cfc8c7231aabdc659b38b1d4b0123221_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cfc8c7231aabdc659b38b1d4b0123221_JaffaCakes118
Size

84KB
MD5

cfc8c7231aabdc659b38b1d4b0123221
SHA1

f6d6f1e5851ee59ce8407c8757c38e5e4b18820a
SHA256

d67abc2f3590e24b9e2af034de0d1de2f9d349b099d8495b50ef88aecf8e571e
SHA512

ce03ef7937676e4e942bcf5bc29d25e8bf28622d84b8e0b189015746cbf06983ac451b8f67caf83cc29b6034bc7947b02bdf6aaa598e440a8983b16abcce16e8
SSDEEP

1536:xNJb22AhH8lrF6PVAzlz5Y3VH4W4HhYiTzYEwNiIDQoGkbHH6ZoLYremDLtcD1rw:xfa2AKlrF6PVAZGaxHhnTEEW7DQxqLzC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfc8c7231aabdc659b38b1d4b0123221_JaffaCakes118

Files

cfc8c7231aabdc659b38b1d4b0123221_JaffaCakes118
.exe windows:4 windows x86 arch:x86

85ead6516e276685a78eddf4dbee8285

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

GetTickCount
LocalAlloc
CloseHandle
lstrlenA
GetLocaleInfoW
DeleteFileA
GetFileType
GetModuleFileNameA
CreateFileA
ReleaseMutex
GetWindowsDirectoryA
CreateMutexA
GetLastError
SetUnhandledExceptionFilter
OutputDebugStringA
GetCommandLineA
WriteFile
GetProcAddress
TlsAlloc
VirtualQuery
EnterCriticalSection
GetThreadLocale
EnumSystemLocalesA
HeapFree
GetEnvironmentStrings
MultiByteToWideChar
IsValidLocale
GetCurrentProcessId
GetOEMCP
GetStdHandle
FreeEnvironmentStringsA
lstrcpynA
GetCurrentThreadId
LoadLibraryW
SetHandleCount
LCMapStringA
InitializeCriticalSection
GetSystemInfo
VirtualFree
SetEvent
GetStringTypeA
SetFilePointer
UnmapViewOfFile
LeaveCriticalSection
Sleep
SetStdHandle
InterlockedIncrement
QueryPerformanceCounter
HeapCreate
CreateEventA
GetSystemTimeAsFileTime
TlsGetValue
GetStartupInfoA
GetCurrentProcess
GetEnvironmentStringsW
HeapReAlloc
FreeEnvironmentStringsW
TerminateProcess
IsDBCSLeadByte
GetVersionExA
FlushFileBuffers
GetCPInfo
SetFileAttributesA
FormatMessageA
MapViewOfFile
UnhandledExceptionFilter
ExitProcess
TlsSetValue
LoadLibraryA
GetModuleHandleA
WideCharToMultiByte
HeapDestroy
HeapAlloc
LCMapStringW
WaitForMultipleObjects
InterlockedExchange
SetCurrentDirectoryW
lstrcpyA
GetUserDefaultLCID
WaitForSingleObject
FreeLibrary
SetLastError
VirtualAlloc
GetACP
SetThreadLocale
GetCurrentDirectoryW
VirtualProtect
LocalFree
TlsFree
GetLocaleInfoA
DeleteCriticalSection
GetProcessHeap
IsValidCodePage
RaiseException
GetStringTypeW

ntdll

RtlUnwind

avifil32

AVIFileOpenW

setupapi

SetupCloseInfFile

Sections

.textbss
Size: - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85ead6516e276685a78eddf4dbee8285

Headers

File Characteristics

Imports

user32

kernel32

ntdll

avifil32

setupapi

Sections

.textbss Size: - Virtual size: 448KB

.idata Size: 3KB - Virtual size: 2KB

.rdata Size: 79KB - Virtual size: 78KB

.text Size: 512B - Virtual size: 412B

.rsrc Size: 512B - Virtual size: 32B

.textbss
Size: - Virtual size: 448KB

.idata
Size: 3KB - Virtual size: 2KB

.rdata
Size: 79KB - Virtual size: 78KB

.text
Size: 512B - Virtual size: 412B

.rsrc
Size: 512B - Virtual size: 32B