edf5add2eb1719403d9489550ff04dbd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

edf5add2eb1719403d9489550ff04dbd_JaffaCakes118
Size

101KB
MD5

edf5add2eb1719403d9489550ff04dbd
SHA1

5ad3105e8f81d30ccfad0491c1dacd897e4511b1
SHA256

6debdcc2f46275241715e4a4cbfa88be61a2f22eb1eabd702a34320b06edb86a
SHA512

0bebe6198e9fb8e211f7b095aeabff23fa00db473bab72636e23e2a1abd2f7710d4f83f45edd02579e49a7ef1aa3cdbd07192b7fc17ded232013195efd8f757b
SSDEEP

3072:MCK7c5Y6eC3Qza3TK5mnCyq0VPs3soEQ:MfWMCP3u2C3ssi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
edf5add2eb1719403d9489550ff04dbd_JaffaCakes118

Files

edf5add2eb1719403d9489550ff04dbd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a6237f2f50196fa396b77946c4f2d9a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??3@YAXPAX@Z
memmove
_adjust_fdiv
wcstoul
free
vswprintf
_wcsicmp
wcschr
wcscpy
_initterm
_wcsupr
__dllonexit
??1type_info@@UAE@XZ
??2@YAPAXI@Z
__RTDynamicCast
wcslen
mbstowcs
wcscat
malloc
wcsrchr
?terminate@@YAXXZ
wcsstr
wcscmp
_onexit
_except_handler3

kernel32

FileTimeToSystemTime
GetCPInfo
GetSystemDefaultLangID
GlobalAlloc
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
OutputDebugStringA
WideCharToMultiByte
DeleteCriticalSection
lstrcpyW
GetEnvironmentStringsW
lstrlenW
GetTickCount
GetLastError
LoadLibraryW
GetDateFormatW
FormatMessageW
GlobalUnlock
GetModuleFileNameW
GlobalFree
SetLastError
OutputDebugStringW
QueryPerformanceCounter
GetProcAddress
GetSystemWindowsDirectoryW
GetCurrentProcess
CloseHandle
InterlockedIncrement
lstrcmpiW
RemoveDirectoryA
LocalReAlloc
InterlockedDecrement
GetComputerNameW
FileTimeToLocalFileTime
CreateFileW
LocalFree
InitializeCriticalSection
IsBadReadPtr
GetStartupInfoA
GlobalLock
GetModuleHandleA

comctl32

PropertySheetW
CreatePropertySheetPageW

certcli

CAEnumCertTypes
CACertTypeGetSecurity
CASetCertTypeProperty
CASetCertTypeKeySpec
CASetCertTypeFlags
CACloseCertType
CAEnumCertTypesForCA
CASetCertTypeExtension
CACloseCA
CAFreeCertTypeProperty
CACreateCertType
CAGetCertTypePropertyEx
CAFreeCAProperty
CAGetCertTypeFlags
CAUpdateCA
CACertTypeSetSecurity
CARemoveCACertificateType
CAEnumNextCertType
CAGetCertTypeExtensions
CAFindByName
CAFindCertTypeByName
CAGetCertTypeProperty
CAAddCACertificateType
CAFreeCertTypeExtensions
CAGetCAProperty
CAGetCertTypeKeySpec
CAUpdateCertType

user32

GetDlgItem
LoadStringW
SendDlgItemMessageW
WinHelpW
LoadImageW
SetCursor
SendMessageW
LoadCursorW
LoadIconW
EnableWindow
SetWindowTextW
GetDC
GetDlgItemTextA
SystemParametersInfoW
SetDlgItemTextW
InsertMenuItemW
GetParent
SetFocus
EndDialog
wsprintfW
GetWindowLongW
ReleaseDC
DialogBoxParamW
RegisterClipboardFormatW
LoadBitmapW
SetWindowLongW
MessageBoxW
PostMessageW

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegSetValueExW
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegEnumKeyExW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6237f2f50196fa396b77946c4f2d9a1

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

certcli

user32

advapi32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 89KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 89KB

.rsrc
Size: 23KB - Virtual size: 23KB