e28ada9484edc01dbdc82f458a5fbd8d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e28ada9484edc01dbdc82f458a5fbd8d_JaffaCakes118
Size

99KB
MD5

e28ada9484edc01dbdc82f458a5fbd8d
SHA1

77d2a6c5bd50797ed37f18b2ad7b69ee975735ea
SHA256

be274ffb1fc5563ef23eaa0b2365a5e59fc569b1196cb387e0844d479f0fc9ac
SHA512

16d46465613b8fad5f2900329e15b861c0ecaa2ace0352e22876515b03e4d752931d8e5ac8c968aaefbf9d5435f3221d56fcbbdf4853a140f0242a13cf59bc7d
SSDEEP

1536:fnc70pjHDaf6f5M4b6vGEssRne6T80MadAPX+pSadRO6zOnplRcdiI35c:f6wi6J6vrReTLfydRO6kpl6iIpc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e28ada9484edc01dbdc82f458a5fbd8d_JaffaCakes118

Files

e28ada9484edc01dbdc82f458a5fbd8d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

01c3ad1f0130fec2eba1e0e36a59e546

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

mbstowcs
wcscpy
_initterm
_wcsupr
wcslen
??3@YAXPAX@Z
wcscmp
free
__dllonexit
wcscat
?terminate@@YAXXZ
_wcsicmp
_except_handler3
??2@YAPAXI@Z
wcstoul
_purecall
??1type_info@@UAE@XZ
malloc
wcsstr
_adjust_fdiv
_onexit
wcschr
vswprintf
memmove
wcsrchr
__RTDynamicCast

certcli

CAFindCertTypeByName
CASetCertTypeKeySpec
CACloseCA
CAGetCertTypeExtensions
CACloseCertType
CACreateCertType
CAGetCertTypePropertyEx
CAUpdateCA
CARemoveCACertificateType
CAUpdateCertType
CAFreeCertTypeExtensions
CAGetCertTypeKeySpec
CAAddCACertificateType
CAEnumCertTypes
CACertTypeSetSecurity
CASetCertTypeProperty
CAFreeCAProperty
CAEnumCertTypesForCA
CAFreeCertTypeProperty
CAGetCertTypeFlags
CAGetCertTypeProperty
CASetCertTypeExtension
CAGetCAProperty
CAFindByName
CAEnumNextCertType
CASetCertTypeFlags
CACertTypeGetSecurity

advapi32

RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

kernel32

GlobalAlloc
OutputDebugStringW
CreateFileW
CloseHandle
lstrcmpiW
lstrlenW
QueryPerformanceCounter
FileTimeToSystemTime
GetStartupInfoA
FileTimeToLocalFileTime
GetSystemWindowsDirectoryW
GetModuleHandleA
LoadLibraryW
WideCharToMultiByte
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetSystemDefaultLangID
GetCurrentProcess
GetACP
GlobalFree
GetModuleFileNameW
InitializeCriticalSection
RemoveDirectoryA
IsBadReadPtr
GlobalLock
GetComputerNameW
InterlockedDecrement
SetLastError
GetLastError
lstrcpyW
GetSystemTimeAsFileTime
DeleteCriticalSection
LocalReAlloc
GetDateFormatW
FormatMessageW
OutputDebugStringA
GetTickCount
GlobalUnlock
LocalFree
InterlockedIncrement

user32

SystemParametersInfoW
SetWindowTextW
GetDC
LoadBitmapW
PostMessageW
SetFocus
ReleaseDC
SendMessageW
SetDlgItemTextW
SetWindowLongW
LoadImageW
LoadStringW
SendDlgItemMessageW
GetParent
LoadCursorW
GetWindowLongW
SetCursor
GetDlgItemTextA
EndDialog
LoadIconW
WinHelpW
DialogBoxParamW
GetDlgItem
MessageBoxW
wsprintfW
InsertMenuItemW
RegisterClipboardFormatW
EnableWindow

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01c3ad1f0130fec2eba1e0e36a59e546

Headers

File Characteristics

Imports

msvcrt

certcli

advapi32

kernel32

user32

comctl32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 113KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 113KB

.rsrc
Size: 23KB - Virtual size: 23KB