cfa1ec19c1729ef839dd7893fa7ea7eb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cfa1ec19c1729ef839dd7893fa7ea7eb_JaffaCakes118
Size

496KB
MD5

cfa1ec19c1729ef839dd7893fa7ea7eb
SHA1

07f87ca8c504583b7a59a5bddb1f454acbd478fc
SHA256

ee347c77fc19c42220bf94abf0defbd371251fd3a260f3b0350340e052f957c1
SHA512

da79d9f271f2a98e281526f0ffe431370c30ad8bdff61c89896e7f90d419c150a4400b634798d4246bf707229cbac5753f53c4725d0a4ce437503fccd95ab45e
SSDEEP

12288:UrpedUmdM+2ALe24q96EiI5EekMQcSRu31RahFSrhLwbSXtbfV22TacZ:KpgUmP2ceVq/iI5NkRJH02ST22N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfa1ec19c1729ef839dd7893fa7ea7eb_JaffaCakes118

Files

cfa1ec19c1729ef839dd7893fa7ea7eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e964e9d9d50747ec056a08fb4a95ba00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetMailslotInfo
LeaveCriticalSection
IsBadWritePtr
GetSystemTimeAsFileTime
EnterCriticalSection
MultiByteToWideChar
WriteFile
InitializeCriticalSection
GetVersion
GetEnvironmentStrings
LoadLibraryA
TerminateProcess
GetStartupInfoA
GetModuleFileNameA
QueryPerformanceCounter
DeleteCriticalSection
GetLocalTime
InterlockedIncrement
RtlUnwind
GetCommandLineA
CreateMutexA
GetTickCount
VirtualFree
GetProcAddress
WideCharToMultiByte
ExitProcess
SetComputerNameW
GetStringTypeA
HeapAlloc
GetSystemTime
VirtualAlloc
SetEnvironmentVariableA
GetCPInfo
TlsSetValue
UnhandledExceptionFilter
GetStringTypeW
GetTimeZoneInformation
GetACP
GetCurrentProcessId
CloseHandle
ReadFile
OpenMutexA
GetFileType
FlushFileBuffers
GetModuleHandleA
GlobalReAlloc
SetFilePointer
GetCurrentThreadId
CompareStringA
InterlockedExchange
HeapReAlloc
GetCurrentProcess
GetOEMCP
GetPrivateProfileIntA
GetCurrentThread
TlsAlloc
FreeEnvironmentStringsW
CompareStringW
SetStdHandle
LCMapStringA
HeapFree
FreeEnvironmentStringsA
HeapCreate
LCMapStringW
GetLastError
GetStdHandle
SetHandleCount
SetLastError
GetEnvironmentStringsW
WriteConsoleOutputAttribute
HeapDestroy
VirtualQuery
InterlockedDecrement
TlsGetValue
TlsFree

comctl32

ImageList_GetImageInfo
ImageList_DragMove
ImageList_Read
ImageList_Remove
ImageList_DragLeave
ImageList_EndDrag
ImageList_SetFilter
CreateStatusWindowW
CreatePropertySheetPage
CreateStatusWindow
InitCommonControlsEx

user32

SetLastErrorEx
EnumDisplaySettingsExA
RegisterClassA
ToAscii
GetThreadDesktop
GetSysColor
GetKeyNameTextA
GetAsyncKeyState
GetUpdateRect
WindowFromDC
SendIMEMessageExW
DdeImpersonateClient
VkKeyScanW
CloseWindowStation
GetWindowTextW
SendMessageTimeoutA
LoadMenuW
SetMenuItemBitmaps
GetSystemMenu
MessageBoxW
EnableWindow
RegisterClassExA
RemovePropW
SetWindowPos
AttachThreadInput

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 241KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e964e9d9d50747ec056a08fb4a95ba00

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 241KB - Virtual size: 258KB

.data Size: 122KB - Virtual size: 121KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 241KB - Virtual size: 258KB

.data
Size: 122KB - Virtual size: 121KB

.rsrc
Size: 8KB - Virtual size: 7KB