ceef8e835beb656d8a50208d2066c0bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ceef8e835beb656d8a50208d2066c0bb_JaffaCakes118
Size

576KB
MD5

ceef8e835beb656d8a50208d2066c0bb
SHA1

584266e2c635b7cb2171f073cad6e3ec66a69d00
SHA256

b73d7b120af7278ece3d4fd5bf91724af8e32d39bb9dc3fc0d2632fe267a41cf
SHA512

17552c0a720005e7067fd34eb5ad8c0344b6fb39054d1d42d0d4477e2b7aa01c57b07f10644aa8f28700d4f7068ce288af1483c9ea60c3c3463a4dfa3206fbb9
SSDEEP

12288:2lMj7Zj8T2+pzWdCr2ybDZGadU+WLSBuW/6rPd0fPL7Dhv:358/lWUfbDDazGBn/6RAHhv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ceef8e835beb656d8a50208d2066c0bb_JaffaCakes118

Files

ceef8e835beb656d8a50208d2066c0bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f2a4e1050dcb76338b255344a30315ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

DeleteAtom
SetTimeZoneInformation
GetDateFormatA
LeaveCriticalSection
OpenMutexA
FreeEnvironmentStringsW
UnhandledExceptionFilter
TerminateProcess
GetOEMCP
LocalCompact
GetCurrentProcess
QueryPerformanceCounter
WriteConsoleA
SetUnhandledExceptionFilter
CreateMutexA
SetEnvironmentVariableA
GlobalUnlock
GetStartupInfoW
GetModuleFileNameW
GetFileType
HeapCreate
CloseHandle
GetLastError
GetLocaleInfoA
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetUserDefaultLCID
IsDebuggerPresent
GetCurrentThread
GetEnvironmentStrings
RtlUnwind
VirtualProtect
VirtualQueryEx
HeapDestroy
VirtualFree
InterlockedIncrement
LoadLibraryExW
CompareStringW
GetConsoleMode
CreateFileA
GetStringTypeW
OutputDebugStringA
HeapReAlloc
EnumDateFormatsW
WideCharToMultiByte
GetTickCount
GetTimeZoneInformation
TlsAlloc
ReadFile
EnumCalendarInfoExW
GetCPInfo
MultiByteToWideChar
LCMapStringW
WriteConsoleW
LoadLibraryW
IsValidLocale
InterlockedDecrement
HeapAlloc
InterlockedExchange
GetLocaleInfoW
EnterCriticalSection
GetEnvironmentStringsW
GetPrivateProfileIntA
SetLastError
TlsFree
WriteFile
GetConsoleCP
GetStartupInfoA
IsBadReadPtr
GetStdHandle
SetStdHandle
GetProcAddress
RaiseException
TlsGetValue
GetVersionExA
lstrlenA
ExitProcess
GetACP
IsValidCodePage
FreeLibrary
LoadLibraryA
TlsSetValue
CreateWaitableTimerW
DebugBreak
VirtualAlloc
GetTimeFormatA
EnumResourceTypesW
InitializeCriticalSection
VirtualQuery
GetModuleFileNameA
ConvertDefaultLocale
WriteFileEx
GetCurrentThreadId
DeleteCriticalSection
GetProcessHeap
GetModuleHandleA
HeapValidate
EnumSystemLocalesA
SetFilePointer
GetCurrentProcessId
CreateSemaphoreW
GetConsoleOutputCP
OutputDebugStringW
GetModuleHandleW
SetConsoleCtrlHandler
SetHandleCount
FindClose
GetCommandLineA
GetStringTypeA
GetExitCodeProcess
GetCommandLineW
HeapFree
FlushFileBuffers
LCMapStringA
CompareStringA

gdi32

RectInRegion
GetPaletteEntries
SetColorAdjustment
AddFontResourceW

wininet

FtpRemoveDirectoryA
InternetDialW

user32

ReleaseCapture
GetMenuStringW
DdeGetLastError
RegisterClassA
GetClientRect
SetWindowsHookExA
CreateIconFromResourceEx
SetRect
GetClassLongW
RealChildWindowFromPoint
LoadIconW
RegisterClassExA
IsMenu

Sections

.text
Size: 402KB - Virtual size: 402KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2a4e1050dcb76338b255344a30315ba

Headers

File Characteristics

Imports

comctl32

kernel32

gdi32

wininet

user32

Sections

.text Size: 402KB - Virtual size: 402KB

.rdata Size: 57KB - Virtual size: 71KB

.data Size: 96KB - Virtual size: 96KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 402KB - Virtual size: 402KB

.rdata
Size: 57KB - Virtual size: 71KB

.data
Size: 96KB - Virtual size: 96KB

.rsrc
Size: 18KB - Virtual size: 18KB