fe15137ee14a08ecd8a1476e130abb5e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fe15137ee14a08ecd8a1476e130abb5e_JaffaCakes118
Size

103KB
MD5

fe15137ee14a08ecd8a1476e130abb5e
SHA1

c81bc7a057595bbb0c270d673a4334f8619633ca
SHA256

b13652e498a28885bc87d172513a5004018f3b49753ffbd2391826875a6c9094
SHA512

e1d21409fe2774f21b9e20be666d0e8948b6b4536f08906e96742c206451de840e1b99e20518efb640553bbd0f81fbd58fbc5221f29e0106cd71c0425e67760a
SSDEEP

1536:rmYqlpDlzRlB0eS8+giFOldrmUFUwXptD9v33cQy8lHk3GASGASGASGA:MpnlB0/CiYdrbztD9vHcCNGggg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe15137ee14a08ecd8a1476e130abb5e_JaffaCakes118

Files

fe15137ee14a08ecd8a1476e130abb5e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

52d6c784db75fcff741b2d8da9db29d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameW
LocalReAlloc
GetEnvironmentStringsW
lstrcmpiW
InitializeCriticalSection
GetACP
GetDateFormatW
GetSystemTimeAsFileTime
GlobalLock
FormatMessageW
InterlockedIncrement
SetLastError
lstrcpyW
GetStartupInfoA
RemoveDirectoryA
GetModuleFileNameW
DeleteCriticalSection
GlobalAlloc
GetCurrentProcess
OutputDebugStringW
CreateFileW
OutputDebugStringA
LocalFree
IsBadReadPtr
GetLastError
lstrlenW
GetSystemWindowsDirectoryW
GetModuleHandleA
InterlockedDecrement
CloseHandle
GlobalUnlock
QueryPerformanceCounter
GetSystemDefaultLangID
FileTimeToSystemTime
GlobalFree
FileTimeToLocalFileTime
SetUnhandledExceptionFilter
LoadLibraryW
WideCharToMultiByte
GetTickCount

msvcrt

??2@YAPAXI@Z
wcslen
wcscat
malloc
__dllonexit
_onexit
free
_initterm
wcstoul
_adjust_fdiv
wcsstr
memmove
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
vswprintf
wcschr
__RTDynamicCast
wcscmp
_wcsupr
wcsrchr
??3@YAXPAX@Z
_purecall
_wcsicmp
mbstowcs
wcscpy

user32

EnableWindow
WinHelpW
EndDialog
GetDlgItem
SetWindowLongW
InsertMenuItemW
SetDlgItemTextW
LoadStringW
SendDlgItemMessageW
PostMessageW
LoadImageW
MessageBoxW
ReleaseDC
RegisterClipboardFormatW
SystemParametersInfoW
GetDlgItemTextA
wsprintfW
GetWindowLongW
GetParent
SendMessageW
SetCursor
LoadIconW
LoadBitmapW
GetDC
DialogBoxParamW
SetFocus
LoadCursorW
SetWindowTextW

certcli

CACertTypeSetSecurity
CASetCertTypeKeySpec
CASetCertTypeExtension
CAEnumCertTypesForCA
CAAddCACertificateType
CACreateCertType
CAEnumNextCertType
CAGetCertTypeProperty
CAUpdateCertType
CARemoveCACertificateType
CASetCertTypeFlags
CASetCertTypeProperty
CACloseCertType
CAFindByName
CAFindCertTypeByName
CAGetCertTypeExtensions
CAGetCertTypeFlags
CAFreeCAProperty
CAGetCAProperty
CACertTypeGetSecurity
CAGetCertTypePropertyEx
CACloseCA
CAFreeCertTypeProperty
CAFreeCertTypeExtensions
CAUpdateCA
CAEnumCertTypes
CAGetCertTypeKeySpec

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52d6c784db75fcff741b2d8da9db29d0

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

certcli

advapi32

comctl32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 82KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 82KB

.rsrc
Size: 26KB - Virtual size: 26KB