cf9c0fe138b1e25856cc03e429112a90_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cf9c0fe138b1e25856cc03e429112a90_JaffaCakes118
Size

125KB
MD5

cf9c0fe138b1e25856cc03e429112a90
SHA1

e028bb8486353608e84f2b34224370f926d42c38
SHA256

44b1539911ae43b88a6410349d215bc214369ce9a88b5e049b06ad9aac113c03
SHA512

a9adfab92e8f3ab7e68eb3e33df2f711388fc85e37fc2e0078815c2f215a9966fed06eb956d37cd4c8939b85893c5ee9bf4a3a86b6fc2c8842227652b4c0a6ca
SSDEEP

1536:UDDi8A5nESxis5ex22cSZrxF+JeVQRq7SEcFtjMcdrUn+bdOY1+Ss1fYbWKMMiUW:U9IEjxySVAC4mSEQ/v0e7slKMMiU1m9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf9c0fe138b1e25856cc03e429112a90_JaffaCakes118

Files

cf9c0fe138b1e25856cc03e429112a90_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e077cd696d80fc989d4c121a041c1946

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

AdjustTokenPrivileges
OpenServiceA
CloseServiceHandle
ControlService
LookupPrivilegeValueA
CreateServiceA

ole32

OleSetClipboard
OleDuplicateData
CreateOleAdviseHolder
CreateFileMoniker
CoTaskMemFree
CoTaskMemAlloc
CoResumeClassObjects
CoDisconnectObject
CoInitialize
CoGetClassObject
CoFileTimeNow
OleUninitialize

user32

ToAscii
OffsetRect
LoadImageA
LoadIconA
LoadCursorFromFileA
GetCursor
DialogBoxParamA
DestroyMenu
DestroyCursor
CreateDesktopA
CharUpperA
BeginPaint
SetCursor

shell32

SHBindToParent
SHGetFileInfoA
SHGetMalloc
SHFileOperationA

shlwapi

PathAppendA
SHAutoComplete
PathUnquoteSpacesA
PathCanonicalizeA
PathFileExistsA
PathFindExtensionA

msvcrt

time
realloc
rand
memchr
_errno
malloc
free
_except_handler3
sprintf

kernel32

lstrcpyA
lstrcpynA
WriteFile
VirtualAlloc
SetCurrentDirectoryA
GetFileSize
GetDateFormatA
ExitThread
ExitProcess
EnumResourceLanguagesA
lstrcmpA

Exports

Exports

Bah
Cap
Enz
Jvu
Jzw
Nwf
Pqz
Puk
Vup
Wrf
Xmx
Xzj
Zwp

Sections

.text
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e077cd696d80fc989d4c121a041c1946

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 32KB

.rdata Size: 32KB - Virtual size: 36KB

.data Size: 35KB - Virtual size: 36KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 30KB - Virtual size: 32KB

.rdata
Size: 32KB - Virtual size: 36KB

.data
Size: 35KB - Virtual size: 36KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 28KB