cee17fc67f300138808f5982a2b34faf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cee17fc67f300138808f5982a2b34faf_JaffaCakes118
Size

284KB
MD5

cee17fc67f300138808f5982a2b34faf
SHA1

798abac5fa71530f5c043397e0e20f9ed6c57fae
SHA256

94e449d3a6555be08daf7c74b2ad89ff65e0e495b3cde15e5f64c6e5d1e33641
SHA512

1a8372ea3089f5118a667d6af8bf1a3291db3e6a59d78ffd8b113cbb06dc9b389807228d90ad3b17d325874f545b55fb1bb46f7a210497eeed7972316d9c9e8d
SSDEEP

6144:osydGKd2in5iLts4jL+CHoi7EnNUFtbeoBOPlKu:QDvALVHL7EqfOp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cee17fc67f300138808f5982a2b34faf_JaffaCakes118

Files

cee17fc67f300138808f5982a2b34faf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd1f79296575aa16d105f95a023e6d75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

free

kernel32

LoadLibraryA
InitializeCriticalSection
FreeLibrary
GetModuleFileNameW
GetModuleFileNameA
MultiByteToWideChar
GetLastError
BeginUpdateResourceW
GetProcAddress

query

DoneCIISAPIPerformanceData

duser

MapGadgetPoints
GetGadgetSize
SetGadgetFillF
DUserDeleteGadget
DUserGetRotatePRID
GetGadgetTicket
DUserPostMethod
LookupGadgetTicket
SetGadgetOrder
EnumGadgets
GetStdPalette
GetGadgetAnimation
SetActionTimeslice
AutoTrace

user32

UnregisterClassA
CreateDesktopW
GetSubMenu
SetDlgItemTextW
GetDlgItemTextA
EnableMenuItem
WinHelpA
GetCursorPos
GetMenuStringA
SetCapture
PostQuitMessage
ShowWindow
GetMenuState
DestroyCursor
DestroyMenu
GetMenuInfo
GetMenuItemRect
RemoveMenu
MoveWindow
CharPrevW
DialogBoxParamA
EnableWindow
AdjustWindowRect
PeekMessageW
GetDCEx
GetClassInfoW
EndDialog
GetDesktopWindow
mouse_event
InvalidateRect
SetWindowPos

gdi32

TranslateCharsetInfo
CreateEllipticRgn
SetWinMetaFileBits
CreateSolidBrush
CreateDIBSection
CreateFontIndirectA
GetEnhMetaFilePixelFormat
CreateScalableFontResourceA
UpdateICMRegKeyA
CreateFontW
DeleteObject
CreateICW

Sections

CODE
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ab
Size: 2KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.enY
Size: 4KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xVz
Size: 3KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 83KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 136KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd1f79296575aa16d105f95a023e6d75

Headers

File Characteristics

Imports

msvcrt

kernel32

query

duser

user32

gdi32

Sections

CODE Size: 6KB - Virtual size: 6KB

.ab Size: 2KB - Virtual size: 319KB

.enY Size: 4KB - Virtual size: 249KB

.text Size: 17KB - Virtual size: 20KB

.xVz Size: 3KB - Virtual size: 277KB

.rdata Size: 2KB - Virtual size: 4KB

.edata Size: 83KB - Virtual size: 98KB

.data Size: 6KB - Virtual size: 303KB

.edata Size: 136KB - Virtual size: 187KB

.rsrc Size: 22KB - Virtual size: 21KB

CODE
Size: 6KB - Virtual size: 6KB

.ab
Size: 2KB - Virtual size: 319KB

.enY
Size: 4KB - Virtual size: 249KB

.text
Size: 17KB - Virtual size: 20KB

.xVz
Size: 3KB - Virtual size: 277KB

.rdata
Size: 2KB - Virtual size: 4KB

.edata
Size: 83KB - Virtual size: 98KB

.data
Size: 6KB - Virtual size: 303KB

.edata
Size: 136KB - Virtual size: 187KB

.rsrc
Size: 22KB - Virtual size: 21KB