cfc594601a0f2e8cf7f51022f6c07667_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cfc594601a0f2e8cf7f51022f6c07667_JaffaCakes118
Size

230KB
MD5

cfc594601a0f2e8cf7f51022f6c07667
SHA1

2d18017eb68b4892d9e0979e498b25bba00771e9
SHA256

0aaa0ae1d1eb74059cef671852618c79f734c401bb9292574667ba254dfcb9d6
SHA512

7a47a07c50970585f01bde5a50f51747b384a61f07ad91385b565dd939aeb649b7350eeb302d2b82d331d635272a650d83d83f7c37bf00df603fb2cc73e7d32c
SSDEEP

3072:PTyjnd5JPJwZPiFZmLoSik6kzfYv9DARQGbe1K/hwj6xOd5O2oy/MiED7GR2Bsj:PmjnHJmZ6vsirkr5RQ96Jsd5l/sGR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfc594601a0f2e8cf7f51022f6c07667_JaffaCakes118

Files

cfc594601a0f2e8cf7f51022f6c07667_JaffaCakes118
.exe windows:5 windows x86 arch:x86

64c9b3292e163af6d822ebc63fed60cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptAcquireContextW
CryptCreateHash
CryptDestroyHash
CryptDestroyKey
CryptExportKey
CryptGetHashParam
CryptHashData
CryptReleaseContext
ElfDeregisterEventSource
ElfRegisterEventSourceW
ElfReportEventW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW

user32

DestroyIcon
LoadIconW
LoadStringW
wsprintfA
wsprintfW

ole32

CoTaskMemFree
CoUninitialize
CreateStreamOnHGlobal
CoCreateInstance
GetHGlobalFromStream
ReleaseStgMedium
StringFromCLSID
StringFromGUID2
CoInitialize
CoTaskMemAlloc

kernel32

CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeviceIoControl
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
ExitThread
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileAttributesW
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExA
GetVolumeInformationW
GetWindowsDirectoryA
CloseHandle
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
IsValidLocale
CompareStringA
LCMapStringA
LCMapStringW
CompareStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
ResetEvent
ResumeThread
RtlUnwind
SetEndOfFile
SetEnvironmentVariableA
CreateEventA
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
CreateFileA
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
SystemTimeToFileTime
CreateFileW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualLock
VirtualUnlock
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
CreateMutexA
lstrcmpiA
lstrlenA
lstrlenW

gdi32

ArcTo
DeleteDC
DeleteObject
EnumMetaFile
Escape
ExcludeClipRect
ExtCreatePen
ExtSelectClipRgn
ExtTextOutA
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetDCOrgEx
GetDeviceCaps
CreateBitmap
GetObjectA
GetObjectType
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
MoveToEx
OffsetClipRgn
OffsetViewportOrgEx
OffsetWindowOrgEx
CreateDIBPatternBrushPt
PlayMetaFile
PlayMetaFileRecord
PolyBezierTo
PolyDraw
PolylineTo
PtVisible
RectVisible
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipPath
SelectClipRgn
SelectObject
SelectPalette
SetArcDirection
SetBkColor
SetBkMode
SetColorAdjustment
SetMapMode
SetMapperFlags
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
SetTextCharacterExtra
SetTextColor
SetTextJustification
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StartDocA
TextOutA
CreateHatchBrush
CreatePatternBrush
CreatePen
CreateRectRgn
CreateSolidBrush

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64c9b3292e163af6d822ebc63fed60cb

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

ole32

kernel32

gdi32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 17KB - Virtual size: 32KB

.reloc Size: 14KB - Virtual size: 16KB

.rsrc Size: 11KB - Virtual size: 12KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 17KB - Virtual size: 32KB

.reloc
Size: 14KB - Virtual size: 16KB

.rsrc
Size: 11KB - Virtual size: 12KB