e5cf03a275fe1531fb37a6ad8367a98b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e5cf03a275fe1531fb37a6ad8367a98b_JaffaCakes118
Size

101KB
MD5

e5cf03a275fe1531fb37a6ad8367a98b
SHA1

363bb7bdd91aed670adca0f139672ea1d86366e6
SHA256

3c379c18e896d49ae9d9c8958f02381befbd8647e6b34044a985a0fdd75d0482
SHA512

f36f0942aec8824432abb304785378f8b089f667f2d4daec9d311f1e18773edf6c30ca6f728ffb9bf2dde99d26af42ca0c94aaab7fa4a0fb7f803e7b49a67b74
SSDEEP

3072:pQKe/3H0dSfW7/QUokEkPz/adlbGYuhS6IeY:pjc3UwfW7/QGXba/uhOeY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e5cf03a275fe1531fb37a6ad8367a98b_JaffaCakes118

Files

e5cf03a275fe1531fb37a6ad8367a98b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7e5d2714aef73674c2fd7b1515d2778c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

free
wcscpy
_onexit
wcscat
__RTDynamicCast
_except_handler3
_wcsicmp
wcstoul
__dllonexit
?terminate@@YAXXZ
_initterm
??2@YAPAXI@Z
wcscmp
malloc
_wcsupr
_purecall
_adjust_fdiv
memmove
wcslen
??3@YAXPAX@Z
mbstowcs
??1type_info@@UAE@XZ
wcsrchr
wcschr
vswprintf
wcsstr

user32

InsertMenuItemW
GetDlgItem
SetCursor
LoadCursorW
SystemParametersInfoW
LoadImageW
GetWindowLongW
SetFocus
MessageBoxW
PostMessageW
SetWindowLongW
LoadStringW
EnableWindow
LoadBitmapW
GetDlgItemTextA
GetDC
SetWindowTextW
LoadIconW
SetDlgItemTextW
DialogBoxParamW
WinHelpW
SendMessageW
SendDlgItemMessageW
GetParent
RegisterClipboardFormatW
ReleaseDC
EndDialog
wsprintfW

advapi32

RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
RegCloseKey
RegEnumKeyExW

kernel32

OutputDebugStringA
WideCharToMultiByte
FileTimeToSystemTime
QueryPerformanceCounter
lstrcpyW
InterlockedIncrement
GetEnvironmentStringsW
LoadLibraryW
GlobalLock
GetModuleHandleA
GetModuleFileNameW
CloseHandle
InitializeCriticalSection
GetSystemWindowsDirectoryW
GetStartupInfoA
SetLastError
FormatMessageW
LocalReAlloc
GlobalUnlock
GetDateFormatW
CreateFileW
GlobalAlloc
GetSystemDefaultLangID
GetCurrentProcess
lstrcmpiW
OutputDebugStringW
IsBadReadPtr
lstrlenW
GetLastError
GlobalFree
DeleteCriticalSection
FileTimeToLocalFileTime
SetUnhandledExceptionFilter
InterlockedDecrement
LocalFree
GetTickCount
RemoveDirectoryA
GetComputerNameW
GetACP
GetSystemTimeAsFileTime

certcli

CASetCertTypeFlags
CASetCertTypeProperty
CASetCertTypeKeySpec
CAGetCertTypeExtensions
CAFindByName
CARemoveCACertificateType
CACreateCertType
CAFindCertTypeByName
CACloseCertType
CAUpdateCA
CASetCertTypeExtension
CACertTypeSetSecurity
CAFreeCertTypeProperty
CAGetCertTypeKeySpec
CAGetCertTypePropertyEx
CAFreeCAProperty
CACertTypeGetSecurity
CAFreeCertTypeExtensions
CAEnumCertTypes
CAGetCAProperty
CAAddCACertificateType
CAGetCertTypeFlags
CACloseCA
CAEnumCertTypesForCA
CAUpdateCertType
CAGetCertTypeProperty
CAEnumNextCertType

gdi32

CreateFontIndirectW
DeleteObject
GetDeviceCaps

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e5d2714aef73674c2fd7b1515d2778c

Headers

File Characteristics

Imports

msvcrt

user32

advapi32

kernel32

certcli

gdi32

comctl32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 77KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 77KB

.rsrc
Size: 24KB - Virtual size: 23KB