cf75896f9a0695adaa56c656ff271ad9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cf75896f9a0695adaa56c656ff271ad9_JaffaCakes118
Size

349KB
MD5

cf75896f9a0695adaa56c656ff271ad9
SHA1

9ec6238561dc706076e7e32428c86569ac82390d
SHA256

7b3bc82104af79d8578c3597e395b0b531a1af0134853af337785fb34873a584
SHA512

960c2c5e9710e8176c7459f4987572f183c78a54e84729db7069df4bfb3f7abe891f027cb6087b05379caca3ebd9c749607a7a22a3ae02c28ef49c5296762487
SSDEEP

6144:Yk4M4hITC/B6c0bguZOm9CUavs25F7fRWGbaQ8dSLEu1v6:yd0kZEaP5FlojdaEu1v6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf75896f9a0695adaa56c656ff271ad9_JaffaCakes118

Files

cf75896f9a0695adaa56c656ff271ad9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c920374c9c0c4bc6f803d3ac5a7240e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\npvanyeukv\stdewseu\tbsu\elop\xpda\swejke.pdb

Imports

comctl32

InitCommonControlsEx

advapi32

LookupPrivilegeNameA
RegEnumValueW
CryptGetKeyParam
LookupPrivilegeDisplayNameW
RegNotifyChangeKeyValue
LookupAccountSidW
RegRestoreKeyA
RegSaveKeyA
ReportEventA

kernel32

GetProfileSectionW
GetOEMCP
GetACP
GetCurrentThreadId
GetStringTypeW
GetCPInfo
SetThreadPriority
FreeLibrary
GetConsoleOutputCP
WriteConsoleA
LoadLibraryExW
GetCurrentProcessId
GetCurrencyFormatW
GetModuleFileNameA
TerminateProcess
CompareStringA
EnterCriticalSection
CommConfigDialogW
CreateMutexA
InterlockedDecrement
SetEnvironmentVariableA
GetLastError
CreateProcessW
CreateDirectoryW
Sleep
GetConsoleCP
GetLocaleInfoW
GlobalAddAtomA
GetLocaleInfoA
UnhandledExceptionFilter
GetCurrentThread
LocalFileTimeToFileTime
SetComputerNameA
GetConsoleMode
OpenMutexA
GetTickCount
TlsAlloc
FreeEnvironmentStringsW
TlsGetValue
GetDateFormatA
WriteConsoleW
ExitProcess
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
RtlUnwind
HeapReAlloc
SetConsoleCtrlHandler
IsBadWritePtr
SetHandleCount
CompareStringW
GetCommandLineA
GetTimeFormatA
GetSystemTimeAsFileTime
LeaveCriticalSection
GetModuleFileNameW
IsValidLocale
GetCommandLineW
InterlockedIncrement
ReadFile
TlsFree
SetStdHandle
GetEnvironmentStrings
IsValidCodePage
OpenFile
SetLastError
EnumDateFormatsExW
GetCurrentProcess
LoadLibraryA
HeapFree
GetVersionExA
TlsSetValue
GetTimeZoneInformation
GetStartupInfoW
HeapSize
TryEnterCriticalSection
CreateFileA
GetEnvironmentStringsW
FlushFileBuffers
QueryPerformanceCounter
LCMapStringW
WriteProfileSectionW
GetProcessHeap
CreateMutexW
ReadConsoleInputW
GlobalFindAtomA
VirtualQuery
EnumSystemLocalesA
GetProcAddress
WideCharToMultiByte
GetStdHandle
SetFilePointer
VirtualAlloc
HeapCreate
DeleteCriticalSection
IsDebuggerPresent
LCMapStringA
GetStringTypeA
GetModuleHandleA
InterlockedExchange
VirtualFree
GetFileType
HeapAlloc
InitializeCriticalSection
GetUserDefaultLCID
HeapDestroy
GetStartupInfoA
CloseHandle
GetProfileStringA
WriteFile
MultiByteToWideChar

wininet

FindNextUrlCacheContainerW
RetrieveUrlCacheEntryFileW
InternetCheckConnectionW
RetrieveUrlCacheEntryFileA

user32

SetWindowContextHelpId
DdeInitializeA
RegisterClassExA
DialogBoxParamA
RegisterClassA
SetClassWord
SendDlgItemMessageW
EnumDesktopsW
CreateMDIWindowA
SetPropA
ShowWindowAsync
CreateCursor
DdeDisconnectList
MessageBoxExA
GetUserObjectInformationW
GetKBCodePage
BroadcastSystemMessageW
GetKeyboardType
GetClassInfoW
DeferWindowPos
EnumChildWindows
IsDialogMessage
ChangeDisplaySettingsA
DrawTextW
SetSystemCursor
CharToOemA

Sections

.text
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c920374c9c0c4bc6f803d3ac5a7240e5

Headers

File Characteristics

PDB Paths

Imports

comctl32

advapi32

kernel32

wininet

user32

Sections

.text Size: 228KB - Virtual size: 228KB

.rdata Size: 17KB - Virtual size: 40KB

.data Size: 92KB - Virtual size: 91KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 228KB - Virtual size: 228KB

.rdata
Size: 17KB - Virtual size: 40KB

.data
Size: 92KB - Virtual size: 91KB

.rsrc
Size: 10KB - Virtual size: 9KB