cf45e756eba9cbe54838adb30382e17a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cf45e756eba9cbe54838adb30382e17a_JaffaCakes118
Size

88KB
MD5

cf45e756eba9cbe54838adb30382e17a
SHA1

8d918b01a1572e5e450822dc51da18cb0eb43e3d
SHA256

3c16ba4855968ade22b01a225343daf043d739dcf68b50ad07fd642c57abd329
SHA512

e00776414f9c35a25cbff4f74d60ecc14d1b5b3fb0bd1d19a81e891b0e9a3b11863ab5db02043c25624ebc2c2c755086898cc2651ceca65e3c46ab185ae7d7a8
SSDEEP

1536:2Bqx76Y9tS9eEwVHezDGOQGCisWJlW0W5FfMGCX9sKgbnin2wtk3JMbvCiI3Y:xx76Y9arwVHeHGgFnLeMGg9QTinw36qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf45e756eba9cbe54838adb30382e17a_JaffaCakes118

Files

cf45e756eba9cbe54838adb30382e17a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

891368517f6d5979de7e380c380d689c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetLastError
VerLanguageNameW
VerSetConditionMask
VirtualAlloc
GetBinaryTypeA
GetBinaryType
FindClose
MapViewOfFileEx
SetSystemPowerState
GetNativeSystemInfo
GetFullPathNameA
SetConsoleOutputCP
LocalFlags
GetCurrentProcessId
BeginUpdateResourceW
GetSystemTimeAsFileTime
HeapCreate
ContinueDebugEvent
GetTickCount
SetConsoleCursorPosition
QueryPerformanceCounter
GetStartupInfoA
LoadLibraryA

gdi32

GdiEntry2
SetRelAbs
GetTextExtentExPointWPri
BitBlt
StretchDIBits
GdiEntry7
GetCharWidthInfo
PatBlt
CLIPOBJ_ppoGetPath
ChoosePixelFormat
GdiConvertToDevmodeW
SetTextColor
MaskBlt
LPtoDP
EngCreatePalette
StartFormPage
DdEntry15
FillRgn

wininet

InternetGetCertByURLA
InternetSetDialStateW
InternetCanonicalizeUrlA
GopherFindFirstFileW
InternetGoOnlineW
InternetTimeFromSystemTimeW
CreateUrlCacheGroup
InternetGetPerSiteCookieDecisionA
GopherFindFirstFileA
InternetHangUp
SetUrlCacheEntryGroupW
RetrieveUrlCacheEntryStreamW
HttpQueryInfoW
ParseX509EncodedCertificateForListBoxEntry
InternetClearAllPerSiteCookieDecisions
GopherCreateLocatorW
FtpCreateDirectoryA
FtpCreateDirectoryW
InternetGetCookieExA
InternetReadFileExA
InternetAutodialHangup
CreateUrlCacheEntryW
SetUrlCacheGroupAttributeW

duser

DUserSendMethod
GetGadgetCenterPoint
PeekMessageExA
UnregisterGadgetMessageString
DllMain
SetGadgetProperty
DUserCastClass
GetGadgetTicket
DUserRegisterStub
InvalidateGadget
IsStartDelete
GetGadgetAnimation
FindGadgetMessages
DUserStopAnimation
UnregisterGadgetMessage
UtilDrawBlendRect

msvcrt20

_tcsnicmp
?seekpos@streambuf@@UAEJJH@Z
?pbackfail@stdiobuf@@UAEHH@Z
_ecvt
putchar
?sputn@streambuf@@QAEHPBDH@Z
_mbbtombc
_mbsicmp
??_8ifstream@@7B@
_cscanf
_heapmin
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
isleadbyte
?fill@ios@@QAEDD@Z
_wfindnext
fputws
??0ostream_withassign@@QAE@PAVstreambuf@@@Z
_atodbl
_mbscat

wiashext

MakeFullPidlForDevice
AddDeviceWasChosen
DllCanUnloadNow
AddDeviceWasChosenA
AddDeviceWasChosenW
DllUnregisterServer
DllGetClassObject
DoDeleteAllItems
DllRegisterServer

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

891368517f6d5979de7e380c380d689c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

wininet

duser

msvcrt20

wiashext

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 17KB - Virtual size: 19KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 512B - Virtual size: 328B

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 17KB - Virtual size: 19KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 512B - Virtual size: 328B