cfce3f04c33fd251eedcb1cc79a190c3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cfce3f04c33fd251eedcb1cc79a190c3_JaffaCakes118
Size

429KB
MD5

cfce3f04c33fd251eedcb1cc79a190c3
SHA1

14338ce783be35540021c3e180a7d9d6b2ddb95d
SHA256

256d8d4708df49e6eed57df9639f1032b5c9121c7c85173c24d3918dff3fa0b0
SHA512

3abdf14b288a34563de020dbdff40cb8378c45c6c35558d90bf937fc6c96a4e5eb9854f259735e7a6147ca284b607bb6e8c141fe0e997a5b07991580ff8a4629
SSDEEP

12288:8ftC6SZNUUVYOiSoUT1ALYkzt6ON5UtA075:8fM62NUnJSoUTkPz9N5UtAc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfce3f04c33fd251eedcb1cc79a190c3_JaffaCakes118

Files

cfce3f04c33fd251eedcb1cc79a190c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

76dacf044fb8a1341e03e35eacb3cfa0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

StartServiceA
CryptDeriveKey
RegRestoreKeyW
CryptDuplicateKey
CryptEnumProvidersW
RegCreateKeyExA
RegEnumKeyExA
AbortSystemShutdownA
RegQueryInfoKeyW
RegOpenKeyExW
RegReplaceKeyW
RegDeleteKeyW
LookupPrivilegeValueW
RegSetValueExA
CryptVerifySignatureW
ReportEventA
RegSetValueW
ReportEventW
LookupAccountSidA
CryptDecrypt
DuplicateToken

gdi32

EnumFontsW
StartPage
DeleteEnhMetaFile
EqualRgn
GetTextExtentPointW
SetViewportOrgEx
EndPage
CreateBitmapIndirect
CreateRectRgnIndirect

wininet

HttpAddRequestHeadersW
SetUrlCacheEntryGroupA
HttpSendRequestExW
GopherCreateLocatorW
FtpDeleteFileW
InternetSetOptionExA
UrlZonesDetach
ShowX509EncodedCertificate
FtpSetCurrentDirectoryW

kernel32

GetPrivateProfileSectionNamesA
WriteFile
IsValidLocale
IsValidCodePage
HeapDestroy
GetLocaleInfoA
CompareStringA
TlsFree
GetModuleFileNameA
WriteProfileStringA
VirtualFree
lstrcpy
InterlockedDecrement
GetStringTypeA
GetACP
InterlockedIncrement
InitializeCriticalSectionAndSpinCount
HeapAlloc
SetLastError
VirtualAllocEx
GetCurrentThreadId
GetFileType
LCMapStringW
GetCPInfo
SetConsoleCtrlHandler
RtlZeroMemory
EnumSystemLocalesA
CompareStringW
ReleaseSemaphore
GetPriorityClass
HeapFree
FindNextFileA
MultiByteToWideChar
GetTimeFormatA
GetTickCount
LeaveCriticalSection
GetEnvironmentStringsW
ReadConsoleOutputW
GetUserDefaultLCID
GetDateFormatA
LCMapStringA
GetEnvironmentStrings
GetConsoleTitleA
GetCurrentProcess
Sleep
TlsAlloc
TlsGetValue
SystemTimeToFileTime
VirtualAlloc
GetTimeZoneInformation
HeapCreate
GetModuleHandleW
GetStringTypeW
FreeEnvironmentStringsW
WideCharToMultiByte
RtlUnwind
VirtualQuery
GlobalFix
ExitProcess
GetStartupInfoA
HeapReAlloc
SetHandleCount
GetSystemTimeAsFileTime
EnterCriticalSection
FreeEnvironmentStringsA
GetCurrentProcessId
GetModuleHandleA
FreeLibrary
GetOEMCP
TerminateProcess
SetEnvironmentVariableA
DeleteCriticalSection
IsDebuggerPresent
GetLastError
GetCommandLineA
EnumResourceNamesA
HeapSize
UnhandledExceptionFilter
QueryPerformanceCounter
TlsSetValue
GetDiskFreeSpaceW
GetCurrentThread
InterlockedExchange
GetLocaleInfoW
SetUnhandledExceptionFilter
GetStdHandle
LoadLibraryA
GetProcAddress
WaitForDebugEvent

comdlg32

PageSetupDlgW
ChooseColorW
FindTextW

user32

EnumWindowStationsW
GetMenuStringA
SendInput
ExcludeUpdateRgn
EnumPropsExW
GetClassInfoA
CascadeChildWindows
CreateWindowExW
LoadBitmapA
GetThreadDesktop
GetFocus
GetUserObjectSecurity
GetTabbedTextExtentA
ShowScrollBar
EndDialog

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76dacf044fb8a1341e03e35eacb3cfa0

Headers

File Characteristics

Imports

advapi32

gdi32

wininet

kernel32

comdlg32

user32

Sections

.text Size: 137KB - Virtual size: 137KB

.rdata Size: 10KB - Virtual size: 18KB

.data Size: 279KB - Virtual size: 279KB

.rsrc Size: 1024B - Virtual size: 988B

.text
Size: 137KB - Virtual size: 137KB

.rdata
Size: 10KB - Virtual size: 18KB

.data
Size: 279KB - Virtual size: 279KB

.rsrc
Size: 1024B - Virtual size: 988B