e48b45f510098366352134fabc63c7fc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e48b45f510098366352134fabc63c7fc_JaffaCakes118
Size

100KB
MD5

e48b45f510098366352134fabc63c7fc
SHA1

e45dd88ab5a23f456a2c3a056cf2374b64e9d193
SHA256

839f9a70b857ec6ca8dac7109113de4524a4c667eebbfaaf4ae049ee7e012ad8
SHA512

4d457f4a0cc34aeaeb38ccc1b4af5fe2e55086e4b8c98937de831d694b25ce66340e6209030ad24f840af1720cec97d2b74c30610fcf1277ad8e2a2b3b55361a
SSDEEP

1536:xdRecKhMX8/n6EugVQD9Kzy9G+OyQ6lD85iHcTrw7aipbpDVOci:kcqG8SCVQ51OyXxEiHorw7J/D8c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e48b45f510098366352134fabc63c7fc_JaffaCakes118

Files

e48b45f510098366352134fabc63c7fc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

822585ea0cd4ccbd44095558349a9b11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcsstr
?terminate@@YAXXZ
??3@YAXPAX@Z
memmove
_wcsicmp
wcscmp
??1type_info@@UAE@XZ
vswprintf
wcslen
__RTDynamicCast
_except_handler3
wcsrchr
wcstoul
??2@YAPAXI@Z
_onexit
mbstowcs
__dllonexit
wcscpy
malloc
free
_wcsupr
_purecall
_initterm
_adjust_fdiv
wcschr
wcscat

user32

SetWindowTextW
wsprintfW
LoadImageW
GetWindowLongW
LoadBitmapW
InsertMenuItemW
ReleaseDC
EnableWindow
PostMessageW
EndDialog
GetParent
DialogBoxParamW
SetDlgItemTextW
LoadIconW
LoadCursorW
GetDlgItem
MessageBoxW
SetWindowLongW
SetCursor
SendMessageW
SystemParametersInfoW
WinHelpW
SendDlgItemMessageW
RegisterClipboardFormatW
GetDlgItemTextA
SetFocus
GetDC
LoadStringW

kernel32

OutputDebugStringA
GetCurrentProcess
GetSystemWindowsDirectoryW
GetDateFormatW
CreateFileW
lstrcmpiW
IsBadReadPtr
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GlobalUnlock
SetLastError
FormatMessageW
LoadLibraryW
WideCharToMultiByte
lstrlenW
GetACP
GetSystemDefaultLangID
GlobalFree
GetComputerNameW
CloseHandle
GetEnvironmentStringsW
GlobalAlloc
LocalFree
FileTimeToSystemTime
InterlockedIncrement
GetModuleFileNameW
DeleteCriticalSection
GetStartupInfoA
InitializeCriticalSection
FileTimeToLocalFileTime
InterlockedDecrement
lstrcpyW
RemoveDirectoryA
GetTickCount
GetLastError
QueryPerformanceCounter
OutputDebugStringW
GlobalLock
GetModuleHandleA
LocalReAlloc

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW

certcli

CAGetCertTypeProperty
CACloseCertType
CASetCertTypeExtension
CAGetCertTypeFlags
CAUpdateCertType
CAFindByName
CAEnumCertTypesForCA
CAGetCertTypePropertyEx
CAFreeCAProperty
CAFreeCertTypeExtensions
CAEnumNextCertType
CAAddCACertificateType
CASetCertTypeFlags
CASetCertTypeProperty
CAGetCAProperty
CACertTypeSetSecurity
CACreateCertType
CAFindCertTypeByName
CASetCertTypeKeySpec
CACertTypeGetSecurity
CAGetCertTypeKeySpec
CAGetCertTypeExtensions
CAEnumCertTypes
CARemoveCACertificateType
CACloseCA
CAUpdateCA
CAFreeCertTypeProperty

comctl32

PropertySheetW
CreatePropertySheetPageW

gdi32

CreateFontIndirectW
GetDeviceCaps
DeleteObject

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

822585ea0cd4ccbd44095558349a9b11

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

advapi32

certcli

comctl32

gdi32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 83KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 83KB

.rsrc
Size: 23KB - Virtual size: 22KB