e7e206a2d7a67a28a07c18851cbdccf4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e7e206a2d7a67a28a07c18851cbdccf4_JaffaCakes118
Size

99KB
MD5

e7e206a2d7a67a28a07c18851cbdccf4
SHA1

f75a879f90e4f9e1cb47d2a256778e1fd9962ada
SHA256

cec5acbfec993a4c80ade784a65752f75ad475de5fbae2a9416680037483f9c2
SHA512

7835acd216a76a935e09bd94dd253ede3a19e59ee733dd8339db9ab8dc295127272b05ff0c9f4cbf1125b0f5cd4b89edf5515868b741bc5367a356a59036a0e4
SSDEEP

1536:XiB9D+dVe6s6vXK8yUcc6l1On6wtOyWemEXqWulo+d0qpUI25Qr8cMuRMGB:Xa48EXK8yUzGEX7XFwsI25Qr8cMuOG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7e206a2d7a67a28a07c18851cbdccf4_JaffaCakes118

Files

e7e206a2d7a67a28a07c18851cbdccf4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2ec0be66b2a98199fca2e623b508f0f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAFindByName
CARemoveCACertificateType
CAGetCertTypeKeySpec
CASetCertTypeExtension
CAGetCertTypeProperty
CASetCertTypeFlags
CAGetCertTypePropertyEx
CAFreeCAProperty
CAEnumCertTypesForCA
CASetCertTypeProperty
CAFindCertTypeByName
CAGetCAProperty
CACloseCertType
CAEnumCertTypes
CAEnumNextCertType
CACertTypeGetSecurity
CAGetCertTypeExtensions
CAUpdateCA
CAAddCACertificateType
CACreateCertType
CAFreeCertTypeProperty
CASetCertTypeKeySpec
CACertTypeSetSecurity
CACloseCA
CAGetCertTypeFlags
CAFreeCertTypeExtensions
CAUpdateCertType

msvcrt

wcsrchr
_initterm
_except_handler3
vswprintf
??3@YAXPAX@Z
wcstoul
wcscat
wcslen
wcscpy
wcsstr
_wcsupr
mbstowcs
memmove
_wcsicmp
??1type_info@@UAE@XZ
__dllonexit
_adjust_fdiv
free
?terminate@@YAXXZ
wcschr
wcscmp
__RTDynamicCast
_onexit
malloc
??2@YAPAXI@Z

user32

GetDlgItem
LoadStringW
GetDC
SetDlgItemTextW
EndDialog
LoadImageW
SetWindowLongW
SetWindowTextW
ReleaseDC
wsprintfW
LoadBitmapW
GetParent
RegisterClipboardFormatW
LoadCursorW
InsertMenuItemW
SetCursor
WinHelpW
GetDlgItemTextA
PostMessageW
SetFocus
SendDlgItemMessageW
MessageBoxW
EnableWindow
DialogBoxParamW
SystemParametersInfoW
GetWindowLongW
LoadIconW
SendMessageW

kernel32

WideCharToMultiByte
GetProcAddress
lstrcmpiW
GetModuleFileNameW
SetLastError
GetLastError
GetComputerNameW
GlobalAlloc
lstrcpyW
GetSystemWindowsDirectoryW
LoadLibraryW
FormatMessageW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
CloseHandle
LocalReAlloc
InitializeCriticalSection
GlobalFree
GetDateFormatW
OutputDebugStringW
GetTickCount
GetCurrentProcess
RemoveDirectoryA
InterlockedDecrement
SetUnhandledExceptionFilter
GetSystemDefaultLangID
GetStartupInfoA
InterlockedIncrement
DeleteCriticalSection
LocalFree
CreateFileW
GetCPInfo
FileTimeToLocalFileTime
IsBadReadPtr
GlobalUnlock
lstrlenW
GlobalLock
OutputDebugStringA
GetModuleHandleA
FileTimeToSystemTime
QueryPerformanceCounter

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegQueryValueExW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegCloseKey

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ec0be66b2a98199fca2e623b508f0f2

Headers

File Characteristics

Imports

certcli

msvcrt

user32

kernel32

advapi32

comctl32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 108KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 108KB

.rsrc
Size: 23KB - Virtual size: 22KB