cfc16e4e3102068efd11c8250567c9d0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cfc16e4e3102068efd11c8250567c9d0_JaffaCakes118
Size

576KB
MD5

cfc16e4e3102068efd11c8250567c9d0
SHA1

9a9cca3aa3b0e9909d45b6b937132de733f290e3
SHA256

5cc2fa82f6dd792e2258b9ee4c6bcd8644cec5d148dae683427169020860f567
SHA512

7deb0234df7eacebef105943dbf6a776123ae077defa4e38189e518bb95a802b8e3b8990d71e658dbe6394750f42abb2ac76d925ab600e80b897650ed02573b1
SSDEEP

12288:uAjScIBRdqqNK+VLMsUXr5S6IjefEA0tzVs:tScqRdqaVtK1ejUr0M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfc16e4e3102068efd11c8250567c9d0_JaffaCakes118

Files

cfc16e4e3102068efd11c8250567c9d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b14c4008734c9f718d1e6ba5651ede0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextAlign
DeleteColorSpace
GetDeviceCaps
DeleteObject
DeleteDC
MaskBlt
CreateEnhMetaFileW
SelectObject
SetMagicColors
RectInRegion
GetObjectW
CreateDCW
SetLayout

comdlg32

ChooseFontW
LoadAlterBitmap
PageSetupDlgW

kernel32

GetEnvironmentStringsW
OpenMutexA
GetEnvironmentStrings
GetProcessShutdownParameters
FlushFileBuffers
GetModuleHandleA
EnumSystemLocalesA
GetCurrentDirectoryA
VirtualAllocEx
ExitProcess
EnumResourceNamesW
GetStringTypeA
ReadFile
LocalUnlock
SetEnvironmentVariableA
ConvertDefaultLocale
LCMapStringA
CreateToolhelp32Snapshot
HeapFree
GetTimeFormatA
GetCurrentProcess
GetStringTypeW
CompareFileTime
GetStdHandle
WriteProfileStringW
HeapCreate
WideCharToMultiByte
GetFileAttributesExA
DuplicateHandle
CreateWaitableTimerW
FindNextChangeNotification
GetCalendarInfoW
EnumResourceTypesW
FreeEnvironmentStringsW
TlsGetValue
GetTimeFormatW
LoadLibraryA
lstrcpyA
UnhandledExceptionFilter
GetOEMCP
SetLastError
SetStdHandle
SuspendThread
MoveFileA
FillConsoleOutputCharacterW
IsValidCodePage
SetFileTime
EnterCriticalSection
LockFile
InterlockedExchange
GetTimeZoneInformation
GetStartupInfoA
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetCommandLineA
GetSystemDirectoryA
LoadResource
IsBadWritePtr
GetCurrentProcessId
CreateMutexA
GetModuleFileNameA
GetCurrentThreadId
GetWindowsDirectoryA
GetSystemDefaultLangID
DeleteCriticalSection
LoadModule
SetConsoleTitleW
VirtualFree
CompareStringW
ReleaseSemaphore
GetDateFormatA
lstrlenW
ReadConsoleInputW
GetLastError
RtlFillMemory
lstrcatA
OpenEventW
GetLocalTime
CloseHandle
InitializeCriticalSection
FindFirstFileW
GetLocaleInfoW
LeaveCriticalSection
GetProcAddress
GetCurrentThread
GetFileType
TlsAlloc
RtlUnwind
HeapDestroy
CompareStringA
lstrcmpiW
IsValidLocale
GetCompressedFileSizeA
FreeLibraryAndExitThread
LCMapStringW
HeapReAlloc
HeapSize
TerminateProcess
GetUserDefaultLCID
GetCPInfo
CreateMailslotW
GetVersionExA
WriteFile
ConnectNamedPipe
GetConsoleMode
SetFilePointer
VirtualProtect
TlsSetValue
VirtualQuery
GetNamedPipeHandleStateA
ReadConsoleA
TlsFree
SetHandleCount
MultiByteToWideChar
GetACP
GetConsoleOutputCP
GetNamedPipeInfo
lstrcpynW
GetDiskFreeSpaceExW
VirtualAlloc
GetSystemInfo
QueryPerformanceCounter
GetLocaleInfoA
HeapAlloc
GetTickCount
RemoveDirectoryW

user32

CopyAcceleratorTableA
GetMessageTime
ClipCursor
FreeDDElParam
RegisterClassExA
GetGuiResources
GetUserObjectInformationW
SendMessageTimeoutA
DdeClientTransaction
DrawIcon
RegisterClassA
RealGetWindowClass
GetScrollRange
SetDlgItemTextA
ChangeDisplaySettingsA
VkKeyScanW
DlgDirListComboBoxW
SetCapture
ClientToScreen
PostThreadMessageW
ShowWindowAsync
MessageBoxIndirectA
SetClassLongW
MessageBoxA
InSendMessageEx
DdeUnaccessData
CreateDesktopA
InvertRect
UnregisterHotKey
DestroyWindow
GetClassLongW
GetClassInfoExA
DlgDirSelectExW
OpenDesktopW
GetMenuItemInfoA
GetKBCodePage
UnhookWindowsHookEx
GetKeyState
FillRect
EndPaint
DdeSetUserHandle
GetCapture
CharToOemBuffA
SetUserObjectSecurity
DispatchMessageA
ValidateRgn
UnloadKeyboardLayout
IsDlgButtonChecked
CreateIcon
BroadcastSystemMessageA
DlgDirSelectComboBoxExA
OpenWindowStationW
GetMenuState
DdeQueryStringA

wininet

CreateUrlCacheGroup
InternetCreateUrlA
InternetOpenA
InternetCheckConnectionA
FtpFindFirstFileW
RetrieveUrlCacheEntryStreamA
FtpCommandA
LoadUrlCacheContent
UnlockUrlCacheEntryFileA

comctl32

CreateToolbarEx
CreateStatusWindowA
ImageList_GetImageCount
CreateStatusWindow
MakeDragList
InitCommonControlsEx
ImageList_AddIcon
ImageList_DrawEx
ImageList_GetImageRect
DrawStatusTextA
ImageList_DragEnter
CreateUpDownControl
ImageList_Write
ImageList_DragShowNolock
ImageList_DragMove
CreatePropertySheetPageA
DrawInsert
DestroyPropertySheetPage
ImageList_GetDragImage
ImageList_AddMasked
ImageList_Add
ImageList_LoadImage
ImageList_Replace

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b14c4008734c9f718d1e6ba5651ede0

Headers

File Characteristics

Imports

gdi32

comdlg32

kernel32

user32

wininet

comctl32

Sections

.text Size: 168KB - Virtual size: 166KB

.rdata Size: 248KB - Virtual size: 246KB

.data Size: 116KB - Virtual size: 119KB

.rsrc Size: 40KB - Virtual size: 37KB

.text
Size: 168KB - Virtual size: 166KB

.rdata
Size: 248KB - Virtual size: 246KB

.data
Size: 116KB - Virtual size: 119KB

.rsrc
Size: 40KB - Virtual size: 37KB