fed4f34a2c2c8260cdcf3af80bd3019f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fed4f34a2c2c8260cdcf3af80bd3019f_JaffaCakes118
Size

102KB
MD5

fed4f34a2c2c8260cdcf3af80bd3019f
SHA1

592ac0656717807bf0e0350bb4a02aae0871210e
SHA256

b52875a654a9d707123dee74c959cdef3f8135a0f2b788e6ffd146a1704132fd
SHA512

ada09693c8b5e56e8e6c8c1e52ca8ca391fa0359c5ddf5f7b24039ca567f1a46fc3ae0bc10c9188c99af7822c01bcc882d939b3e36a28e3a0eaabdcfc69a1089
SSDEEP

1536:3PxUgMdliHE2v11FAo8VohtAzumltfQjWvxyojIiKvQQsoqnv0vfIPF0R8zRq:3PxUndGE29EoQzzfiJYlv8fIGGzR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fed4f34a2c2c8260cdcf3af80bd3019f_JaffaCakes118

Files

fed4f34a2c2c8260cdcf3af80bd3019f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7f15ebb73b890725bf795c6b623c136c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAFreeCAProperty
CAFreeCertTypeExtensions
CAGetCAProperty
CACertTypeSetSecurity
CAEnumCertTypesForCA
CAFindCertTypeByName
CAFreeCertTypeProperty
CAGetCertTypePropertyEx
CAFindByName
CAEnumNextCertType
CAGetCertTypeExtensions
CACloseCertType
CAGetCertTypeProperty
CASetCertTypeFlags
CACloseCA
CASetCertTypeExtension
CASetCertTypeKeySpec
CACertTypeGetSecurity
CAAddCACertificateType
CAUpdateCertType
CASetCertTypeProperty
CACreateCertType
CAGetCertTypeFlags
CAEnumCertTypes
CAUpdateCA
CARemoveCACertificateType
CAGetCertTypeKeySpec

kernel32

GetEnvironmentStringsW
LoadLibraryW
GetSystemWindowsDirectoryW
LocalReAlloc
lstrcmpiW
CreateFileW
GetTickCount
FormatMessageW
GetModuleFileNameW
FileTimeToLocalFileTime
InterlockedIncrement
GetCurrentProcess
FileTimeToSystemTime
CloseHandle
LocalFree
DeleteCriticalSection
InitializeCriticalSection
GlobalUnlock
GetACP
RemoveDirectoryA
QueryPerformanceCounter
InterlockedDecrement
GetLastError
WideCharToMultiByte
SetUnhandledExceptionFilter
GlobalAlloc
GetSystemDefaultLangID
SetLastError
OutputDebugStringW
OutputDebugStringA
GetComputerNameW
GlobalLock
IsBadReadPtr
lstrcpyW
lstrlenW
GlobalFree
GetStartupInfoA
GetSystemTimeAsFileTime
GetModuleHandleA
GetDateFormatW

user32

GetParent
EndDialog
LoadBitmapW
LoadImageW
DialogBoxParamW
GetDlgItemTextA
wsprintfW
WinHelpW
SendDlgItemMessageW
PostMessageW
EnableWindow
SetCursor
LoadCursorW
GetDlgItem
LoadStringW
SendMessageW
SystemParametersInfoW
ReleaseDC
LoadIconW
SetWindowLongW
InsertMenuItemW
SetDlgItemTextW
RegisterClipboardFormatW
GetWindowLongW
SetWindowTextW
GetDC
MessageBoxW
SetFocus

comctl32

PropertySheetW
CreatePropertySheetPageW

msvcrt

??3@YAXPAX@Z
_initterm
wcsrchr
vswprintf
??2@YAPAXI@Z
memmove
_adjust_fdiv
?terminate@@YAXXZ
free
malloc
_wcsupr
wcscmp
_except_handler3
wcscpy
__dllonexit
mbstowcs
??1type_info@@UAE@XZ
__RTDynamicCast
wcsstr
wcstoul
wcschr
wcscat
_wcsicmp
wcslen
_purecall
_onexit

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegSetValueExW

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f15ebb73b890725bf795c6b623c136c

Headers

File Characteristics

Imports

certcli

kernel32

user32

comctl32

msvcrt

advapi32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 102KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 102KB

.rsrc
Size: 23KB - Virtual size: 23KB