cf674995559aa80cb74a680975ee63ca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cf674995559aa80cb74a680975ee63ca_JaffaCakes118
Size

52KB
MD5

cf674995559aa80cb74a680975ee63ca
SHA1

d90cfe7d40b558fbace1c5ca3fef29d5f26d31fc
SHA256

1fe8a2c2f799f877929ebb776b6d9de4bb40208bfa6275c64e55b1e255bd61e5
SHA512

12cf760e00314f58c114bf7bdff1dce4d8fdd705f49d84e7af37d644499cefd77f053e363d0d66b1c2023f26627e50ee59f60be29eeba7bf9c563afac4fcba13
SSDEEP

768:WgAbkNdGjg1PrhJRYD08jxyWi26krmn4pUPohZHs4GyBMO2vL04jYvpSXo+fRHpF:WzIbkghrhJaRjxnqn4pk3vL02bZfvZjf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf674995559aa80cb74a680975ee63ca_JaffaCakes118

Files

cf674995559aa80cb74a680975ee63ca_JaffaCakes118
.exe windows:1 windows x86 arch:x86

c5450939c2aeee3440df59523009e756

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommError
CmdBatNotification
CreateMutexW
CreatePipe
EraseTape
ExitProcess
FileTimeToSystemTime
FormatMessageA
GetCommMask
GetCommState
GetCompressedFileSizeW
GetConsoleInputExeNameW
GetConsoleTitleA
GetDevicePowerState
GetFileSize
GetModuleFileNameA
GetPrivateProfileSectionNamesW
GetProcessPriorityBoost
GetSystemDefaultLangID
HeapCreate
MapViewOfFile
MoveFileW
ReadConsoleW
SetCommBreak
SetCommMask
SetComputerNameA
Sleep
SuspendThread
VirtualProtect
WriteFile
lstrcmpA
lstrcmpW
lstrcmpiA

user32

CharLowerBuffA
CharNextA
CharUpperA
CreateAcceleratorTableA
DdeFreeDataHandle
DdePostAdvise
DdeUninitialize
DispatchMessageA
DrawIconEx
FindWindowExW
GetClassWord
GetDlgCtrlID
GetInputState
GetKeyboardType
GetMenuState
GetQueueStatus
GetShellWindow
GetUpdateRect
GetWindowContextHelpId
IsCharLowerW
IsRectEmpty
SendIMEMessageExA
SendMessageTimeoutW
ShowCursor
UnhookWinEvent
UserHandleGrantAccess

gdi32

CloseFigure
CombineRgn
CreateHalftonePalette
CreateRectRgnIndirect
GdiComment
GdiFlush
GetBkMode
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetEnhMetaFileDescriptionA
GetLogColorSpaceA
GetMetaFileBitsEx
GetPath
GetPixel
GetPixelFormat
GetSystemPaletteUse
GetTextFaceA
GetTextFaceW
IntersectClipRect
ScaleViewportExtEx
SetMapMode
SetViewportOrgEx

comdlg32

ChooseFontA
PrintDlgA

comctl32

FlatSB_SetScrollProp

shell32

ExtractIconA

advapi32

AddAccessDeniedAceEx
AdjustTokenPrivileges
BuildTrusteeWithNameW
CryptExportKey
CryptGetDefaultProviderW
CryptSetHashParam
ElfChangeNotify
EnumDependentServicesW
GetAuditedPermissionsFromAclA
GetServiceKeyNameA
InitializeSid
IsTokenRestricted
LogonUserA
LookupSecurityDescriptorPartsA
LsaCreateTrustedDomain
PrivilegedServiceAuditAlarmA
RegDeleteKeyA
RegGetKeySecurity
RegRestoreKeyA
RegUnLoadKeyA
SetEntriesInAccessListA
SetNamedSecurityInfoExW
SetPrivateObjectSecurity

msvcrt

_chdir
_chkesp
_cwait
_getws
_strdup
_stricmp
_unloaddll
_vsnwprintf
_wcsncoll
_wexecle
isleadbyte
perror
printf
wscanf

Sections

.text
Size: 7KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5450939c2aeee3440df59523009e756

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

comctl32

shell32

advapi32

msvcrt

Sections

.text Size: 7KB - Virtual size: 75KB

.data Size: 39KB - Virtual size: 50KB

.rdata Size: 2KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 75KB

.data
Size: 39KB - Virtual size: 50KB

.rdata
Size: 2KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB