cf18ac6a1491e406584c74faa1d821bd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cf18ac6a1491e406584c74faa1d821bd_JaffaCakes118
Size

1.2MB
MD5

cf18ac6a1491e406584c74faa1d821bd
SHA1

f99fd4e62059093161b4ed67b1b3461b8323376e
SHA256

1b6540ef71e1fc1f95f2917d20f753990c31c7cbeadc262cf521607501352516
SHA512

066303be2816540a828c9ff5da304ef6f4df1eb0e0e82097dc2c53db88d68a8898ada0255128d763cf725582f3abb0df3643e0604f4d21d772a98775f1acb0b6
SSDEEP

24576:O4ptLPjzPww7Ya+beysXNr2RD5SmxMtZmE2N/:LjzPZ7ubZCNr2+1mEY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf18ac6a1491e406584c74faa1d821bd_JaffaCakes118

Files

cf18ac6a1491e406584c74faa1d821bd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5d01e1af493a5fa43c4400b3e42a88a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
FreeConsole
GetThreadLocale
DeleteFileW
GetFullPathNameW
CreateDirectoryW
GetTempPathW
LoadLibraryW
SystemTimeToFileTime
GetSystemTimeAsFileTime
CloseHandle
SetStdHandle
GetLastError
GetCurrentThreadId
GetCurrentProcessId
VirtualAlloc
GetProcAddress

shlwapi

AssocCreate
SHSetValueW
SHGetValueW
SHDeleteKeyW
PathRemoveFileSpecW
UrlUnescapeW
PathStripToRootW
PathSkipRootW
PathStripPathW
PathRemoveBlanksW
PathRemoveBackslashW
PathParseIconLocationW
PathIsNetworkPathW
PathIsRelativeW
PathIsDirectoryW
PathGetDriveNumberW
PathFindNextComponentW
PathFileExistsW
PathCanonicalizeW
SHStrDupW
StrStrIW
StrStrW
StrRChrW
StrPBrkW
StrFormatByteSizeW
StrDupW
StrCmpNW
StrChrIW
StrChrW
PathCreateFromUrlW

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
_exit
_XcptFilter
exit
__p___winitenv
__wgetmainargs

comctl32

DestroyPropertySheetPage
ImageList_Create
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_Draw
ImageList_GetIcon
ImageList_LoadImageW
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragMove
ImageList_SetDragCursorImage
ImageList_DragShowNolock
CreateToolbarEx
FlatSB_GetScrollPos
FlatSB_SetScrollPos
FlatSB_SetScrollProp
FlatSB_SetScrollInfo
CreatePropertySheetPageW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoGetMalloc

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 733KB - Virtual size: 7.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 478KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d01e1af493a5fa43c4400b3e42a88a3

Headers

File Characteristics

Imports

kernel32

shlwapi

msvcrt

comctl32

ole32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 733KB - Virtual size: 7.5MB

.rsrc Size: 478KB - Virtual size: 477KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 733KB - Virtual size: 7.5MB

.rsrc
Size: 478KB - Virtual size: 477KB