cf263c70635945369e6343334da52a98_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cf263c70635945369e6343334da52a98_JaffaCakes118
Size

3.7MB
MD5

cf263c70635945369e6343334da52a98
SHA1

c43522e68f162aaa609abc89576a1ab20e9bd9c6
SHA256

d7c4721d15770d8a541543cfbd01c485baa314bd8b9d7d1726f1d9b34aaec3f4
SHA512

0345052107949d367858d5bc8028f797d610b93c96ff8ac51fb14bbf034450d60e84b885b21b9743c932c90d862c48d07cb02914c341b7941e0ea5d55f5246d8
SSDEEP

98304:gMe709Tb/C3cmgCMFP1nflFzVGXjnFjGIzQa83kqS:G0F+37vMptfHzVMTFjga8I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf263c70635945369e6343334da52a98_JaffaCakes118

Files

cf263c70635945369e6343334da52a98_JaffaCakes118
.exe windows:4 windows x86 arch:x86

753e3503712309e3b6d46f6b5cce7377

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetObjectA
GetPolyFillMode
SetMapMode
CreateEllipticRgnIndirect
GetCurrentPositionEx
StartDocA

kernel32

SetConsoleTitleA
WritePrivateProfileStringA
GetSystemDefaultLangID
ExitProcess
QueryDosDeviceA
GetDriveTypeA
SetConsoleCursorPosition
EnumDateFormatsW
ExpandEnvironmentStringsW
GlobalAddAtomW
UnhandledExceptionFilter
lstrcpynA

shell32

SHGetSettings
SHGetSpecialFolderLocation

ole32

CoCreateInstanceEx
CoLockObjectExternal

oleaut32

VariantChangeType
LoadTypeLibEx

user32

SetMenuInfo
CheckDlgButton
EndPaint
DestroyWindow
UnregisterDeviceNotification
EnumDisplaySettingsExW
PostQuitMessage
GetKeyNameTextA
SetWindowsHookExW
SetSysColors
EndDeferWindowPos
GetWindowTextW
RemovePropW
EnumWindowStationsA
ToAscii
IsMenu
IsCharAlphaA
DefDlgProcW
UnionRect
GetKeyboardLayout
CharToOemBuffA
SetProcessDefaultLayout
CharLowerW
GetCaretBlinkTime

ws2_32

sendto
WSANtohs
WSAAccept
WSADuplicateSocketA
WSAEnumProtocolsA
WSAAsyncGetServByName

version

VerInstallFileA

comctl32

ImageList_SetImageCount
ImageList_Destroy
_TrackMouseEvent

advapi32

LookupPrivilegeNameA
GetPrivateObjectSecurity
CryptGetHashParam
OpenServiceA
SetNamedSecurityInfoA
RegUnLoadKeyA
SetKernelObjectSecurity

Sections

.text
Size: 2KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

753e3503712309e3b6d46f6b5cce7377

Headers

File Characteristics

Imports

gdi32

kernel32

shell32

ole32

oleaut32

user32

ws2_32

version

comctl32

advapi32

Sections

.text Size: 2KB - Virtual size: 220KB

.text Size: 512B - Virtual size: 6B

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 3.5MB - Virtual size: 3.5MB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 2KB - Virtual size: 220KB

.text
Size: 512B - Virtual size: 6B

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 3.5MB - Virtual size: 3.5MB

.rsrc
Size: 19KB - Virtual size: 18KB