cfc78eeec366af553eeb63aeee53e48b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cfc78eeec366af553eeb63aeee53e48b_JaffaCakes118
Size

304KB
MD5

cfc78eeec366af553eeb63aeee53e48b
SHA1

c64e12273c185811c7f18817356dc5337a61a921
SHA256

a8547cf258c46dee244350b39ae184821292669e7f413f12628ad24308d8acf9
SHA512

a2b66f307ce8806b29a16f87be5af0ecdf061ec3db08736e2707a456ee16416b71040fc4d1fec6f6e76c9134ec3ad49429757aaf8b8f9d7e83597e3d74a66a09
SSDEEP

6144:kxVF6GbhaaYdiUIM7oQo7Hi4Cd3EMZh7vyVSKEleLMehE3:kxvfhSdiwoHCdb7KVVmt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfc78eeec366af553eeb63aeee53e48b_JaffaCakes118

Files

cfc78eeec366af553eeb63aeee53e48b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30a5f00c3c09f75084723e56ce26934f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFileEx
HeapReAlloc
GetVolumeInformationA
GetModuleHandleA
GetLocaleInfoA
SwitchToThread
GetVersionExA
SetCommState
CreateThread
Module32First
SetCommConfig
VirtualProtect
GlobalUnWire
EnterCriticalSection
ClearCommError
GlobalAddAtomW
ExitProcess
CreateFileMappingA
IsBadStringPtrW
GetDateFormatA
FindFirstChangeNotificationW
GetEnvironmentStringsW
MoveFileW
Sleep
_lcreat
GetPrivateProfileSectionNamesA
GetDiskFreeSpaceExW
lstrcmpA
ResetEvent
CreateDirectoryExA
GetCommandLineW
GetProcessPriorityBoost
CreateEventW
SetConsoleScreenBufferSize
VirtualQueryEx
lstrcpyA
GetStringTypeW
AddAtomW
EnumTimeFormatsA
ReleaseMutex
GetStartupInfoA
VirtualUnlock
VerLanguageNameA
FindCloseChangeNotification
GetWindowsDirectoryA
GetConsoleTitleA
FlushInstructionCache
EndUpdateResourceA
GetTempFileNameW
SetLocalTime
MulDiv
SetSystemPowerState
GlobalFindAtomW
SetTapePosition
SetFileAttributesA
SetConsoleOutputCP
FindResourceExW
GetSystemTimeAdjustment
GetAtomNameW
FreeLibrary

user32

VkKeyScanExA
OpenDesktopW
DlgDirSelectComboBoxExA
DialogBoxParamW
GetClassInfoExA
CharPrevW
RegisterClassW
SendMessageTimeoutW
ExitWindowsEx
OffsetRect
GetClassWord
GetScrollInfo
IsDialogMessageA
SetWindowLongA
LoadStringW
GetUserObjectSecurity
GetClassLongA
SetParent
CheckMenuItem
KillTimer
CheckRadioButton
FillRect
CharToOemW
CallMsgFilterA
IsDlgButtonChecked
WindowFromPoint
DefMDIChildProcW
GetSystemMetrics
LoadIconW
ChildWindowFromPoint
CharLowerW
DefFrameProcW
GetMessageW
MapVirtualKeyExA
GetMessageTime
CharPrevA
ModifyMenuA
MapVirtualKeyA
ChangeDisplaySettingsW
EnumClipboardFormats
GetUserObjectInformationW
MsgWaitForMultipleObjects
DrawFrameControl

gdi32

CancelDC
PolyDraw
SetICMProfileA
GetTextCharsetInfo
CreatePatternBrush
EnumFontsW
GetColorAdjustment
RectVisible
GetCurrentPositionEx
GetDIBColorTable
CreateRoundRectRgn
UpdateICMRegKeyA
TextOutW
GetWindowExtEx
CreateDiscardableBitmap
DeleteDC
CreateDIBPatternBrushPt
SetBrushOrgEx
CloseEnhMetaFile
CreateEnhMetaFileW
GetLogColorSpaceW
ResetDCW
AngleArc
GetRegionData
CreateICW

comdlg32

FindTextW
PageSetupDlgW

advapi32

SetSecurityDescriptorSacl
GetServiceDisplayNameW
StartServiceA
BuildTrusteeWithNameW
BuildExplicitAccessWithNameW
DeregisterEventSource
CryptGetUserKey
RegUnLoadKeyW
DeleteAce
RegGetKeySecurity
ImpersonateLoggedOnUser
EqualSid
RegQueryInfoKeyW
EnumDependentServicesW
RegEnumKeyW
NotifyChangeEventLog
RegCloseKey
OpenEventLogW
CryptImportKey
RegQueryValueW
ReportEventA
ImpersonateSelf
ReadEventLogA
DestroyPrivateObjectSecurity
FreeSid
GetNamedSecurityInfoW
RegSetValueA
RegUnLoadKeyA
RegReplaceKeyW

shell32

SHGetMalloc
CommandLineToArgvW
SHGetDesktopFolder
SHFileOperationA
SHLoadInProc
ExtractIconW
ShellAboutW
ShellAboutA
ShellExecuteExW
SHQueryRecycleBinA
SHAppBarMessage

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_controlfp

Sections

.text
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30a5f00c3c09f75084723e56ce26934f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

msvcrt

Sections

.text Size: 276KB - Virtual size: 275KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 22KB - Virtual size: 21KB

.text
Size: 276KB - Virtual size: 275KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 22KB - Virtual size: 21KB