ec1e79ec7c6f8b601a914f3c3f7e2811_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ec1e79ec7c6f8b601a914f3c3f7e2811_JaffaCakes118
Size

99KB
MD5

ec1e79ec7c6f8b601a914f3c3f7e2811
SHA1

b47016c340b6109d76503db9cb7d904813cf41e9
SHA256

91cd6e2e702563b93b718481434ded5132389a5389381b57c5c6669521e88ba6
SHA512

77fc4041b43e907f90dfc346472fc40ab90861464ecdcab609e2d47cb38cf855c95a54fbffb4a4c02642398b547bd82e3558af400859628e9124bbf8b0e59b2d
SSDEEP

1536:dghsHJAJm1rqe9WOCvqRGsO9HGqOXqPvaWp69uW9TAVzsSGVt6sZyz:1jrqevCv1/6Wp2EVz5GX6A8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec1e79ec7c6f8b601a914f3c3f7e2811_JaffaCakes118

Files

ec1e79ec7c6f8b601a914f3c3f7e2811_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bcdc5e2a1cf367a48418d05172cb7369

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CASetCertTypeExtension
CAUpdateCA
CAUpdateCertType
CAGetCertTypeFlags
CACreateCertType
CAGetCertTypeKeySpec
CASetCertTypeFlags
CAEnumCertTypes
CAFreeCertTypeExtensions
CAFreeCertTypeProperty
CACertTypeSetSecurity
CACertTypeGetSecurity
CAEnumCertTypesForCA
CAGetCAProperty
CAFindCertTypeByName
CAFreeCAProperty
CAAddCACertificateType
CAGetCertTypeProperty
CAFindByName
CAGetCertTypeExtensions
CAEnumNextCertType
CACloseCA
CARemoveCACertificateType
CASetCertTypeProperty
CASetCertTypeKeySpec
CACloseCertType
CAGetCertTypePropertyEx

user32

RegisterClipboardFormatW
LoadCursorW
LoadIconW
DialogBoxParamW
ReleaseDC
SendDlgItemMessageW
EnableWindow
SetCursor
LoadStringW
SendMessageW
GetWindowLongW
GetDlgItem
GetDC
InsertMenuItemW
LoadBitmapW
SetDlgItemTextW
wsprintfW
EndDialog
GetDlgItemTextA
GetParent
SetFocus
WinHelpW
SetWindowLongW
SystemParametersInfoW
MessageBoxW
LoadImageW
PostMessageW
SetWindowTextW

kernel32

GetTickCount
SetUnhandledExceptionFilter
GetLastError
CreateFileW
GetEnvironmentStringsW
GetProcAddress
InitializeCriticalSection
InterlockedIncrement
DeleteCriticalSection
GlobalLock
lstrlenW
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
FileTimeToSystemTime
GetDateFormatW
GetModuleFileNameW
QueryPerformanceCounter
GetSystemWindowsDirectoryW
GetCurrentProcess
lstrcpyW
GetModuleHandleA
GetStartupInfoA
GetSystemDefaultLangID
LocalReAlloc
GetComputerNameW
GlobalFree
IsBadReadPtr
LoadLibraryW
GetCPInfo
OutputDebugStringA
LocalFree
InterlockedDecrement
OutputDebugStringW
FormatMessageW
GetCurrentThread
GlobalAlloc
WideCharToMultiByte
GlobalUnlock
lstrcmpiW
CloseHandle
SetLastError

msvcrt

wcsstr
wcscat
_initterm
__RTDynamicCast
?terminate@@YAXXZ
wcscmp
malloc
??2@YAPAXI@Z
??1type_info@@UAE@XZ
_wcsicmp
wcslen
__dllonexit
_except_handler3
_wcsupr
??3@YAXPAX@Z
memmove
_onexit
wcscpy
free
wcsrchr
mbstowcs
_adjust_fdiv
wcstoul
wcschr
vswprintf

advapi32

RegCloseKey
RegDeleteKeyW
RegEnumKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcdc5e2a1cf367a48418d05172cb7369

Headers

File Characteristics

Imports

certcli

user32

kernel32

msvcrt

advapi32

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 94KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 94KB

.rsrc
Size: 23KB - Virtual size: 22KB