cdfe5f5ba81d8cd4886abbfb7ff8544e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cdfe5f5ba81d8cd4886abbfb7ff8544e_JaffaCakes118
Size

640KB
MD5

cdfe5f5ba81d8cd4886abbfb7ff8544e
SHA1

d0ac6eddabd076c91b3d3397ada47d418fd7f072
SHA256

58dced646d7a8d8df6b39b79cd04e35c929ad3fc6a78e065f533c610dce2c516
SHA512

13548b32d1c5dab38107a9f341862bf1e24b654e29a97b9893b13c1e24e319a6030a3462267bc7adbb0bb322146d4af1d131929950ada4f9c7f5db30c88b91db
SSDEEP

12288:NfrPQrHPUlEoMDO7Qbo/kKKnVpjRPhXQ1HwCVnrPkJ7pzakI/B:pPQrHPa0dHKYVpjg5VPkJhjIJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdfe5f5ba81d8cd4886abbfb7ff8544e_JaffaCakes118

Files

cdfe5f5ba81d8cd4886abbfb7ff8544e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

65cbb9acc18d2578279c03249ad6fe45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\qwdvjmmle\ssephpajls\hmr\awoctuot\dwobeve

Imports

advapi32

AbortSystemShutdownA
RegEnumValueA
CryptGetKeyParam
CryptDuplicateHash
RegOpenKeyExW
RegDeleteKeyA
RegOpenKeyExA
CryptAcquireContextW
RegSetValueExW
LookupAccountNameW
RegDeleteValueA

gdi32

CreateDCW
GetROP2
CreateSolidBrush
GetDeviceCaps
PtInRegion
AbortDoc
OffsetRgn
Chord
DeleteDC
DeleteObject
GetKerningPairs
GetDeviceGammaRamp
FlattenPath
GetObjectA
GetDCOrgEx

shell32

SHBrowseForFolderA

wininet

FtpPutFileA
FtpGetCurrentDirectoryA
HttpSendRequestW
FindFirstUrlCacheEntryExW
FtpRemoveDirectoryW

comctl32

ImageList_AddIcon
CreateMappedBitmap
ImageList_Copy
CreateToolbar
CreatePropertySheetPage
DestroyPropertySheetPage
CreateStatusWindowA
ImageList_GetBkColor
CreatePropertySheetPageA
ImageList_Add
CreatePropertySheetPageW
ImageList_SetDragCursorImage
InitMUILanguage
ImageList_DrawIndirect
InitCommonControlsEx
ImageList_Create
ImageList_DrawEx
ImageList_GetFlags
ImageList_LoadImageA
ImageList_LoadImage

user32

GetWindowTextLengthW
WINNLSGetEnableStatus
EndDeferWindowPos
FindWindowExW
CallMsgFilter
CreateWindowExW
DrawStateW
GetMenuItemInfoW
GetClipCursor
GetCaretPos
DefWindowProcA
HideCaret
ShowWindow
GetDialogBaseUnits
DdeFreeDataHandle
RegisterClassExA
SetDlgItemInt
RegisterClassA
DdeUnaccessData
SetCaretBlinkTime
DestroyWindow
MessageBoxA
ReleaseCapture
SetCapture
SendIMEMessageExW
GetMenuBarInfo
VkKeyScanExW

kernel32

GetACP
GetEnvironmentStrings
HeapDestroy
MultiByteToWideChar
DebugBreak
CreateMutexA
CloseHandle
EnterCriticalSection
GlobalAddAtomA
IsBadWritePtr
GetThreadSelectorEntry
FindResourceA
ReadFile
GetCommandLineA
CompareStringA
CreateMutexW
GetEnvironmentStringsW
ExitProcess
GlobalFree
TlsAlloc
DeleteCriticalSection
GetTimeZoneInformation
InterlockedIncrement
SetConsoleCtrlHandler
InitializeCriticalSection
InterlockedExchange
VirtualFree
GetModuleHandleA
TlsFree
IsValidLocale
GetCommandLineW
LCMapStringW
GetModuleFileNameW
IsBadReadPtr
CreateNamedPipeW
CompareStringW
MapViewOfFileEx
SetHandleCount
TerminateProcess
GetPrivateProfileIntA
LoadLibraryA
GetWindowsDirectoryW
TlsSetValue
LocalFlags
GetStringTypeA
OpenSemaphoreA
OutputDebugStringA
GetNumberFormatA
FlushFileBuffers
GetCurrentProcess
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetModuleFileNameA
RtlUnwind
GetLocaleInfoA
LocalAlloc
GetFileType
GetCurrentThreadId
SetComputerNameA
OpenMutexA
LeaveCriticalSection
GetTickCount
VirtualProtect
GetOEMCP
WritePrivateProfileSectionW
GetStdHandle
GetVersionExA
GetProcAddress
HeapFree
WriteFile
IsValidCodePage
SetFilePointer
FreeEnvironmentStringsW
VirtualAlloc
GetLocaleInfoW
FreeEnvironmentStringsA
LCMapStringA
FindFirstFileExA
TlsGetValue
GetLastError
GetCurrentThread
SetLastError
GetSystemDirectoryA
TryEnterCriticalSection
HeapCreate
InterlockedDecrement
GetMailslotInfo
HeapReAlloc
GetStringTypeW
GetCurrentProcessId
ReadConsoleOutputCharacterA
FlushViewOfFile
QueryPerformanceCounter
UnhandledExceptionFilter
GetSystemInfo
HeapValidate
GetTimeFormatA
GetStringTypeExW
GetCompressedFileSizeW
HeapAlloc
GetStartupInfoW
GetDateFormatA
SetEnvironmentVariableA
VirtualQuery
GetUserDefaultLCID
GetCPInfo
WideCharToMultiByte
GetStartupInfoA
EnumSystemLocalesA

Sections

.text
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65cbb9acc18d2578279c03249ad6fe45

Headers

File Characteristics

PDB Paths

Imports

advapi32

gdi32

shell32

wininet

comctl32

user32

kernel32

Sections

.text Size: 216KB - Virtual size: 212KB

.rdata Size: 264KB - Virtual size: 261KB

.data Size: 108KB - Virtual size: 117KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 216KB - Virtual size: 212KB

.rdata
Size: 264KB - Virtual size: 261KB

.data
Size: 108KB - Virtual size: 117KB

.rsrc
Size: 48KB - Virtual size: 45KB