cecf0ade9371b4883644cafc3e3dbf90_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cecf0ade9371b4883644cafc3e3dbf90_JaffaCakes118
Size

248KB
MD5

cecf0ade9371b4883644cafc3e3dbf90
SHA1

c7cc664f9221c1e8868af131da55bf42f34596de
SHA256

9244c9623a1166829d7b74a399eccb238ac49c836684eb66d09f4c0f2aa290a0
SHA512

c2e0f9e818a6f89db7965b9de503c798a6803886736a119aa90052b0f3ce3b8611a991f2a8b14b3602327dacffc52e5dad22671388d4b65272a4c11298e98899
SSDEEP

6144:t1J4a89/EpgdWaulWVKpVi09LgCJ/HIuCecQz8hbPsfmN:t1JmcSdoFpVi09zvIuDcQItPsa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cecf0ade9371b4883644cafc3e3dbf90_JaffaCakes118

Files

cecf0ade9371b4883644cafc3e3dbf90_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f66a05c24f554d348980513be5ce03f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegQueryValueExA

kernel32

GetACP
FreeEnvironmentStringsA
SearchPathW
GetFileType
LoadLibraryExA
IsBadReadPtr
CreateFileA
InterlockedDecrement
Beep
GetEnvironmentStringsW
Sleep
VirtualFree
GetUserDefaultLCID
GlobalAlloc
LoadLibraryA
lstrlenA
GetCurrentThreadId
Sleep
SetThreadPriority
SetPriorityClass
GlobalFree
SetProcessWorkingSetSize
HeapDestroy
IsDBCSLeadByteEx
GetCurrentThread
ExitProcess
GetLocaleInfoW
OutputDebugStringA
GetCPInfo
WaitForMultipleObjects
lstrcmpW
RaiseException
MulDiv
GlobalGetAtomNameW
RtlUnwind
FreeLibrary
GetStringTypeA

ole32

OleRegGetUserType
OleCreateEmbeddingHelper
DoDragDrop
CoDisconnectObject
CreateILockBytesOnHGlobal
OleDestroyMenuDescriptor
OleRegEnumFormatEtc
OleCreateFromFile
StringFromCLSID
GetHGlobalFromILockBytes
ReleaseStgMedium
OleIsCurrentClipboard
RevokeDragDrop
OleCreateLinkFromData
GetClassFile
StgOpenStorage
CoRegisterMessageFilter
CoIsOle1Class
OleRun

user32

SetActiveWindow
TranslateMDISysAccel
GetDoubleClickTime
DefWindowProcW
EnumChildWindows
GetCursor
ClipCursor
DefFrameProcA
GetSysColorBrush
DefMDIChildProcA
PeekMessageA
TranslateAcceleratorA
IsWindow
ScrollWindowEx
ValidateRect
ScrollDC
DrawIconEx
SetForegroundWindow
ScreenToClient
CreateDialogIndirectParamW
CallWindowProcW
CreateMDIWindowW
ShowCursor
RegisterClassExA
GetUpdateRgn
IsDialogMessageW
GetDC

ntdll

ZwSetEvent
ZwQueryInformationProcess
ZwCreateTimer
RtlAddAce
NtQuerySystemTime
NtProtectVirtualMemory

mspmecli

_LDenorm
_Strcoll
_Sinh
_LSinh
_Exp
_Nan
_FSnan
_LNan

gdi32

RealizePalette
SelectPalette
EnumFontFamiliesExA
GetEnhMetaFileBits
CreateCompatibleDC
AnimatePalette
GetWinMetaFileBits
DPtoLP
GetPixel
DeleteMetaFile
Polygon
BitBlt
GdiSetBatchLimit
GetTextFaceA
OffsetWindowOrgEx
DeleteDC
CreatePalette
SetBkColor

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f66a05c24f554d348980513be5ce03f8

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

ole32

user32

ntdll

mspmecli

gdi32

Sections

.text Size: 144KB - Virtual size: 144KB

.data Size: 55KB - Virtual size: 55KB

.rsrc Size: 54KB - Virtual size: 56KB

.text
Size: 144KB - Virtual size: 144KB

.data
Size: 55KB - Virtual size: 55KB

.rsrc
Size: 54KB - Virtual size: 56KB