ce0142f3c84774ab4179555acce90749_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ce0142f3c84774ab4179555acce90749_JaffaCakes118
Size

100KB
MD5

ce0142f3c84774ab4179555acce90749
SHA1

3158390511922d8407f6cf2a3ea6fe6c56e9c55e
SHA256

ccc174c32b0ef725648422ab3ae68d8b583b7aebbf18c539dd18e2203ce54ed7
SHA512

c776293e071d5035a7af7f06b1aeed03be9eb5b972b78245db1b6febd8b1b7215f90c283857cc23b2fdbf0c1d3806d2e2e002dcb9c65b192ea833c5d26da2dff
SSDEEP

1536:6WTrgOsZGxcTJhpn6v1jRE71+QrbGov9bzwSSlST+dmRAOVyaLVe6W7d2:6WTsmv1jRE71vzvRK0WGVeT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce0142f3c84774ab4179555acce90749_JaffaCakes118

Files

ce0142f3c84774ab4179555acce90749_JaffaCakes118
.exe windows:5 windows x86 arch:x86

be12d168659af4f7efe5530df78dc0f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
GetModuleHandleA
GetSystemWindowsDirectoryW
OutputDebugStringA
LoadLibraryW
CloseHandle
IsBadReadPtr
FormatMessageW
GetModuleFileNameW
CreateFileW
GetStartupInfoA
GetSystemDefaultLangID
GetACP
GetTickCount
lstrlenW
GetSystemTimeAsFileTime
RemoveDirectoryA
GlobalAlloc
LocalFree
DeleteCriticalSection
InterlockedIncrement
GlobalFree
LocalReAlloc
GetComputerNameW
GetLastError
InitializeCriticalSection
OutputDebugStringW
SetLastError
GetCurrentProcess
QueryPerformanceCounter
lstrcpyW
GlobalUnlock
GetEnvironmentStringsW
lstrcmpiW
GlobalLock
GetDateFormatW
WideCharToMultiByte
InterlockedDecrement
SetUnhandledExceptionFilter
FileTimeToSystemTime

user32

DialogBoxParamW
LoadCursorW
MessageBoxW
GetDlgItem
ReleaseDC
SetDlgItemTextW
GetWindowLongW
RegisterClipboardFormatW
GetDlgItemTextA
GetParent
SendDlgItemMessageW
LoadImageW
SendMessageW
LoadIconW
WinHelpW
EndDialog
SetWindowTextW
SetCursor
EnableWindow
SetWindowLongW
LoadStringW
LoadBitmapW
GetDC
PostMessageW
SystemParametersInfoW
wsprintfW
InsertMenuItemW
SetFocus

msvcrt

__RTDynamicCast
wcslen
__dllonexit
_except_handler3
_wcsicmp
wcschr
wcscpy
??3@YAXPAX@Z
_adjust_fdiv
_purecall
wcsrchr
_onexit
wcscmp
?terminate@@YAXXZ
wcscat
malloc
mbstowcs
vswprintf
wcsstr
free
wcstoul
_wcsupr
??2@YAPAXI@Z
??1type_info@@UAE@XZ
_initterm
memmove

advapi32

RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW

certcli

CACloseCA
CAFreeCAProperty
CACertTypeSetSecurity
CACloseCertType
CAUpdateCertType
CAFreeCertTypeProperty
CAFreeCertTypeExtensions
CAUpdateCA
CACertTypeGetSecurity
CAEnumNextCertType
CAGetCAProperty
CAGetCertTypeKeySpec
CAFindByName
CASetCertTypeProperty
CAFindCertTypeByName
CASetCertTypeKeySpec
CAGetCertTypePropertyEx
CAAddCACertificateType
CASetCertTypeExtension
CACreateCertType
CAEnumCertTypesForCA
CAGetCertTypeExtensions
CAEnumCertTypes
CARemoveCACertificateType
CAGetCertTypeProperty
CASetCertTypeFlags
CAGetCertTypeFlags

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be12d168659af4f7efe5530df78dc0f5

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

certcli

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 112KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 112KB

.rsrc
Size: 23KB - Virtual size: 23KB