cf8d066097a61bf7fbf77ff8d1e8edc5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cf8d066097a61bf7fbf77ff8d1e8edc5_JaffaCakes118
Size

299KB
MD5

cf8d066097a61bf7fbf77ff8d1e8edc5
SHA1

18d7f874f5f19617dea1a1e5f56619030c5a94ae
SHA256

16cd047ac7ae5439d91d91716f47dde9f1cb8aa5c597ad0ef1bc0665a2ef4893
SHA512

0fb41dd38554e31fe7cf8cbec0e0a4e048acb3bf751e0090403aa2859a9a375d315d55974cf9c382d588f1d83a330d1666089d25a7f14d5350035d822c3a3367
SSDEEP

6144:zvILezATY3Pnnnbnnn4ghehooA3/0Y76V1KSpb+:zYez3cNooA3/72Npb+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf8d066097a61bf7fbf77ff8d1e8edc5_JaffaCakes118

Files

cf8d066097a61bf7fbf77ff8d1e8edc5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

62a522226a71341b273ad7b67c0f20cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

ConfigurePortW
AddMonitorW

user32

GetAsyncKeyState
TrackPopupMenuEx
LockWindowUpdate
GetInternalWindowPos
GetUpdateRect
InsertMenuItemW
LoadMenuA
GetSubMenu
EnumPropsExA
GetUpdateRgn
TrackPopupMenu
SetMenuItemInfoW
CopyImage
TranslateAcceleratorW
CascadeWindows
IntersectRect
GetDlgItem
UnionRect
GetWindowLongA
GetCursorPos
FrameRect
ClipCursor
GetSystemMetrics
TileWindows
DlgDirListW
GetMenuState

comctl32

InitCommonControlsEx
ImageList_Destroy
CreateStatusWindowW
PropertySheetW
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_LoadImageW
CreateToolbarEx
CreatePropertySheetPageA
ImageList_GetIcon
PropertySheetA

msvcrt

setlocale
strchr
wcschr
getchar
wcsspn
wprintf
strrchr
calloc
strtok
floor
mktime

kernel32

CreateEventA
SetCommBreak
HeapQueryInformation
IsDBCSLeadByte
lstrcatA
GetLongPathNameA
lstrcmpW
GetCalendarInfoA
OpenWaitableTimerA
WritePrivateProfileStringA
GetCurrentThreadId
GetDriveTypeA
FormatMessageA
GetProcessHeap
GetTickCount
LoadLibraryW
GetFileSize
InitializeCriticalSection
GetModuleHandleW
SetFilePointer
GlobalAddAtomA
WaitCommEvent
ExpandEnvironmentStringsW
LoadResource
GlobalFindAtomW
GetLongPathNameW
GetTempFileNameA

gdi32

PaintRgn
SelectClipRgn
SetRectRgn
GetObjectA
SetBkMode
GetTextExtentPointA
CreateICA
GetNearestColor
ExcludeClipRect
RectVisible
GetNearestPaletteIndex
CreateFontIndirectA
GetGlyphOutlineA
CreatePolygonRgn
EnumFontsA
SetBitmapBits
GetTextMetricsA

Exports

Exports

_RlEaW_cjgup_gns@16
_GINlz_vnjwr_un@12
_ZfGqj_xAg_zj@4
_CNLyo_jghuxF@8
_ChN_emP_gkofif@4

Sections

.code
Size: 1024B - Virtual size: 283KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.globals
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.memory
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62a522226a71341b273ad7b67c0f20cc

Headers

File Characteristics

Imports

winspool.drv

user32

comctl32

msvcrt

kernel32

gdi32

Exports

Exports

Sections

.code Size: 1024B - Virtual size: 283KB

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 7KB - Virtual size: 7KB

.globals Size: 512B - Virtual size: 512B

.memory Size: 512B - Virtual size: 512B

.rsrc Size: 251KB - Virtual size: 251KB

.reloc Size: 1024B - Virtual size: 760B

.code
Size: 1024B - Virtual size: 283KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 7KB - Virtual size: 7KB

.globals
Size: 512B - Virtual size: 512B

.memory
Size: 512B - Virtual size: 512B

.rsrc
Size: 251KB - Virtual size: 251KB

.reloc
Size: 1024B - Virtual size: 760B