cfb3bf66af6996e3e485c5eb64f13469_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cfb3bf66af6996e3e485c5eb64f13469_JaffaCakes118
Size

168KB
MD5

cfb3bf66af6996e3e485c5eb64f13469
SHA1

f12a750958d04206dfcb7959eacdc3ad2963b72e
SHA256

1e94768d6dbbc8d59b515034ad2082158df8aa21e40c4b5c4a91214437df4f16
SHA512

05a4ac6b2170983b9a5c6f253260b610d3f23af70301598e3d167bfae0619997e53c0ae3c359107c9b9ecca958c61a6746ccc2b72a84f4eb2e791a91634772c8
SSDEEP

3072:NJ4wSfoIZS5mN28DRRRnWYlF/mfYWdM70lH+gn56qcdX3rzpTmGhRXRh+M:X+fYR8tnTF/Ic4llFcFN5+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfb3bf66af6996e3e485c5eb64f13469_JaffaCakes118

Files

cfb3bf66af6996e3e485c5eb64f13469_JaffaCakes118
.exe windows:4 windows x86 arch:x86

95129a4f66346807f7ed8b8d4e19104b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

urlmon

CreateURLMoniker
CreateAsyncBindCtx
RegisterBindStatusCallback

kernel32

GetThreadLocale
GetTickCount
GetStringTypeExW
IsDebuggerPresent
GetStringTypeExA
GetCurrentProcessId
FreeLibrary
GetStartupInfoA
InterlockedExchange
CompareStringW
UnhandledExceptionFilter
GetProcAddress
GetCurrentProcess
lstrcmpiW
GetProcessVersion
GetVersionExA
GetVersion
GetModuleFileNameA
TerminateProcess
FormatMessageA
ExitProcess
LoadLibraryA
lstrlenW
MultiByteToWideChar
SetUnhandledExceptionFilter
CompareStringA
InterlockedCompareExchange
GetEnvironmentVariableW
GetLastError
HeapAlloc
Sleep
GetSystemTimeAsFileTime
HeapFree
GetCurrentProcessId
lstrcmpiA
QueryPerformanceCounter
GetProcessHeap
OutputDebugStringA
GetEnvironmentVariableA
WideCharToMultiByte
GetLocaleInfoA
GetCurrentThreadId
lstrlenA
GetACP
InterlockedDecrement
GetUserDefaultLCID

ddraw

DirectDrawCreate
DirectDrawEnumerateA
DirectDrawCreateEx

gdi32

CreateMetaFileA
GetTextMetricsA
GetObjectA
DeleteMetaFile
GetRgnBox
CreateRectRgnIndirect
CreateDCA
GetTextExtentPoint32A
CreateCompatibleDC
DeleteDC
CloseMetaFile

shlwapi

PathCompactPathA

user32

InflateRect
GetCursorPos
CharLowerA
ReleaseDC
GetUpdateRect
IsClipboardFormatAvailable
CharUpperW
CharLowerW
RegisterClipboardFormatA
GetSysColor
SetRectEmpty
GetSubMenu
EqualRect
UpdateWindow
OffsetRect
LoadMenuA
ScreenToClient
GetClassInfoA
EnableWindow
InvalidateRect
SetCapture
PtInRect
EnableMenuItem
IntersectRect
UnionRect
GetParent
PostMessageA
GetKeyState
GetDC
GetWindowRect
InvalidateRgn
ReleaseCapture
CharUpperA
GetClientRect
SendMessageA
GetSysColorBrush
IsRectEmpty

ole32

OleRegGetUserType
ReadClassStg
ReadClassStm
CreateBindCtx
StgCreateDocfile
WriteClassStm
StgOpenStorage
StringFromGUID2
OleRun
CLSIDFromProgID
WriteClassStg
CoCreateInstance
ReleaseStgMedium
CoFreeUnusedLibraries
CoTaskMemFree
CreateStreamOnHGlobal

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95129a4f66346807f7ed8b8d4e19104b

Headers

File Characteristics

Imports

advapi32

urlmon

kernel32

ddraw

gdi32

shlwapi

user32

ole32

Sections

.text Size: 112KB - Virtual size: 112KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 49KB - Virtual size: 49KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 112KB - Virtual size: 112KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 49KB - Virtual size: 49KB

.rsrc
Size: 1KB - Virtual size: 1KB