cfc73acc481cc80710201f4b9f98a3bc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cfc73acc481cc80710201f4b9f98a3bc_JaffaCakes118
Size

239KB
MD5

cfc73acc481cc80710201f4b9f98a3bc
SHA1

37779b8a89f9022134a1d81e192a4ea0484444e6
SHA256

4f382c26d609ae468f2990da48f920f587d2d6916401e6864ad8a1481da5a1cc
SHA512

21b5cc00a083ec0d702266dd33743dca3a45afd1b607dfe4f6ed08fc3b0de19b376476f89a2a7818e53b307ea6fdd9c1fcd6fab5af0987d20769433694b72051
SSDEEP

6144:k4pRtdXFUVdbPc5oMHoc0QKly0O2dh+nDM:k4Rtd1ihPBioMSy92dh+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfc73acc481cc80710201f4b9f98a3bc_JaffaCakes118

Files

cfc73acc481cc80710201f4b9f98a3bc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

006895a97df792679e3d99cfffe55dc5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleW
FindTextW
GetSaveFileNameW
GetOpenFileNameA
PrintDlgExW
ReplaceTextW
ChooseFontW
PrintDlgW
GetOpenFileNameW
GetSaveFileNameA

user32

SetSysColorsTemp
CreateWindowExA
SendMessageTimeoutA
GetWindowLongA
AppendMenuW
GetPropW
FindWindowExW
InsertMenuW
ShowCaret
FrameRect
ValidateRect
ShowWindowAsync
LockWindowUpdate
SwapMouseButton
MapVirtualKeyW
GetDlgItemInt
SetScrollPos
BeginPaint

kernel32

GetThreadTimes
DosDateTimeToFileTime
GetTickCount
GetShortPathNameW
GetCurrentProcessId
SleepEx
QueryDosDeviceW
GlobalUnlock
OpenEventW
LocalFree
GetModuleHandleA
FindFirstChangeNotificationW
Sleep
GetFileSize
WaitForSingleObjectEx
ClearCommError

shlwapi

StrDupA

winspool.drv

EnumPortsA

gdi32

AddFontResourceW
CreateFontW
GetROP2
GetSystemPaletteEntries
Escape
PatBlt
FillRgn
GetObjectW
CreateFontIndirectA
CreatePen
GetDIBits
GetRgnBox
GetTextFaceW
CreateFontIndirectW
GetPixel
EnumFontFamiliesExW

msvcrt

iswxdigit
getc
wcsncat
realloc
strchr
isalnum
strspn
wcstoul
ctime
isupper
strcoll

Exports

Exports

_RAS_mZmyt_afes@8
_CYCq_kic_bCd_rc@4
_LdQ_dbvxw_hfk@12

Sections

.icode
Size: 512B - Virtual size: 219KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 137B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vars
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

006895a97df792679e3d99cfffe55dc5

Headers

File Characteristics

Imports

comdlg32

user32

kernel32

shlwapi

winspool.drv

gdi32

msvcrt

Exports

Exports

Sections

.icode Size: 512B - Virtual size: 219KB

.text Size: 30KB - Virtual size: 30KB

.idata Size: 2KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 137B

.vars Size: 512B - Virtual size: 512B

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 196KB - Virtual size: 195KB

.reloc Size: 4KB - Virtual size: 4KB

.icode
Size: 512B - Virtual size: 219KB

.text
Size: 30KB - Virtual size: 30KB

.idata
Size: 2KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 137B

.vars
Size: 512B - Virtual size: 512B

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 196KB - Virtual size: 195KB

.reloc
Size: 4KB - Virtual size: 4KB