cf7cb587108922262d092be19298d5d0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cf7cb587108922262d092be19298d5d0_JaffaCakes118
Size

596KB
MD5

cf7cb587108922262d092be19298d5d0
SHA1

d07ef2326750fcfd745fb3a6aaa46b0804a785a9
SHA256

8e8141e6697c6e4e1b7743f13553c5098ee6fab67a7804c7eb026dcb5ab7f398
SHA512

d71697a5872588431bb8681ef65a2418ffd447ac0d781444c288a6eef2065bf25fb8e489fca2babd09cac2f463bc08f4c9f07b7d074af5c6ade104ef1ac8fac1
SSDEEP

12288:G/iOXpu4Wo/WfTcFXXZyGSMU1v0BKuEHy/nBL2ENK+nfhjwEi:0pGKXgGSMORLSfBPNK+nfhc/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf7cb587108922262d092be19298d5d0_JaffaCakes118

Files

cf7cb587108922262d092be19298d5d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e3648252d7d9574a7fdcbf626ccd4d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
ConnectNamedPipe
GlobalGetAtomNameW
VirtualQueryEx
FindFirstFileExW
ExitThread
GlobalDeleteAtom
MoveFileExA
CreateProcessA
GetEnvironmentStringsW
VirtualQuery
GetCurrentProcessId
IsBadReadPtr
DosDateTimeToFileTime
_llseek
UnmapViewOfFile
VirtualLock
GetPrivateProfileStringW
GetOEMCP
LeaveCriticalSection
GetPrivateProfileSectionW
EnumSystemCodePagesW
GetAtomNameA
FormatMessageW
SetEnvironmentVariableW
GetCompressedFileSizeW
CreateDirectoryW
SetEndOfFile
GetCommModemStatus
RaiseException
SetSystemTime
IsBadWritePtr
CompareStringW
GlobalFindAtomW
WritePrivateProfileStringW
FreeLibrary
DuplicateHandle
EnumDateFormatsW
VirtualAlloc
CloseHandle
GetFileType
SetThreadPriorityBoost
FindFirstFileW
GetShortPathNameA
OutputDebugStringW
GlobalReAlloc
PeekConsoleInputW
SetFileAttributesA
CreateFileW
EnumSystemCodePagesA
SetConsoleTitleA
GenerateConsoleCtrlEvent
CopyFileExW
GetFileAttributesExA
GetHandleInformation
GetTapeParameters
ReleaseMutex
GetBinaryTypeW
SetProcessAffinityMask
SetMailslotInfo
RemoveDirectoryW
SetCurrentDirectoryA
CreateDirectoryA
WriteProcessMemory
GetStartupInfoA
GetTickCount
SetThreadLocale
LocalReAlloc
CreateMutexW
DeleteFiber
GetProfileStringA
SetProcessWorkingSetSize
VirtualAllocEx
SetCommTimeouts
LocalLock
FindResourceExW
PulseEvent
ReadConsoleInputW
ExitProcess
GetTempPathW
OutputDebugStringA
WriteFile
GetLogicalDriveStringsA
SearchPathW

user32

PeekMessageW
FindWindowW
GetAncestor
OpenWindowStationW
AppendMenuW
InvalidateRect
DrawStateA
UnregisterClassW
GetClassLongW
DrawIconEx
GetQueueStatus
AppendMenuA
GetDesktopWindow
LoadBitmapW
PostMessageA

gdi32

GetTextMetricsW
CreateICA
PatBlt
GetTextFaceW

comdlg32

CommDlgExtendedError
GetSaveFileNameW

advapi32

CryptAcquireContextW
RegUnLoadKeyA
RegCreateKeyW
GetSidSubAuthority
GetFileSecurityA
GetCurrentHwProfileW
CryptImportKey
GetSidIdentifierAuthority
RegNotifyChangeKeyValue
RegLoadKeyA
EnumServicesStatusW
RegQueryInfoKeyA
CryptReleaseContext
GetSecurityInfo

shell32

Shell_NotifyIconW
SHGetDesktopFolder
SHGetSpecialFolderPathA
SHChangeNotify
SHAddToRecentDocs
ExtractIconExW
DragQueryPoint
Shell_NotifyIconA
FindExecutableW

oleaut32

SafeArrayPutElement
SysAllocStringLen
SafeArrayRedim
SysFreeString
SysStringLen
LoadTypeLi
LoadTypeLibEx
SafeArrayCreate
SetErrorInfo
SafeArrayGetLBound

comctl32

ImageList_LoadImageW
ImageList_GetBkColor
_TrackMouseEvent
CreatePropertySheetPageW

msvcrt

_wputenv
isprint
_wsplitpath
_mbsnbcnt
_ultow
_access
_wremove
wcstol
_errno
_locking
wcsspn
_mbsnicmp
_ismbblead
_chdir
_cwait
_fullpath
freopen
_wgetcwd
frexp
fopen
strerror
_mbsncmp
_strnicoll
wscanf
iswspace
_wcsnset
srand
_isctype
wcstoul
_close
_strupr
strrchr
fflush
_wcsupr
_strrev
_spawnv
_isatty
_get_osfhandle
ungetc
printf
iswalpha
setvbuf
_controlfp
_getcwd
_mbsnbcat
fgetws
atol
rename
iswalnum
toupper
gmtime
_mbsnbcpy
mktime
fwprintf
_wchdir
_ultoa
strstr
_ui64tow

Sections

.text
Size: 7KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e3648252d7d9574a7fdcbf626ccd4d3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

comctl32

msvcrt

Sections

.text Size: 7KB - Virtual size: 223KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 260KB - Virtual size: 259KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 7KB - Virtual size: 223KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 260KB - Virtual size: 259KB

.rsrc
Size: 16KB - Virtual size: 16KB