e7b5c21e15465e578b19c66d63008476_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e7b5c21e15465e578b19c66d63008476_JaffaCakes118
Size

99KB
MD5

e7b5c21e15465e578b19c66d63008476
SHA1

3961502aef330f6c63c4a4eeeebd242fb95d0800
SHA256

27623058dbaac9e755a678198b180fe07793a48c6a63973b5f929ea0fc7d060d
SHA512

82930f01e5588a23c3f8b1f064fe83e3121f689de201fb67a33e802d139ee7923afd6a70a839c0c66db25aae9d261ff1cbd19416db7ba0f3c0ff6e21413e00ba
SSDEEP

1536:4MiYAF1z97yRKoO0sSVBFnieuYP8FO2guDHwiMg7AnN3nyU1hmn:4MiYuy8oO4BFtuYP84mzKNnyU1on

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7b5c21e15465e578b19c66d63008476_JaffaCakes118

Files

e7b5c21e15465e578b19c66d63008476_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1fdecf7f54e3ec3afb91c7e0562fc1a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAUpdateCertType
CAGetCertTypeExtensions
CAFreeCertTypeExtensions
CAFindCertTypeByName
CACertTypeGetSecurity
CAGetCertTypeFlags
CACertTypeSetSecurity
CASetCertTypeFlags
CARemoveCACertificateType
CAGetCertTypeProperty
CACreateCertType
CAEnumCertTypes
CAGetCAProperty
CACloseCertType
CAEnumNextCertType
CAAddCACertificateType
CAUpdateCA
CACloseCA
CAGetCertTypeKeySpec
CASetCertTypeExtension
CASetCertTypeProperty
CASetCertTypeKeySpec
CAEnumCertTypesForCA
CAFreeCAProperty
CAFreeCertTypeProperty
CAFindByName
CAGetCertTypePropertyEx

user32

LoadCursorW
GetParent
PostMessageW
InsertMenuItemW
GetDlgItemTextA
SendMessageW
MessageBoxW
EndDialog
GetDlgItem
WinHelpW
GetDC
SystemParametersInfoW
SetWindowTextW
LoadBitmapW
GetWindowLongW
DialogBoxParamW
SetFocus
SendDlgItemMessageW
SetDlgItemTextW
SetCursor
LoadStringW
wsprintfW
LoadImageW
SetWindowLongW
LoadIconW
RegisterClipboardFormatW
EnableWindow
ReleaseDC

kernel32

OutputDebugStringA
CloseHandle
GetSystemWindowsDirectoryW
InitializeCriticalSection
FormatMessageW
RemoveDirectoryA
WideCharToMultiByte
FileTimeToLocalFileTime
LocalFree
GetStartupInfoA
GlobalLock
GlobalUnlock
InterlockedDecrement
InterlockedIncrement
GetSystemTimeAsFileTime
GetSystemDefaultLangID
GetLastError
GetCurrentProcess
IsBadReadPtr
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GlobalAlloc
LocalReAlloc
lstrcmpiW
GetModuleFileNameW
SetLastError
DeleteCriticalSection
GetModuleHandleA
GetDateFormatW
lstrlenW
lstrcpyW
GetACP
LoadLibraryW
QueryPerformanceCounter
GetTickCount
FileTimeToSystemTime
OutputDebugStringW
CreateFileW
GetComputerNameW
GlobalFree

msvcrt

_wcsupr
??2@YAPAXI@Z
wcstoul
wcschr
wcscat
??1type_info@@UAE@XZ
_except_handler3
_adjust_fdiv
_purecall
wcscmp
wcsrchr
_initterm
wcscpy
free
_wcsicmp
__dllonexit
wcslen
malloc
vswprintf
??3@YAXPAX@Z
__RTDynamicCast
_onexit
wcsstr
mbstowcs
memmove
?terminate@@YAXXZ

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyExW
RegCloseKey

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fdecf7f54e3ec3afb91c7e0562fc1a0

Headers

File Characteristics

Imports

certcli

user32

kernel32

msvcrt

advapi32

comctl32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 110KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 110KB

.rsrc
Size: 23KB - Virtual size: 23KB