e24597714708ea8345f7e07abd9f3c7c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e24597714708ea8345f7e07abd9f3c7c_JaffaCakes118
Size

100KB
MD5

e24597714708ea8345f7e07abd9f3c7c
SHA1

2e06594fa7acf3db72ee0a628847025be82acdba
SHA256

c379a28dc5c83ee2fb0374905990bf8f02bb06eefbd51b3335b96d03a266b0e9
SHA512

c6226963ea65f4f6c1d6d9d56213bcb03687064f260bfe1be28e06c4d167bba0b4d70531e3d88644d039616c8ab5de976cbddb413ecf4d585961df7682bf77f0
SSDEEP

1536:o9UJfTZUamci2DgZO2qFfHr3Okv7Qkkg2vZXvRKro0H1/vxy:ouJfNfDgZ8FqkQkkgc3Kro0H9o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e24597714708ea8345f7e07abd9f3c7c_JaffaCakes118

Files

e24597714708ea8345f7e07abd9f3c7c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eb3d5915fa69b0aeda3d935014c35d60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
FormatMessageW
lstrlenW
QueryPerformanceCounter
OutputDebugStringA
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetModuleHandleA
InterlockedDecrement
InitializeCriticalSection
GetStartupInfoA
GetModuleFileNameW
GetLastError
FileTimeToLocalFileTime
GetCurrentProcess
GetComputerNameW
GetDateFormatW
FileTimeToSystemTime
GetTickCount
GetSystemTimeAsFileTime
GlobalLock
lstrcmpiW
RemoveDirectoryA
CloseHandle
lstrcpyW
SetLastError
GlobalFree
GlobalAlloc
WideCharToMultiByte
IsBadReadPtr
LocalReAlloc
GlobalUnlock
LoadLibraryW
DeleteCriticalSection
GetSystemDefaultLangID
GetSystemWindowsDirectoryW
GetCPInfo
InterlockedIncrement
OutputDebugStringW
LocalFree
CreateFileW

msvcrt

??3@YAXPAX@Z
wcscmp
wcslen
__RTDynamicCast
malloc
_initterm
free
?terminate@@YAXXZ
wcsrchr
wcsstr
vswprintf
__dllonexit
??1type_info@@UAE@XZ
_wcsicmp
_adjust_fdiv
_wcsupr
memmove
_onexit
wcscpy
_except_handler3
wcstoul
wcscat
??2@YAPAXI@Z
wcschr
mbstowcs

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
RegSetValueExW

certcli

CASetCertTypeFlags
CAGetCertTypeExtensions
CAFreeCertTypeProperty
CAGetCertTypeFlags
CAFindByName
CAGetCertTypeKeySpec
CACertTypeSetSecurity
CACloseCertType
CACertTypeGetSecurity
CARemoveCACertificateType
CAUpdateCA
CAGetCertTypePropertyEx
CAEnumNextCertType
CASetCertTypeProperty
CACloseCA
CAGetCertTypeProperty
CAFreeCAProperty
CASetCertTypeKeySpec
CAFreeCertTypeExtensions
CAAddCACertificateType
CAUpdateCertType
CAGetCAProperty
CAEnumCertTypes
CASetCertTypeExtension
CACreateCertType
CAEnumCertTypesForCA
CAFindCertTypeByName

user32

wsprintfW
SetWindowTextW
LoadCursorW
MessageBoxW
GetDlgItemTextA
LoadBitmapW
SystemParametersInfoW
GetParent
DialogBoxParamW
LoadStringW
EndDialog
RegisterClipboardFormatW
LoadIconW
InsertMenuItemW
SendDlgItemMessageW
SetCursor
SetDlgItemTextW
ReleaseDC
GetDlgItem
SetFocus
LoadImageW
WinHelpW
SendMessageW
SetWindowLongW
GetDC
EnableWindow
PostMessageW
GetWindowLongW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb3d5915fa69b0aeda3d935014c35d60

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

certcli

user32

comctl32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 77KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 77KB

.rsrc
Size: 23KB - Virtual size: 22KB