2cc5e64a1a5357ed0b2754cd1bb8ed64_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cc5e64a1a5357ed0b2754cd1bb8ed64_JaffaCakes118
Size

476KB
MD5

2cc5e64a1a5357ed0b2754cd1bb8ed64
SHA1

dda812851cb6d435db53f2d17cabc60a01ea33ff
SHA256

fbf44138f26c859afe5bd60c0023aa0d6cca6faed4b4971787c6d5bc50c26ee9
SHA512

01d3b3c5bcff060148231ca62f38b5f6772688c74cf94554294d39462465a166e7c4ee4d751dfaff4497c7ddf07954f0681ffe9ac10e1b16354894b98584c67e
SSDEEP

12288:dpsOfcaSkG2I0QQuo5mHCPtiLnGFnl0zyfr/UI:pEo5mEiLGFl0U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cc5e64a1a5357ed0b2754cd1bb8ed64_JaffaCakes118

Files

2cc5e64a1a5357ed0b2754cd1bb8ed64_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db3ce87a53585676125b14a610a62286

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\fjfyjoq\rossd\cue.pdb

Imports

advapi32

CryptCreateHash
LookupPrivilegeValueW
StartServiceA
RegCloseKey
RegNotifyChangeKeyValue
LookupPrivilegeNameA
RegReplaceKeyA
RegConnectRegistryA
RegSaveKeyW

wininet

UpdateUrlCacheContentPath
InternetGetConnectedStateExW
FtpDeleteFileA
InternetGetCertByURLA
SetUrlCacheGroupAttributeW
InternetGetCookieW
InternetCrackUrlW

kernel32

TlsGetValue
GetStdHandle
WritePrivateProfileStringA
CompareStringA
HeapCreate
GetLocaleInfoW
GetOEMCP
GetSystemDefaultLangID
GetTimeFormatA
SetHandleCount
DebugBreak
HeapDestroy
ReleaseMutex
CloseHandle
GetSystemTimeAsFileTime
CreateMutexA
GetStringTypeW
DebugActiveProcess
LeaveCriticalSection
TlsSetValue
CreateDirectoryA
WriteConsoleW
HeapReAlloc
EnumSystemLocalesA
FlushFileBuffers
HeapLock
GetTimeZoneInformation
SetStdHandle
SetFilePointer
TerminateProcess
GetModuleFileNameA
CompareStringW
VirtualQuery
FreeEnvironmentStringsW
GetDriveTypeW
GetModuleHandleA
GetStringTypeA
WideCharToMultiByte
VirtualProtect
GetUserDefaultLCID
HeapFree
UnhandledExceptionFilter
WriteFile
IsBadWritePtr
GetStartupInfoA
LCMapStringA
GetProcAddress
SetConsoleCtrlHandler
GetVersionExA
GetCurrentProcessId
IsValidCodePage
GetACP
MultiByteToWideChar
OpenMutexA
InterlockedExchange
CreateEventA
IsValidLocale
VirtualAlloc
GetEnvironmentStrings
GetDateFormatA
GetLastError
DeleteCriticalSection
IsBadReadPtr
EnterCriticalSection
SetEnvironmentVariableA
CreateEventW
GetCommandLineA
GetTickCount
OutputDebugStringA
HeapAlloc
SetLastError
GetCurrentThreadId
InterlockedDecrement
FindNextChangeNotification
QueryPerformanceCounter
GetCurrentThread
TlsAlloc
LCMapStringW
HeapValidate
OpenWaitableTimerA
SetCurrentDirectoryA
GetSystemInfo
InterlockedIncrement
RtlUnwind
GetCurrentProcess
ReadFile
WriteConsoleA
LoadLibraryA
GetModuleFileNameW
GetFileType
GetEnvironmentStringsW
GetCPInfo
InitializeCriticalSection
GetCommandLineW
SetConsoleTitleA
TlsFree
ExitProcess
GetStartupInfoW
FreeEnvironmentStringsA
GetLocaleInfoA
GetTimeFormatW
VirtualFree

comdlg32

ReplaceTextW

comctl32

InitCommonControlsEx
CreateToolbar
ImageList_BeginDrag
ImageList_GetImageInfo
DrawStatusTextA
CreateUpDownControl
ImageList_Create
ImageList_Merge
ImageList_DragMove
_TrackMouseEvent
ImageList_SetImageCount
GetEffectiveClientRect
ImageList_SetFilter

user32

CallWindowProcW
ChangeMenuA
DdeDisconnectList
CopyImage
FindWindowExW
GetComboBoxInfo
ShowCaret
RegisterHotKey
CharLowerBuffW
GetClipboardData
CopyIcon
RealGetWindowClass
BroadcastSystemMessageW
CallMsgFilter
DdeQueryConvInfo
DdeFreeStringHandle
TranslateAcceleratorW
DestroyWindow
LoadStringW
MapDialogRect
UnloadKeyboardLayout
PackDDElParam
SetActiveWindow
WinHelpW
GetMessageExtraInfo
SendNotifyMessageW
SetDebugErrorLevel
MessageBeep
GetWindowLongW
ChangeMenuW
GetClipboardSequenceNumber
CharPrevW
GetMenuInfo
ChangeDisplaySettingsW
DrawTextExW
CallWindowProcA
DeleteMenu
RegisterClipboardFormatA
DrawTextExA
SetParent
GetClassNameW
GetKeyboardLayout
GetClassLongW
OpenWindowStationW
CheckMenuRadioItem
ReleaseDC
OpenClipboard
EnumDisplayDevicesW
RegisterClassExA
GetWindowModuleFileNameA
TranslateMDISysAccel
CharNextA
GetCaretBlinkTime
RegisterClassA
InternalGetWindowText
SetProcessDefaultLayout
ShowWindow
DdeCreateStringHandleA
RegisterClassExW
GetMessageTime
ChangeDisplaySettingsA
ShowWindowAsync
SetClipboardViewer
GetClassLongA
CharLowerW
CreateWindowExA
LoadBitmapW
CharPrevA
CharToOemW
TrackPopupMenuEx
CreateMDIWindowA
IsZoomed
WINNLSGetEnableStatus
CheckDlgButton
ToUnicodeEx
OpenDesktopA
DefWindowProcW
PostMessageW
FreeDDElParam
GetScrollRange
GetWindowLongA
SubtractRect
InsertMenuItemW
CloseDesktop
SetCaretPos
DdeFreeDataHandle
RegisterWindowMessageA
DlgDirSelectExW
IsDialogMessage
CreateDesktopW
DeferWindowPos
UnregisterDeviceNotification
MessageBoxW
wsprintfW
EnableWindow
DrawTextA
CascadeChildWindows
EnumDisplaySettingsW
UnregisterClassW
CopyRect
DdeQueryStringW
IsChild

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db3ce87a53585676125b14a610a62286

Headers

File Characteristics

PDB Paths

Imports

advapi32

wininet

kernel32

comdlg32

comctl32

user32

Sections

.text Size: 260KB - Virtual size: 259KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 100KB - Virtual size: 102KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 260KB - Virtual size: 259KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 100KB - Virtual size: 102KB

.rsrc
Size: 16KB - Virtual size: 14KB