cf912f4c808ec865bea963db6b7ee2a1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cf912f4c808ec865bea963db6b7ee2a1_JaffaCakes118
Size

406KB
MD5

cf912f4c808ec865bea963db6b7ee2a1
SHA1

86d0b1443fb5e75847d3f01720ce5e6037e7b312
SHA256

dda76049357420d3e17e1b4d8894669127011bb0812b6aea83e5e731da314624
SHA512

2b9d5e4fcb021655f1f54913318827d89dd72f0761947944d4df8b5d19328571b12e98f60d91a75d4d736a5f07d959f5f27a039767f2226a769e8513678f848d
SSDEEP

12288:X14AbKQI6wb+nVIl8r4CEd+rovJTkH3SGH:XCAuQI6wSn5ri+/T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf912f4c808ec865bea963db6b7ee2a1_JaffaCakes118

Files

cf912f4c808ec865bea963db6b7ee2a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cfc13ab50783aaaaea4f34a800ba3eb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsChild
ChangeClipboardChain
LoadAcceleratorsW
BeginDeferWindowPos
ExitWindowsEx
SendInput
FlashWindowEx
SetMenuItemInfoW
LockWindowUpdate
DdePostAdvise
GetClassLongW
DdeCreateStringHandleA
DdeInitializeW
VkKeyScanA
SendMessageW
ShowWindow

comdlg32

ChooseFontW
GetSaveFileNameW
FindTextA
PrintDlgA

kernel32

VirtualQuery
MultiByteToWideChar
GetStringTypeW
RtlZeroMemory
GlobalFix
GetACP
GetOEMCP
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetStringTypeA
IsValidLocale
GetProcAddress
GetCommandLineA
SetHandleCount
GetLastError
TlsAlloc
QueryPerformanceCounter
GetConsoleMode
TlsFree
GetSystemInfo
SetEnvironmentVariableA
GetDateFormatA
GetEnvironmentStrings
GetModuleHandleA
InterlockedExchange
HeapDestroy
GetFileType
ExitProcess
CompareStringW
LoadLibraryA
RtlUnwind
WideCharToMultiByte
CreateMutexW
FindResourceW
WriteFile
GetTickCount
GetUserDefaultLCID
VirtualAlloc
CreateEventW
LeaveCriticalSection
EnumSystemLocalesA
InitializeCriticalSection
LCMapStringW
GetStartupInfoA
UnhandledExceptionFilter
GlobalSize
FreeEnvironmentStringsW
GetVersionExA
TlsSetValue
HeapAlloc
HeapReAlloc
VirtualProtect
SetLastError
LCMapStringA
GetCurrentProcessId
HeapSize
TerminateProcess
GetTimeZoneInformation
HeapCreate
GetLocaleInfoW
IsValidCodePage
GetStdHandle
GetCurrentProcess
DeleteCriticalSection
FormatMessageW
FreeEnvironmentStringsA
GetCurrentThreadId
GetTimeFormatA
GetCPInfo
GetCurrentThread
CompareStringA
CreateEventA
HeapFree
TlsGetValue
GetLocaleInfoA
GetModuleFileNameA
IsBadWritePtr
EnterCriticalSection
VirtualFree
GetFileTime

wininet

GopherFindFirstFileA
InternetSetDialState
FtpCommandA

advapi32

AbortSystemShutdownW
RegCreateKeyExW
ReportEventA
CryptVerifySignatureA
CryptSetProvParam
LookupAccountSidW
CryptGetHashParam
RegSaveKeyW
CryptDecrypt
RegReplaceKeyA
RegEnumKeyA
LogonUserW
CryptHashSessionKey
CryptSetProviderExW
RegNotifyChangeKeyValue
CryptDuplicateKey
RegQueryValueExW
RevertToSelf

gdi32

AnimatePalette
SetMapperFlags
DPtoLP
GetTextExtentPoint32W
DeviceCapabilitiesExA
ResizePalette
AddFontResourceA
GetTextExtentPointW
SetViewportExtEx
FloodFill
GetTextExtentExPointW
GetViewportOrgEx
UnrealizeObject
SetBitmapBits
CreateBitmap
CreateScalableFontResourceA
PtInRegion
Pie
SetTextJustification
CopyMetaFileW

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cfc13ab50783aaaaea4f34a800ba3eb8

Headers

File Characteristics

Imports

user32

comdlg32

kernel32

wininet

advapi32

gdi32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 8KB - Virtual size: 22KB

.data Size: 277KB - Virtual size: 277KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 8KB - Virtual size: 22KB

.data
Size: 277KB - Virtual size: 277KB

.rsrc
Size: 3KB - Virtual size: 3KB