e539c97190a76142941afebee5bd8a61_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e539c97190a76142941afebee5bd8a61_JaffaCakes118
Size

104KB
MD5

e539c97190a76142941afebee5bd8a61
SHA1

52dbbbd0c66390abcb80b8eab5e08f158c94b9c6
SHA256

1c5436b44cd256e56834910a5dd0a6617b2118b1506dfd203d85e93c385640aa
SHA512

4a0e5aba125a0ce0ed32718eb7fcf019afba0e13760b0ef1e2d0a26cbb24cdff443e555df322c363c266e568c8fd1cbd342bd179b4dd80a52bad4ef7815f6d40
SSDEEP

3072:tViSBZWCjZqphf9ArUKOEQ55idMIoqNvW/Dsxacq:tNBjtAfbpEIiAqNvyw1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e539c97190a76142941afebee5bd8a61_JaffaCakes118

Files

e539c97190a76142941afebee5bd8a61_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8766ae5fefa9217a7ef1604b2a4c4e3f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemWindowsDirectoryW
CreateFileW
GetEnvironmentStringsW
GetACP
GetLastError
SetUnhandledExceptionFilter
LocalReAlloc
FileTimeToSystemTime
InitializeCriticalSection
GetModuleFileNameW
FormatMessageW
RemoveDirectoryA
GetModuleHandleA
QueryPerformanceCounter
InterlockedIncrement
lstrcmpiW
GlobalUnlock
DeleteCriticalSection
OutputDebugStringW
IsBadReadPtr
lstrlenW
OutputDebugStringA
LocalFree
GlobalAlloc
GetSystemDefaultLangID
InterlockedDecrement
FileTimeToLocalFileTime
GetTickCount
GetStartupInfoA
GlobalFree
GetCurrentProcess
GetComputerNameW
WideCharToMultiByte
LoadLibraryW
CloseHandle
GetSystemTimeAsFileTime
lstrcpyW
SetLastError
GlobalLock
GetDateFormatW

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegDeleteKeyW

certcli

CAFindCertTypeByName
CAFreeCertTypeExtensions
CACloseCA
CAEnumCertTypes
CAUpdateCA
CASetCertTypeKeySpec
CAFreeCAProperty
CAFreeCertTypeProperty
CAGetCertTypePropertyEx
CACreateCertType
CACloseCertType
CASetCertTypeExtension
CAFindByName
CAEnumCertTypesForCA
CAGetCertTypeFlags
CACertTypeGetSecurity
CAGetCertTypeProperty
CAGetCertTypeExtensions
CAGetCertTypeKeySpec
CAEnumNextCertType
CASetCertTypeProperty
CAUpdateCertType
CASetCertTypeFlags
CAAddCACertificateType
CAGetCAProperty
CACertTypeSetSecurity
CARemoveCACertificateType

user32

SetWindowLongW
GetDlgItemTextA
GetDC
LoadCursorW
SendDlgItemMessageW
GetDlgItem
SendMessageW
SetDlgItemTextW
SetWindowTextW
PostMessageW
GetParent
SystemParametersInfoW
LoadImageW
SetFocus
SetCursor
EnableWindow
WinHelpW
EndDialog
LoadStringW
wsprintfW
InsertMenuItemW
ReleaseDC
DialogBoxParamW
GetWindowLongW
LoadBitmapW
MessageBoxW
RegisterClipboardFormatW
LoadIconW

msvcrt

wcscat
mbstowcs
_except_handler3
memmove
vswprintf
_initterm
_purecall
_wcsicmp
wcslen
??3@YAXPAX@Z
wcstoul
_wcsupr
free
__RTDynamicCast
_onexit
wcsrchr
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_adjust_fdiv
wcscpy
wcsstr
wcscmp
??2@YAPAXI@Z
__dllonexit
wcschr
malloc

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8766ae5fefa9217a7ef1604b2a4c4e3f

Headers

File Characteristics

Imports

kernel32

advapi32

certcli

user32

msvcrt

comctl32

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 79KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 79KB

.rsrc
Size: 24KB - Virtual size: 24KB