfd3f6455455b1201d191cd00fb73e2
SSDEEP

3072:DBXTAw+naY/MzDobEN4U+OZMsrRXEWwcpZkjX6Y:DFTpYkzDoAN2OasrJEW9ZOX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c33947cfe330b09d4f02f35283c89d1c_JaffaCakes118

Files

c33947cfe330b09d4f02f35283c89d1c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6e2c0973e9d953524724bac67a0bfca0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??3@YAXPAX@Z
wcstoul
__dllonexit
wcschr
?terminate@@YAXXZ
_wcsupr
vswprintf
_except_handler3
wcsstr
_initterm
wcslen
memmove
__RTDynamicCast
wcsrchr
free
??1type_info@@UAE@XZ
_wcsicmp
mbstowcs
malloc
wcscmp
wcscat
_onexit
??2@YAPAXI@Z
_adjust_fdiv
wcscpy

user32

SetWindowLongW
InsertMenuItemW
SendDlgItemMessageW
WinHelpW
SystemParametersInfoW
RegisterClipboardFormatW
wsprintfW
EndDialog
SetWindowTextW
LoadCursorW
DialogBoxParamW
SetCursor
LoadImageW
GetParent
GetDC
ReleaseDC
PostMessageW
GetDlgItem
GetDlgItemTextA
LoadIconW
SetDlgItemTextW
SendMessageW
GetWindowLongW
MessageBoxW
LoadBitmapW
LoadStringW
SetFocus
EnableWindow

kernel32

GetCPInfo
CreateFileW
InterlockedIncrement
GetComputerNameW
DeleteCriticalSection
GetLastError
GetTickCount
LocalReAlloc
SetUnhandledExceptionFilter
GetProcAddress
RemoveDirectoryA
InitializeCriticalSection
lstrcpyW
LocalFree
lstrlenW
GetCurrentProcess
GlobalUnlock
GetDateFormatW
GetStartupInfoA
SetLastError
GetSystemTimeAsFileTime
lstrcmpiW
CloseHandle
GlobalFree
QueryPerformanceCounter
GetSystemWindowsDirectoryW
IsBadReadPtr
LoadLibraryW
OutputDebugStringW
InterlockedDecrement
GetEnvironmentStringsW
FormatMessageW
FileTimeToLocalFileTime
WideCharToMultiByte
OutputDebugStringA
GetModuleFileNameW
GlobalLock
GlobalAlloc
GetSystemDefaultLangID
FileTimeToSystemTime
GetModuleHandleA

certcli

CAFreeCertTypeExtensions
CACloseCertType
CAFreeCertTypeProperty
CARemoveCACertificateType
CASetCertTypeFlags
CASetCertTypeExtension
CAFreeCAProperty
CAGetCAProperty
CAUpdateCA
CAFindByName
CAEnumNextCertType
CACertTypeGetSecurity
CASetCertTypeKeySpec
CACreateCertType
CAGetCertTypePropertyEx
CAGetCertTypeProperty
CAGetCertTypeFlags
CAAddCACertificateType
CACertTypeSetSecurity
CAFindCertTypeByName
CAUpdateCertType
CAEnumCertTypesForCA
CASetCertTypeProperty
CACloseCA
CAEnumCertTypes
CAGetCertTypeExtensions
CAGetCertTypeKeySpec

comctl32

CreatePropertySheetPageW
PropertySheetW

advapi32

RegCreateKeyExW
RegEnumKeyExW
RegDeleteValueW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegDeleteKeyW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e2c0973e9d953524724bac67a0bfca0

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

certcli

comctl32

advapi32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 88KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 88KB

.rsrc
Size: 23KB - Virtual size: 22KB