cf3064582255132aaf515df006867a50_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cf3064582255132aaf515df006867a50_JaffaCakes118
Size

912KB
MD5

cf3064582255132aaf515df006867a50
SHA1

2d57ade3f97bcb5bfd309b32929f343ccd08a0af
SHA256

943c14b66c6330c29eddc4cf40d54a333be4fb4e6b21e1555bf91bd72d9b0893
SHA512

0a82f0a613a08491b0c023b0e86ef1b1dc70c057d74274606c7e27b1682480e831f6c5ae93e4433bdb05a01447c95851ccc72a72163c1dc757e138478d10a39a
SSDEEP

24576:LyCGE3LRCzMeHhxSacpSqr70ftGi7t4T4LcaCrHPIXhEc+3:uGRoUpfqj20L6HPIXhEcw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf3064582255132aaf515df006867a50_JaffaCakes118

Files

cf3064582255132aaf515df006867a50_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5b29ee6a07301cfe1799e835c95d29f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegOpenKeyExA
GetUserNameA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA

winmm

joyGetPosEx
joyGetNumDevs
timeBeginPeriod
joyGetDevCapsA
timeGetTime
timeEndPeriod
midiInStart
midiInOpen
midiInGetDevCapsA
midiInGetNumDevs
midiInClose

wsock32

WSAGetLastError
recvfrom
sendto
WSACleanup
WSAStartup
gethostbyname
ioctlsocket
connect
send
recv
socket
inet_ntoa
setsockopt
htons
bind
gethostname
ntohl
closesocket

kernel32

GetSystemDirectoryA
GetSystemTime
InterlockedIncrement
GetStringTypeA
SetEnvironmentVariableA
GetStringTypeW
SetEnvironmentVariableW
GetLocaleInfoW
SetConsoleCtrlHandler
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetOEMCP
GetACP
CompareStringW
OutputDebugStringA
GetProcAddress
LoadLibraryA
GetDriveTypeA
GlobalUnlock
GlobalSize
GlobalLock
FreeLibrary
GetVersionExA
Sleep
SetErrorMode
MulDiv
ResetEvent
HeapFree
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
WriteFile
GetStdHandle
FlushFileBuffers
GetCurrentThread
TlsGetValue
SetHandleCount
TlsFree
TlsAlloc
SetLastError
GetCurrentThreadId
LCMapStringW
TlsSetValue
WideCharToMultiByte
IsBadWritePtr
LCMapStringA
VirtualAlloc
FatalAppExitA
HeapReAlloc
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
VirtualFree
HeapCreate
InitializeCriticalSection
RaiseException
MultiByteToWideChar
HeapDestroy
CreateFileA
GetFileType
GetSystemTimeAsFileTime
SetFilePointer
CloseHandle
ReadFile
GetVersion
GetCommandLineA
RtlUnwind
GetModuleHandleA
FileTimeToLocalFileTime
GetStartupInfoA
CompareStringA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
FreeEnvironmentStringsW
SetEndOfFile
GetCPInfo
GetTimeZoneInformation
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
CreateThread
CreateEventA
WaitForSingleObject
SetEvent
ExitProcess
TerminateProcess
InterlockedDecrement
IsValidLocale
FindClose
FileTimeToSystemTime
GetLocalTime
HeapAlloc
CreateDirectoryA
GetCurrentProcess
GetLastError
FindFirstFileA
GetCurrentDirectoryA
GetFullPathNameA
FindNextFileA

user32

GetWindowLongA
EnumDisplaySettingsA
MessageBoxA
RegisterWindowMessageA
UnregisterHotKey
SystemParametersInfoA
DestroyWindow
RegisterHotKey
CloseWindow
DefWindowProcA
PostQuitMessage
SetTimer
LoadCursorA
InvalidateRect
LoadIconA
GetDesktopWindow
RegisterClassA
AdjustWindowRect
CreateWindowExA
GetDC
ReleaseDC
ShowWindow
SendMessageA
SetWindowLongA
GetWindowTextA
UpdateWindow
SetForegroundWindow
SetFocus
SetWindowTextA
CallWindowProcA
GetClipboardData
PeekMessageA
OpenClipboard
TranslateMessage
CloseClipboard
GetMessageA
ReleaseCapture
DispatchMessageA
GetCursorPos
SetCursorPos
GetSystemMetrics
GetWindowRect
ShowCursor
SetCapture
ClipCursor
ChangeDisplaySettingsA

gdi32

SwapBuffers
CreateFontA
GetDeviceGammaRamp
SetPixelFormat
DescribePixelFormat
SetDeviceGammaRamp
CreateSolidBrush
SetBkColor
SetTextColor
GetDeviceCaps

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 704KB - Virtual size: 703KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 112KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.3rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d5b29ee6a07301cfe1799e835c95d29f

Headers

File Characteristics

Imports

advapi32

winmm

wsock32

kernel32

user32

gdi32

ole32

Sections

.text Size: 704KB - Virtual size: 703KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 112KB - Virtual size: 3.1MB

.rsrc Size: 8KB - Virtual size: 5KB

.3rdata Size: 68KB - Virtual size: 68KB

.text
Size: 704KB - Virtual size: 703KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 112KB - Virtual size: 3.1MB

.rsrc
Size: 8KB - Virtual size: 5KB

.3rdata
Size: 68KB - Virtual size: 68KB