cf05dbff52aa8129cc85423759400fbd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cf05dbff52aa8129cc85423759400fbd_JaffaCakes118
Size

280KB
MD5

cf05dbff52aa8129cc85423759400fbd
SHA1

9ca036366e4dda59e15a9e8d15cf991a78f37fbf
SHA256

afd0ae33a78fb69db17d5cf00a7659068d85328e561bf73802e61e626fbfc617
SHA512

bcd17906ebc087ef4b861b5c27197dae594d3bd0c3dc625af6d90328a2cb3fd5690c98bf109b61f34f04f5ca4c833e0bcb7e1f00b74a0a689b2404e99d269167
SSDEEP

6144:vihX/aUkJRIXZ8f2AStL7f41iaDC5i2mbpsZDmiOgq:vihX/BkzIqFF1JGals8iO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf05dbff52aa8129cc85423759400fbd_JaffaCakes118

Files

cf05dbff52aa8129cc85423759400fbd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

65f32e5eb904473e281bcc1706305a6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

SetUrlCacheHeaderData
SetUrlCacheEntryGroupW
InternetCheckConnectionA
IsHostInProxyBypassList
InternetGetConnectedState
InternetGetCertByURLA
GetUrlCacheEntryInfoW
FtpRemoveDirectoryA

comctl32

DrawInsert
InitCommonControlsEx
ImageList_SetIconSize
ImageList_Duplicate
ImageList_AddMasked
CreateUpDownControl
ImageList_LoadImageW
CreateToolbar
ImageList_Create
InitMUILanguage

advapi32

StartServiceW
CryptGetDefaultProviderW
RegCreateKeyExW
LookupSecurityDescriptorPartsA
CryptSetProvParam
RegSetKeySecurity
RegLoadKeyW
LookupPrivilegeValueA
RegSaveKeyW
RegOpenKeyW
RegQueryMultipleValuesW
CryptGetKeyParam
CryptVerifySignatureW
CryptEnumProvidersA
CryptExportKey
CryptGenRandom
RegConnectRegistryA
CryptAcquireContextW
RegCreateKeyW
CryptSetHashParam
RegQueryValueExW
InitiateSystemShutdownW
RegRestoreKeyA
CryptGetUserKey
RegEnumKeyA

kernel32

TerminateProcess
GetStringTypeW
EnumSystemLocalesA
GetVolumeInformationW
SetVolumeLabelW
LCMapStringW
GetCurrentThreadId
GetStartupInfoA
WriteConsoleOutputCharacterW
TlsFree
GetUserDefaultLCID
GetLastError
lstrlen
SetLastError
GetOEMCP
WaitForMultipleObjectsEx
RtlFillMemory
InterlockedExchange
HeapDestroy
GetSystemTime
QueryPerformanceCounter
GetShortPathNameW
CreateMutexA
WriteFile
SetEnvironmentVariableA
VirtualLock
SetFileAttributesW
ExitProcess
ReadFile
HeapReAlloc
CloseHandle
LCMapStringA
WritePrivateProfileStructA
HeapFree
GetDriveTypeA
IsValidLocale
LeaveCriticalSection
GetSystemInfo
OpenProcess
GetDateFormatA
GetCPInfo
FreeEnvironmentStringsA
TlsGetValue
EnumTimeFormatsW
IsValidCodePage
FreeEnvironmentStringsW
GetLocaleInfoW
GetModuleFileNameA
lstrcmpiA
VirtualAlloc
GetTickCount
SetStdHandle
GetCommandLineA
HeapSize
RtlUnwind
GetFileType
DebugBreak
GetCurrentProcessId
GetTimeZoneInformation
GetProcAddress
CompareStringA
VirtualProtect
GetACP
GetStdHandle
TlsSetValue
GetStringTypeA
VirtualQuery
InitializeCriticalSection
DuplicateHandle
GetTimeFormatW
SetHandleCount
CreateEventW
IsDebuggerPresent
LoadLibraryA
SetConsoleCtrlHandler
GetEnvironmentStringsW
VirtualFree
EnumCalendarInfoExW
HeapCreate
GetEnvironmentStrings
MultiByteToWideChar
HeapAlloc
GetCurrentProcess
FlushFileBuffers
GetTimeFormatA
GetSystemTimeAsFileTime
IsBadWritePtr
WideCharToMultiByte
GetCurrentThread
GetProfileSectionW
GetLocaleInfoA
CompareStringW
FormatMessageA
OutputDebugStringA
DeleteCriticalSection
GetModuleHandleA
GetVersionExA
SetFilePointer
GetCurrentDirectoryW
MoveFileW
OpenMutexA
EnterCriticalSection
TlsAlloc
UnhandledExceptionFilter

shell32

ExtractAssociatedIconExW

user32

CreateDialogIndirectParamA
SetRect
OpenInputDesktop
CloseWindowStation
GetInputState
DrawStateA
GetMenuItemCount
GetTabbedTextExtentW
LoadStringA
SetClipboardData
RealChildWindowFromPoint
CreateCursor
IsCharLowerW
IsDlgButtonChecked
GetWindowLongW
MessageBoxA
DestroyWindow
BroadcastSystemMessage
DefWindowProcA
CharLowerBuffA
SetScrollInfo
PtInRect
SetClassWord
EnumDisplayDevicesW
DialogBoxParamA
UnregisterClassA
CharNextExA
CreateMenu
TranslateAcceleratorA
DdeAbandonTransaction
MessageBoxExW
SetLastErrorEx
SetMessageQueue
SetSystemCursor
GetDesktopWindow
DefMDIChildProcW
HideCaret
MessageBoxExA
GetMenuInfo
CreateWindowExA
DeleteMenu
EnumDisplaySettingsExW
DefWindowProcW
ToUnicode
CloseDesktop
IsZoomed
ShowWindow
SetKeyboardState
DlgDirSelectComboBoxExA
RegisterClassExA
RegisterClassA
GetMessageExtraInfo
SetMenuItemBitmaps
OffsetRect
RemovePropW
ReuseDDElParam
CharNextW
EnableScrollBar
CharPrevExA
IsCharAlphaNumericA
GetSystemMenu
ShowScrollBar
GetSysColor
DrawEdge
ChildWindowFromPointEx

gdi32

CreateScalableFontResourceA
GetViewportExtEx

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65f32e5eb904473e281bcc1706305a6d

Headers

File Characteristics

Imports

wininet

comctl32

advapi32

kernel32

shell32

user32

gdi32

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 88KB - Virtual size: 118KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 88KB - Virtual size: 118KB

.rsrc
Size: 28KB - Virtual size: 25KB