cb5ec423135756fdb69e0f62b80a0e78_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cb5ec423135756fdb69e0f62b80a0e78_JaffaCakes118
Size

332KB
MD5

cb5ec423135756fdb69e0f62b80a0e78
SHA1

635f26d33eaeaccbadba4fb286062b0c3c20178f
SHA256

5f12c45ebd24669b0e69e63c549c6812d742220c5221bb147c6312f1a68ac5dc
SHA512

24d4de1b319f71555753bc814df4968f64474217af7b2576ca913387358b9a9fadf74cb652277034e6475d42da83728a41218655eafe821e4adf7f8faf656b49
SSDEEP

3072:55hEIr2bNiPCmtbB5OK3GoaCjTdhdEXy:55aIr2b1KbnOK3vdkXy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb5ec423135756fdb69e0f62b80a0e78_JaffaCakes118

Files

cb5ec423135756fdb69e0f62b80a0e78_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f16f157d0d732725ceb0df46c502624e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

DFM1gCeg

Imports

gdi32

GetKerningPairsW
GetLayout
CreateFontIndirectA
DeleteDC
LineTo
CreateDIBSection
CreateRectRgnIndirect
CopyEnhMetaFileW
GetTextFaceA
SetLayout
EnumFontFamiliesW
SetColorAdjustment
SetAbortProc
CreateEnhMetaFileA

clusapi

ClusterRegSetValue
ClusterRegCreateKey

ole32

WriteClassStm
CoUnmarshalInterface
HBITMAP_UserUnmarshal
StringFromCLSID
CoMarshalHresult
CoDisconnectObject

rpcrt4

NdrClientInitializeNew
UuidToStringA
NdrOleAllocate
RpcMgmtWaitServerListen

esent

JetCommitTransaction

msvcrt

fputws
fgetws
iswpunct
wcstod

winspool.drv

GetPrinterDriverW

netapi32

NetShareEnumSticky
NetServerGetInfo

setupapi

SetupDiInstallClassW
SetupDiSetDeviceRegistryPropertyA
SetupDiGetClassInstallParamsA
SetupDiGetINFClassW
SetupOpenMasterInf
SetupGetTargetPathW
SetupDiBuildDriverInfoList
CM_Get_Resource_Conflict_DetailsW

shell32

SHSetLocalizedName

winmm

waveOutGetID
mmioAscend
timeBeginPeriod
SendDriverMessage

urlmon

CoInternetIsFeatureEnabled
IsAsyncMoniker

wintrust

WTHelperProvDataFromStateData

comctl32

ImageList_Create

shlwapi

UrlIsW
PathIsRelativeA
SHGetInverseCMAP
PathAddBackslashA
PathRenameExtensionA
PathRemoveArgsW
PathCanonicalizeW

advapi32

NotifyBootConfigStatus
OpenSCManagerW
RegEnumKeyW
LookupPrivilegeDisplayNameA
QueryServiceConfigW
CryptReleaseContext

secur32

AcquireCredentialsHandleW

imm32

ImmConfigureIMEW

lz32

LZOpenFileW
LZSeek

mprapi

MprAdminInterfaceSetInfo
MprAdminInterfaceDisconnect

pdh

PdhEnumObjectItemsHW

opengl32

glTexCoord2f

crypt32

CertFindSubjectInSortedCTL
CertGetEnhancedKeyUsage
CertSaveStore
CertCreateCertificateChainEngine

wininet

FtpOpenFileA

oleaut32

VariantTimeToSystemTime
VariantCopyInd
BSTR_UserSize
LHashValOfNameSys

user32

GetClipCursor
wsprintfA
GetWindowContextHelpId
EnumPropsA
GetMonitorInfoA
GetScrollRange
PeekMessageW
MoveWindow
AnyPopup
GetInputState
GetDialogBaseUnits
GetMessagePos
CloseWindowStation
BroadcastSystemMessageA
EnumWindowStationsA
CreateMenu
GetMessageExtraInfo

kernel32

SetTimeZoneInformation
GetStartupInfoW
SetEndOfFile
Process32First
GetSystemDefaultLangID
WaitForDebugEvent
FlushFileBuffers
SetCalendarInfoW
SetVolumeLabelA
WinExec
GetBinaryTypeA
GetModuleFileNameA
FlsFree
FindActCtxSectionStringW

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f16f157d0d732725ceb0df46c502624e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdi32

clusapi

ole32

rpcrt4

esent

msvcrt

winspool.drv

netapi32

setupapi

shell32

winmm

urlmon

wintrust

comctl32

shlwapi

advapi32

secur32

imm32

lz32

mprapi

pdh

opengl32

crypt32

wininet

oleaut32

user32

kernel32

Sections

.text Size: 105KB - Virtual size: 105KB

.rdata Size: 1KB - Virtual size: 1KB

.text Size: 1KB - Virtual size: 5KB

.idata Size: 7KB - Virtual size: 6KB

.reloc Size: 200KB - Virtual size: 199KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 105KB - Virtual size: 105KB

.rdata
Size: 1KB - Virtual size: 1KB

.text
Size: 1KB - Virtual size: 5KB

.idata
Size: 7KB - Virtual size: 6KB

.reloc
Size: 200KB - Virtual size: 199KB

.rsrc
Size: 15KB - Virtual size: 15KB