cf97d6d938f483bddf824eda54df21d7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cf97d6d938f483bddf824eda54df21d7_JaffaCakes118
Size

557KB
MD5

cf97d6d938f483bddf824eda54df21d7
SHA1

844adc2e47dda0125d761571c7ace2a4f5fee165
SHA256

a02d4c188c195cdd80eb2d1d762b028960a3eaf77b5c84ff7b979a1b51ad0551
SHA512

e98bdfbc8eece5f4c9e91b3549c790b87c64acce27d07cc7dbaaeb871d6515296cf3ef764e0d7eb04b2a95a88aa4eeb84ae89e3f4ef0a1cb2340b07f3f9a374e
SSDEEP

12288:lcRqla5JmiEhXZCrfySxwalCUf+CrF5xjcRs7+VAut5:leql7iEhXZCBx3lCerFbwmyVAg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf97d6d938f483bddf824eda54df21d7_JaffaCakes118

Files

cf97d6d938f483bddf824eda54df21d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4e4868837c7e7b536d6a9a817293172d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHFileOperationA
SHFreeNameMappings
DragQueryFileAorW

comctl32

InitCommonControlsEx

kernel32

IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsW
SetEvent
ReadConsoleOutputCharacterA
GetFileType
TerminateProcess
GetSystemTimeAsFileTime
ReadFile
LCMapStringW
TlsFree
GetModuleFileNameA
LeaveCriticalSection
GetEnvironmentStringsW
InitializeCriticalSection
GetOEMCP
VirtualFree
HeapFree
GetConsoleOutputCP
GetLocalTime
TlsSetValue
SetStdHandle
VirtualQuery
HeapAlloc
LoadLibraryA
CloseHandle
WriteFile
GetSystemTime
InterlockedDecrement
HeapReAlloc
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
WideCharToMultiByte
GetCurrentThreadId
CompareStringW
CompareFileTime
GetDriveTypeA
ExitProcess
GetStartupInfoA
CreateMutexA
QueryPerformanceCounter
GetLastError
GetACP
TlsAlloc
FlushFileBuffers
GetCommandLineA
GetCurrentThread
GetProcAddress
SetFilePointer
GetCPInfo
CompareStringA
GetCurrentProcessId
VirtualAlloc
SetLastError
InterlockedExchange
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetTickCount
GetStringTypeA
InterlockedIncrement
GetCurrentProcess
GetNumberFormatW
GetModuleHandleA
HeapDestroy
SetEnvironmentVariableA
DeleteCriticalSection
MultiByteToWideChar
EnterCriticalSection
OpenMutexA
SetHandleCount
GetVersion
TlsGetValue
RtlUnwind
LCMapStringA
HeapCreate
GetStringTypeW

gdi32

CopyEnhMetaFileW
PaintRgn
GetRgnBox
GetKerningPairsW
CreateEllipticRgnIndirect
GetKerningPairsA
SetMiterLimit
EnableEUDC
GdiPlayJournal
GetRandomRgn
SetPixelFormat
ChoosePixelFormat
GetTextExtentExPointA
PolyBezierTo
GetCurrentObject

user32

SetDlgItemInt
RegisterClassA
OemToCharA
DestroyIcon
CreateWindowExW
EnumDisplayDevicesA
GetActiveWindow
IsCharAlphaW
wvsprintfW
CreateDesktopW
GetGUIThreadInfo
MapWindowPoints
GetSysColor
DdeCreateStringHandleW
DestroyWindow
InternalGetWindowText
IsCharLowerW
LoadCursorFromFileA
RegisterClassExA
GetWindowRgn
CharToOemBuffW
GetWindowLongW

Sections

.text
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e4868837c7e7b536d6a9a817293172d

Headers

File Characteristics

Imports

shell32

comctl32

kernel32

gdi32

user32

Sections

.text Size: 228KB - Virtual size: 227KB

.rdata Size: 4KB - Virtual size: 11KB

.data Size: 314KB - Virtual size: 313KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 228KB - Virtual size: 227KB

.rdata
Size: 4KB - Virtual size: 11KB

.data
Size: 314KB - Virtual size: 313KB

.rsrc
Size: 9KB - Virtual size: 9KB