c855fce4f510d942c05d9fefa583ba11_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c855fce4f510d942c05d9fefa583ba11_JaffaCakes118
Size

99KB
MD5

c855fce4f510d942c05d9fefa583ba11
SHA1

180b8c66da36e78bae09620c8323e2e0ec454262
SHA256

8de37276a2a795fac9cbc143beb810e0da5e00755258368a9c6c52fe752b0cc8
SHA512

ec4d28d2cbff3b3c00ac731f79d0d9402f3b77ba510e5ed82e11a1b42fe97b3f24b427c6b5a5801f4b54396c94cbb71208ddfaad620db983090face6f9790b3c
SSDEEP

3072:0a9mdOEtmbqa2zS06NA/QR1o2x4sgAnpEyy:0aIjmbh/06+Qk2xZgAm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c855fce4f510d942c05d9fefa583ba11_JaffaCakes118

Files

c855fce4f510d942c05d9fefa583ba11_JaffaCakes118
.exe windows:5 windows x86 arch:x86

53b13e654590280d28d61424d2671104

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAGetCertTypeExtensions
CAGetCertTypeProperty
CAGetCertTypeFlags
CARemoveCACertificateType
CAUpdateCA
CAFindCertTypeByName
CACertTypeGetSecurity
CACloseCertType
CAGetCertTypePropertyEx
CASetCertTypeKeySpec
CAEnumCertTypesForCA
CASetCertTypeExtension
CAEnumCertTypes
CACertTypeSetSecurity
CAFindByName
CASetCertTypeProperty
CASetCertTypeFlags
CAGetCAProperty
CACloseCA
CACreateCertType
CAFreeCertTypeProperty
CAFreeCertTypeExtensions
CAEnumNextCertType
CAFreeCAProperty
CAGetCertTypeKeySpec
CAUpdateCertType
CAAddCACertificateType

msvcrt

_wcsicmp
_initterm
wcscmp
??3@YAXPAX@Z
memmove
wcscpy
_onexit
wcslen
wcstoul
malloc
?terminate@@YAXXZ
__RTDynamicCast
_purecall
wcschr
_adjust_fdiv
wcsrchr
vswprintf
wcsstr
wcscat
??2@YAPAXI@Z
??1type_info@@UAE@XZ
_except_handler3
__dllonexit
mbstowcs
_wcsupr
free

user32

SendMessageW
ReleaseDC
LoadBitmapW
SetDlgItemTextW
RegisterClipboardFormatW
EndDialog
GetDlgItemTextA
SetWindowTextW
LoadCursorW
SendDlgItemMessageW
InsertMenuItemW
EnableWindow
SystemParametersInfoW
GetDC
GetDlgItem
SetWindowLongW
LoadIconW
wsprintfW
WinHelpW
GetWindowLongW
GetParent
SetFocus
DialogBoxParamW
LoadImageW
SetCursor
PostMessageW
MessageBoxW
LoadStringW

kernel32

GetACP
GlobalFree
QueryPerformanceCounter
lstrcpyW
FileTimeToLocalFileTime
SetLastError
GetComputerNameW
GetEnvironmentStringsW
lstrlenW
lstrcmpiW
FileTimeToSystemTime
GetSystemTimeAsFileTime
OutputDebugStringW
CloseHandle
GetLastError
GetTickCount
GetCurrentProcess
GlobalUnlock
GlobalLock
DeleteCriticalSection
FormatMessageW
GetSystemWindowsDirectoryW
CreateFileW
LocalReAlloc
GetStartupInfoA
OutputDebugStringA
GetModuleHandleA
IsBadReadPtr
GetDateFormatW
GetSystemDefaultLangID
InterlockedIncrement
InitializeCriticalSection
GlobalAlloc
LocalFree
GetModuleFileNameW
InterlockedDecrement
WideCharToMultiByte
RemoveDirectoryA
SetUnhandledExceptionFilter
LoadLibraryW

advapi32

RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegSetValueExW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53b13e654590280d28d61424d2671104

Headers

File Characteristics

Imports

certcli

msvcrt

user32

kernel32

advapi32

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 125KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 125KB

.rsrc
Size: 23KB - Virtual size: 22KB