ff56eb211b3c1beffac52a347109a0f2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ff56eb211b3c1beffac52a347109a0f2_JaffaCakes118
Size

97KB
MD5

ff56eb211b3c1beffac52a347109a0f2
SHA1

4bc7b027d914d064a1f41747e4696eb6ec841f99
SHA256

77133deb508b1b7d697cba7b747887fab01f960a7f607272fdd1ec75c7c074d1
SHA512

91639c96d878b17269645cbe7c2a882690dfdae05e09d8e6b330545db5918dc5048a97b81447155a24bb16b51f3ada7124522a3a73d01b9ee0eb1d71502a5e7d
SSDEEP

1536:zqLVaoAprC9EShHg0XWCkLAEv9KyUpOe7ebkGfrlm/Q1Y2jxhJG3Ck:IFq03XWpHv95Oe4oO2jxD2C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff56eb211b3c1beffac52a347109a0f2_JaffaCakes118

Files

ff56eb211b3c1beffac52a347109a0f2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

89b4b2820595aa49f1fac019270b2b22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
InterlockedIncrement
GetSystemWindowsDirectoryW
GetStartupInfoA
FileTimeToLocalFileTime
GlobalAlloc
FileTimeToSystemTime
InitializeCriticalSection
GetSystemTimeAsFileTime
RemoveDirectoryA
IsBadReadPtr
lstrcpyW
GetCPInfo
InterlockedDecrement
GetProcAddress
SetUnhandledExceptionFilter
CloseHandle
GetModuleFileNameW
LocalFree
GlobalUnlock
GetEnvironmentStringsW
GetComputerNameW
LoadLibraryW
OutputDebugStringA
GetCurrentProcess
GetLastError
GetModuleHandleA
GetTickCount
GlobalLock
FormatMessageW
QueryPerformanceCounter
OutputDebugStringW
WideCharToMultiByte
lstrlenW
GetSystemDefaultLangID
GlobalFree
CreateFileW
GetDateFormatW
LocalReAlloc
SetLastError
lstrcmpiW

msvcrt

?terminate@@YAXXZ
wcslen
??2@YAPAXI@Z
free
_wcsupr
??1type_info@@UAE@XZ
wcsrchr
wcschr
_initterm
wcscat
_except_handler3
__dllonexit
_onexit
wcstoul
mbstowcs
wcscmp
??3@YAXPAX@Z
_adjust_fdiv
_wcsicmp
wcscpy
vswprintf
memmove
wcsstr
malloc
__RTDynamicCast

certcli

CAUpdateCertType
CAGetCertTypeExtensions
CASetCertTypeProperty
CAGetCertTypeFlags
CAFindCertTypeByName
CACertTypeGetSecurity
CAFreeCertTypeExtensions
CACloseCA
CAFreeCAProperty
CAAddCACertificateType
CAEnumCertTypes
CAGetCertTypeProperty
CAEnumCertTypesForCA
CAGetCertTypeKeySpec
CASetCertTypeKeySpec
CACreateCertType
CARemoveCACertificateType
CAEnumNextCertType
CACertTypeSetSecurity
CAFreeCertTypeProperty
CACloseCertType
CAGetCAProperty
CASetCertTypeExtension
CASetCertTypeFlags
CAFindByName
CAUpdateCA
CAGetCertTypePropertyEx

user32

wsprintfW
ReleaseDC
GetDlgItem
SetWindowLongW
LoadImageW
EndDialog
SendDlgItemMessageW
EnableWindow
GetParent
PostMessageW
SetDlgItemTextW
RegisterClipboardFormatW
GetDlgItemTextA
LoadStringW
SendMessageW
InsertMenuItemW
LoadCursorW
LoadBitmapW
GetWindowLongW
SetWindowTextW
WinHelpW
LoadIconW
MessageBoxW
GetDC
SystemParametersInfoW
SetCursor
SetFocus
DialogBoxParamW

advapi32

RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89b4b2820595aa49f1fac019270b2b22

Headers

File Characteristics

Imports

kernel32

msvcrt

certcli

user32

advapi32

comctl32

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 79KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 79KB

.rsrc
Size: 23KB - Virtual size: 22KB