cf4e016e7e3b703a7c2472decf03bbc8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cf4e016e7e3b703a7c2472decf03bbc8_JaffaCakes118
Size

316KB
MD5

cf4e016e7e3b703a7c2472decf03bbc8
SHA1

ae5618a4c03ee87f4a2aff3e036b1c7cc8c76850
SHA256

bff5c2e1d89300fc4062fb83147c722a93f47b83d39f1aacef15708b78777ca4
SHA512

0e723c7640a20d0c267539a983e449cd5d6c470e2ad63350555b0258c754179764b3c76172043b59ae21b8ddabc619d6fac6e6839cf693c39fd487234fe73fc9
SSDEEP

6144:Tn1kWDcMh4UEb1InZup3pS16V22fwaFLJgGAud:T1k4hhq9ZYg2eFLJHj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf4e016e7e3b703a7c2472decf03bbc8_JaffaCakes118

Files

cf4e016e7e3b703a7c2472decf03bbc8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c404ba4be50e626e09433bef3ed8a3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\odowistso\eke\yaa.pdb

Imports

shell32

InternalExtractIconListW
SHBrowseForFolder

kernel32

WriteFileEx
WaitForMultipleObjects
HeapSize
EnumResourceNamesA
VirtualFree
SetWaitableTimer
FreeEnvironmentStringsA
SetCurrentDirectoryW
GetConsoleTitleW
GlobalAlloc
GetLogicalDrives
GetProcessShutdownParameters
GetProcessHeaps
FindFirstFileW
GetProcAddress
GetThreadPriority
GetConsoleScreenBufferInfo
IsBadWritePtr
GetSystemTime
GetStringTypeA
HeapFree
GetVersion
UnhandledExceptionFilter
FlushFileBuffers
IsDebuggerPresent
GetSystemDefaultLCID
FindNextChangeNotification
SetConsoleTitleA
EnumCalendarInfoExA
HeapCreate
GetVolumeInformationA
SuspendThread
SetHandleCount
TerminateProcess
GetCommandLineA
HeapAlloc
ExitProcess
TlsFree
ResetEvent
LCMapStringA
GetCurrentThread
GetEnvironmentStringsW
InterlockedDecrement
FillConsoleOutputCharacterW
GetModuleHandleA
GetExitCodeThread
GetPrivateProfileIntW
RtlMoveMemory
TransactNamedPipe
LocalHandle
OpenSemaphoreW
InterlockedExchange
PulseEvent
GetPrivateProfileStringA
LeaveCriticalSection
WriteFile
GetACP
ReadFile
OpenSemaphoreA
LCMapStringW
SetFilePointer
VirtualAlloc
DuplicateHandle
FreeEnvironmentStringsW
HeapDestroy
CompareStringW
GetCurrentThreadId
SetThreadContext
GetOEMCP
EnterCriticalSection
TlsSetValue
GetFileType
CreateWaitableTimerW
GetLongPathNameW
GetCompressedFileSizeW
lstrlen
LoadLibraryA
FreeLibraryAndExitThread
EnumResourceTypesW
lstrcmp
MultiByteToWideChar
WaitNamedPipeW
HeapReAlloc
SetLastError
FreeLibrary
OpenMutexA
CloseHandle
AllocConsole
ReadConsoleInputA
GetUserDefaultLangID
InitializeCriticalSectionAndSpinCount
GetFullPathNameA
DeleteFileA
VirtualQuery
SetEnvironmentVariableA
GetStringTypeW
GetAtomNameA
MoveFileExA
GetVersionExA
GetCalendarInfoW
GetSystemTimeAsFileTime
GetLocalTime
CreateMutexA
GetProfileSectionW
GetCurrentProcessId
OpenEventW
SetTimeZoneInformation
WideCharToMultiByte
CompareStringA
TlsGetValue
VirtualLock
GetFileAttributesExA
ReadConsoleW
GetDateFormatA
GetCPInfo
GetEnvironmentStrings
InterlockedIncrement
InitializeCriticalSection
SetStdHandle
GetCurrentProcess
lstrlenW
GlobalGetAtomNameA
GetSystemInfo
WaitForMultipleObjectsEx
QueryPerformanceCounter
GetStartupInfoA
TlsAlloc
GetStdHandle
GetStringTypeExA
DeleteCriticalSection
GetTimeZoneInformation
WriteConsoleW
GetTimeFormatW
GetLastError
RtlUnwind
GetModuleFileNameA
GetTickCount

gdi32

GetWinMetaFileBits
GetKerningPairsA
EnumFontsW
FloodFill
GetEnhMetaFileW
GetEnhMetaFileDescriptionA
CreateDIBitmap
StrokePath

comctl32

ImageList_GetFlags
ImageList_DrawEx
DrawStatusTextW
ImageList_DragMove
ImageList_EndDrag
CreatePropertySheetPageW
ImageList_Replace
CreateToolbar
ImageList_SetFilter
CreateStatusWindowW
CreateMappedBitmap
InitCommonControlsEx
ImageList_SetBkColor

user32

SetRect
TileChildWindows
DdeCreateStringHandleW
DestroyWindow
GetMenuStringA
DdeFreeStringHandle
GetKeyboardState
DdeSetUserHandle
IsCharAlphaA
LoadAcceleratorsW
CreateIconFromResource
DefWindowProcA
DrawIcon
RegisterClassA
GetDialogBaseUnits
UnregisterClassW
CreateIconIndirect
GetClassInfoA
CreateWindowExW
GetShellWindow
MessageBoxA
RegisterClassExA
RegisterClassW
EnumDisplayMonitors
ShowWindow

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c404ba4be50e626e09433bef3ed8a3b

Headers

File Characteristics

PDB Paths

Imports

shell32

kernel32

gdi32

comctl32

user32

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 88KB - Virtual size: 107KB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 88KB - Virtual size: 107KB

.rsrc
Size: 68KB - Virtual size: 66KB