ed055ad2fedc055cbf5de1f29f5b35ef_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ed055ad2fedc055cbf5de1f29f5b35ef_JaffaCakes118
Size

101KB
MD5

ed055ad2fedc055cbf5de1f29f5b35ef
SHA1

b06532f757d1ecf6083df4b568243839d0f60c28
SHA256

1e4c3098a2b01c462cc42b0ef91f91cc65076a6a5ba69697445a1647983edb2f
SHA512

9a70a3c0540690d44223ee124288614f5f7809f4786b9d469455d004cc8be4ad0d8509e3f5dec5a7a4f18faf7342290a4dba480b74ab9e4595aace7ae36f9711
SSDEEP

1536:umeLkLc7FajZTCKWHifY+10pynvcGrPZPL4cECdbhwn4G8+7NbBOpw9Qw3:umeLksUjZWC2+vfjyydbhPB4NtOpsQu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed055ad2fedc055cbf5de1f29f5b35ef_JaffaCakes118

Files

ed055ad2fedc055cbf5de1f29f5b35ef_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d14b39fa714b854ea1db851d627e7cab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcscat
malloc
memmove
wcslen
_onexit
_wcsupr
vswprintf
wcscpy
__dllonexit
_wcsicmp
wcscmp
_initterm
free
__RTDynamicCast
??2@YAPAXI@Z
??3@YAXPAX@Z
wcschr
wcsrchr
??1type_info@@UAE@XZ
mbstowcs
wcstoul
wcsstr
_except_handler3
_adjust_fdiv
?terminate@@YAXXZ

user32

LoadCursorW
GetDlgItemTextA
ReleaseDC
EnableWindow
GetWindowLongW
SystemParametersInfoW
SetCursor
InsertMenuItemW
SendMessageW
EndDialog
PostMessageW
wsprintfW
GetDC
SetWindowLongW
LoadBitmapW
SetWindowTextW
MessageBoxW
GetParent
WinHelpW
GetDlgItem
LoadStringW
LoadIconW
SetDlgItemTextW
DialogBoxParamW
RegisterClipboardFormatW
SendDlgItemMessageW
LoadImageW
SetFocus

certcli

CAUpdateCertType
CASetCertTypeKeySpec
CAFindByName
CAEnumNextCertType
CACertTypeGetSecurity
CACloseCA
CAGetCertTypeExtensions
CACreateCertType
CAGetCertTypeFlags
CASetCertTypeFlags
CACertTypeSetSecurity
CAFindCertTypeByName
CAUpdateCA
CAAddCACertificateType
CAGetCertTypeKeySpec
CARemoveCACertificateType
CAFreeCertTypeProperty
CAFreeCertTypeExtensions
CAFreeCAProperty
CAGetCAProperty
CASetCertTypeExtension
CAEnumCertTypesForCA
CASetCertTypeProperty
CAGetCertTypePropertyEx
CAGetCertTypeProperty
CAEnumCertTypes
CACloseCertType

advapi32

RegCreateKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegDeleteValueW

kernel32

InterlockedIncrement
InterlockedDecrement
GetSystemDefaultLangID
GetModuleHandleA
FileTimeToSystemTime
GetTickCount
OutputDebugStringW
GetEnvironmentStringsW
LoadLibraryW
GetProcAddress
GlobalAlloc
GetComputerNameW
OutputDebugStringA
RemoveDirectoryA
SetLastError
QueryPerformanceCounter
GetLastError
lstrcmpiW
WideCharToMultiByte
GetSystemTimeAsFileTime
GlobalFree
CreateFileW
IsBadReadPtr
FileTimeToLocalFileTime
GlobalLock
GetCPInfo
GlobalUnlock
LocalReAlloc
lstrcpyW
CloseHandle
LocalFree
lstrlenW
GetSystemWindowsDirectoryW
GetCurrentProcess
GetDateFormatW
GetModuleFileNameW
GetStartupInfoA
DeleteCriticalSection
FormatMessageW
InitializeCriticalSection
SetUnhandledExceptionFilter

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d14b39fa714b854ea1db851d627e7cab

Headers

File Characteristics

Imports

msvcrt

user32

certcli

advapi32

kernel32

comctl32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 110KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 110KB

.rsrc
Size: 23KB - Virtual size: 22KB