cee2c0a3f186f17121a3bb53fcb29d72_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cee2c0a3f186f17121a3bb53fcb29d72_JaffaCakes118
Size

748KB
MD5

cee2c0a3f186f17121a3bb53fcb29d72
SHA1

c264d6022bd6107274a1ef465c914d2a45372d6f
SHA256

3ec05cd1a8db601d21f96c39880445e25069d76be504411cd66d80c1ec845b21
SHA512

1e5e38989fa0510e06ff59a9fbd12efcb077691b95c6375ad14473f5932215ba11a8ad8ade1d7e6133fd483b97ec3c959c68cbd4856e40ab21db79f27ac4eee0
SSDEEP

12288:gwAby1T5ZY1oCEJYNagjR5aMiGHCvbzB7O7xubdeZ5Ox71v+lYkpbDDyy:glod6NPjRsdyYvBaVmMGxd+2GDDF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cee2c0a3f186f17121a3bb53fcb29d72_JaffaCakes118

Files

cee2c0a3f186f17121a3bb53fcb29d72_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8178a8acf2ab688c8b99aece8cd88ad8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndPaint
PeekMessageA
GetDC
ReleaseDC
TranslateMessage
DestroyWindow
GetParent
UpdateWindow
ShowWindow
LoadStringA
EnableMenuItem
GetSubMenu
DispatchMessageA
SetFocus
BeginPaint
KillTimer
GetSystemMetrics
GetWindowRect
PostMessageA
SetWindowLongA
SetWindowTextA
CheckMenuItem
GetWindowLongA
CreateWindowExA
GetDlgItem
SetWindowPos
PostQuitMessage
SetTimer
ScreenToClient
LoadCursorA
LoadIconA
TrackPopupMenu
SetForegroundWindow
EndDialog
MessageBoxA
GetFocus
GetSysColor
InvalidateRect
SendMessageA
GetClientRect
CallWindowProcA
EnableWindow
SetCursor

kernel32

HeapReAlloc
RtlUnwind
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
FindFirstFileW
HeapDestroy
GetFileAttributesW
DeleteCriticalSection
GetCurrentProcess
GetStartupInfoW
GetCurrentDirectoryA
LocalAlloc
CreateFileA
GetTempPathA
WideCharToMultiByte
VirtualAlloc
Sleep
VirtualFree
UnmapViewOfFile
IsValidCodePage
GetEnvironmentStrings
SetStdHandle
GetCurrentThreadId
GetACP
lstrcpynA
CloseHandle
ReadFile
SetFilePointer
TlsFree
RaiseException
GetCurrentThread
InterlockedCompareExchange
HeapSize
GetCPInfo
GetCommandLineW
LockResource
GetCurrentProcessId
SizeofResource
lstrlenW
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GlobalFree
lstrlenA
HeapCreate
LCMapStringW
LoadLibraryExW
GetLastError
LeaveCriticalSection
ExitProcess
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
WaitForMultipleObjects
FindNextFileA
CreateFileMappingA
ResetEvent
CompareStringA
lstrcpyA
FindNextFileW
lstrcmpA
GetProcessHeap
GetSystemInfo
GetProcAddress
GetFullPathNameA
SetErrorMode
GetWindowsDirectoryA
GetModuleHandleW
GetFileSize
GetStartupInfoA
FreeLibrary
DeleteFileA
LoadLibraryA
GetVersionExA
VirtualProtect
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
InterlockedIncrement
GetVersion
GetLocaleInfoA
SetEndOfFile
GetConsoleMode
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
SetUnhandledExceptionFilter
DeleteFileW
CreateThread
GetModuleHandleA
CreateMutexA
MultiByteToWideChar
TlsGetValue
UnhandledExceptionFilter
GetPrivateProfileStringA
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
GetEnvironmentVariableA
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
GlobalLock
LoadResource
InitializeCriticalSection
GetExitCodeProcess
FormatMessageW
LocalFree
GetOEMCP
SetFileAttributesA
GetStringTypeW
GetCommandLineA
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
lstrcmpiA

oleaut32

SysFreeString
SysAllocStringLen
VariantInit

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA

gdi32

DeleteObject
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleDC
SelectObject
CreateCompatibleBitmap
SetBkMode
SetBkColor
SetTextColor

Sections

.text
Size: 620KB - Virtual size: 619KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8178a8acf2ab688c8b99aece8cd88ad8

Headers

File Characteristics

Imports

user32

kernel32

oleaut32

advapi32

gdi32

Sections

.text Size: 620KB - Virtual size: 619KB

.rdata Size: 88KB - Virtual size: 85KB

.data Size: 28KB - Virtual size: 27KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 620KB - Virtual size: 619KB

.rdata
Size: 88KB - Virtual size: 85KB

.data
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 8KB - Virtual size: 4KB