cfbc889e1ac7be17aab2e626da80cfd2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cfbc889e1ac7be17aab2e626da80cfd2_JaffaCakes118
Size

932KB
MD5

cfbc889e1ac7be17aab2e626da80cfd2
SHA1

437248df4a7438890acd0abe3244b64850c1fe76
SHA256

24973d1be04688df855bf00089b8785b2ca56d340b7c52bade791ed76277374a
SHA512

6d18f84599bae9a8ed3f1b9e891485def3ad761b3123dd25c17e97049d761996369d59cd5e72b55c5bb97c5c8a88e3ddd47dae213c17c9ddb5da5df467c73413
SSDEEP

24576:fSurRS0NxVq429GXoUV0QeiFnBDxOYvI0fA:fw42gX7KQHn9yt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfbc889e1ac7be17aab2e626da80cfd2_JaffaCakes118

Files

cfbc889e1ac7be17aab2e626da80cfd2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86577ea5d82f834665c9448fc68afd52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\HCNRZCETHI\OYEI\OVBQCPR\JKECEUA\BOZVZQ\ST

Imports

kernel32

EnumResourceTypesA
GetDiskFreeSpaceExA
GetSystemTimeAsFileTime
DeleteFiber
GetConsoleMode
CreateMailslotW
SetLastError
GetCurrentProcess
VirtualQuery
SetThreadContext
TlsGetValue
IsBadWritePtr
ReadFile
lstrcat
VirtualFree
LCMapStringW
IsValidLocale
GetCurrentThreadId
GetStringTypeA
WideCharToMultiByte
GetEnvironmentStringsW
ExitProcess
WriteFile
GetFileSize
HeapFree
SetStdHandle
HeapDestroy
GetSystemTime
GetLocalTime
MultiByteToWideChar
GetStdHandle
RtlUnwind
GetCurrentProcessId
GetConsoleTitleW
GetThreadLocale
GetModuleFileNameA
OpenMutexA
GetStringTypeW
CreateMutexA
TlsAlloc
GetFileAttributesW
GetVersion
GetStartupInfoA
GetLastError
SetFilePointer
FlushFileBuffers
GetProcAddress
FreeResource
GetTimeZoneInformation
HeapAlloc
FreeEnvironmentStringsW
FreeEnvironmentStringsA
QueryPerformanceCounter
DeleteCriticalSection
CloseHandle
GetTickCount
GetModuleHandleA
SetHandleCount
InterlockedIncrement
InitializeCriticalSection
TlsFree
SetThreadLocale
GetFileType
HeapReAlloc
HeapCreate
GetACP
GetCurrentThread
UnhandledExceptionFilter
SetEnvironmentVariableA
InterlockedDecrement
VirtualAlloc
ReadConsoleA
TerminateProcess
GetOEMCP
GetCommandLineA
CompareStringA
CompareStringW
LCMapStringA
LoadLibraryA
InterlockedExchange
EnterCriticalSection
AllocConsole
GetEnvironmentStrings
GetCPInfo
GetComputerNameA
LeaveCriticalSection
TlsSetValue

user32

DestroyCaret
BringWindowToTop
RegisterClassExA
SetMenuContextHelpId
LoadBitmapW
LoadAcceleratorsW
RegisterClassA
OpenInputDesktop
DialogBoxIndirectParamW
TabbedTextOutW

comctl32

GetEffectiveClientRect
ImageList_LoadImageW
ImageList_GetIcon
ImageList_GetImageInfo
ImageList_BeginDrag
DrawStatusTextA
ImageList_Merge
DestroyPropertySheetPage
CreateUpDownControl
ImageList_DrawIndirect
InitCommonControlsEx
CreateStatusWindow
ImageList_GetDragImage
ImageList_LoadImageA
ImageList_DragLeave

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 489KB - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86577ea5d82f834665c9448fc68afd52

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

Sections

.text Size: 123KB - Virtual size: 123KB

.rdata Size: 248KB - Virtual size: 271KB

.data Size: 489KB - Virtual size: 486KB

.rsrc Size: 70KB - Virtual size: 70KB

.text
Size: 123KB - Virtual size: 123KB

.rdata
Size: 248KB - Virtual size: 271KB

.data
Size: 489KB - Virtual size: 486KB

.rsrc
Size: 70KB - Virtual size: 70KB