cef99f3a1730b29e09eb4430a9c0874d_JaffaCakes118

General

Target

cef99f3a1730b29e09eb4430a9c0874d_JaffaCakes118
Size

340KB
MD5

cef99f3a1730b29e09eb4430a9c0874d
SHA1

f0f87172dd278c7af9b261d88574e42a616a887d
SHA256

c972cf4c03842e7b078c366d96496f6a48a97e9aa50bd3ee3591bd0d1ff0bfb1
SHA512

b72f0228fdac1eff6a2c858607053bce8dae310d67479adc5c1b09c2939912eb50b078dbbdf6b7bccb5054407d1006918ec97be7d7ecff615a61ac7cd5d587f6
SSDEEP

1536:IsxRgLdHaxvCYGHOZfz5m+iQuVbo7aOak/AkbC+92pkFJ7R1t/QiG4h/gbK2aiPc:IsxuLd0vhtDiXbgLLbC+qs7R1tYiGDB8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cef99f3a1730b29e09eb4430a9c0874d_JaffaCakes118

Files

cef99f3a1730b29e09eb4430a9c0874d_JaffaCakes118
.exe windows:0 windows x86 arch:x86

cbd0bb56cd774e0dca7795e4d1e62ebd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AllocateUserPhysicalPages
BaseCleanupAppcompatCacheSupport
BaseInitAppcompatCache
BuildCommDCBAndTimeoutsA
BuildCommDCBW
CallNamedPipeW
CheckNameLegalDOS8Dot3W
CommConfigDialogA
CommConfigDialogW
ConvertDefaultLocale
ConvertThreadToFiber
CopyFileExA
CreateDirectoryExA
CreateFileA
CreateFileW
CreateMutexA
CreateNamedPipeW
CreateProcessInternalA
CreateProcessInternalW
CreateProcessW
DefineDosDeviceW
DeleteCriticalSection
DeleteVolumeMountPointW
DnsHostnameToComputerNameW
DuplicateConsoleHandle
DuplicateHandle
EncodePointer
EnumCalendarInfoA
EnumResourceNamesW
EnumResourceTypesA
EnumSystemLocalesW
EnumUILanguagesW
EscapeCommFunction
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindFirstFileA
FindFirstFileExA
FindResourceA
FoldStringW
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibraryAndExitThread
GetAtomNameW
GetCPInfoExA
GetConsoleAliasesA
GetConsoleAliasesW
GetConsoleInputWaitHandle
GetConsoleProcessList
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDefaultSortkeySize
GetDevicePowerState
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetDriveTypeW
GetEnvironmentStrings
GetModuleFileNameA
GetModuleHandleA
GetNamedPipeInfo
GetNumberOfConsoleFonts
GetPrivateProfileIntW
GetPrivateProfileSectionW
GetProcAddress
GetProcessPriorityBoost
GetProcessWorkingSetSize
GetSystemDefaultLCID
GetTempFileNameW
GetThreadContext
GetThreadTimes
GetUserDefaultLangID
GetUserDefaultUILanguage
GetVolumeInformationA
GetVolumePathNameA
GetWindowsDirectoryA
GlobalAlloc
GlobalGetAtomNameA
Heap32ListNext
HeapCompact
HeapDestroy
HeapQueryTagW
HeapReAlloc
HeapSetInformation
InterlockedFlushSList
InterlockedPushEntrySList
IsBadStringPtrW
LCMapStringW
LZCopy
LZOpenFileA
LZStart
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
Module32First
MoveFileExA
MulDiv
NumaVirtualQueryNode
OpenFile
OpenJobObjectW
OpenMutexW
OutputDebugStringW
PrivCopyFileExW
Process32First
ReadConsoleInputA
ReadFileEx
ReadFileScatter
RegisterWaitForSingleObjectEx
RegisterWowExec
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlCaptureStackBackTrace
SetConsoleActiveScreenBuffer
SetConsoleTextAttribute
SetConsoleTitleA
SetDefaultCommConfigW
SetFileShortNameA
SetFileValidData
SetLastConsoleEventActive
SetLocalPrimaryComputerNameW
SetNamedPipeHandleState
SetSystemTime
SetVolumeMountPointA
Sleep
SwitchToFiber
SwitchToThread
TlsGetValue
TlsSetValue
TzSpecificLocalTimeToSystemTime
UTRegister
UnhandledExceptionFilter
ValidateLocale
VerifyVersionInfoW
VirtualProtect
WriteConsoleOutputCharacterW
WriteConsoleOutputW
WriteProcessMemory
WriteProfileSectionA
WriteTapemark
lstrcmp

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbd0bb56cd774e0dca7795e4d1e62ebd

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 132KB - Virtual size: 131KB

.text
Size: 132KB - Virtual size: 131KB