cff9b7691abbcc30ce91ee8fe43e1b34_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cff9b7691abbcc30ce91ee8fe43e1b34_JaffaCakes118
Size

936KB
MD5

cff9b7691abbcc30ce91ee8fe43e1b34
SHA1

076e806c60185331b844fd80321db07c17a337e0
SHA256

e9acaaaeec3d5c4e6c80a9bd0ea25efc82d9422eb10ca1cb9212e3f0c3fafc2e
SHA512

043b857e012f5c6004c2b8bda2acf31c5099b70e38eaa8d51a7e64fdf1322ea5c4cead6c60b1387bb7feca7c8d5da904d901317a90f1422d49ed2432c1c58f67
SSDEEP

6144:kl2KweISjrDA++qZyj9eaHnXj4ZrsHDDgf:u2KwMZQnXsKH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cff9b7691abbcc30ce91ee8fe43e1b34_JaffaCakes118

Files

cff9b7691abbcc30ce91ee8fe43e1b34_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c071c8f2b269ff93149ac73018a7c812

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
GetComputerNameA
GetACP
OpenProcess
ReleaseMutex
CreateMutexA
FlushFileBuffers
lstrcmpiA
CreateProcessA
TerminateProcess
RemoveDirectoryA
DeviceIoControl
GetVersionExA
LocalFree
FormatMessageA
GetWindowsDirectoryA
GetShortPathNameA
CreateDirectoryA
GetCurrentProcess
GetFullPathNameA
CompareStringW
CompareStringA
SetStdHandle
SetFileAttributesA
GetFileType
GetStdHandle
SetHandleCount
GetLocalTime
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
VirtualAlloc
VirtualFree
GetEnvironmentVariableA
HeapSize
HeapReAlloc
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetOEMCP
GetCPInfo
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
SetLastError
TlsAlloc
ExitProcess
GetCommandLineA
GetStartupInfoA
RaiseException
GetSystemTimeAsFileTime
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
ExitThread
TlsGetValue
TlsSetValue
CreateThread
RtlUnwind
LeaveCriticalSection
SetEnvironmentVariableA
EnterCriticalSection
GetFileSize
GetCurrentDirectoryA
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetLastError
GetFileAttributesA
CopyFileA
TerminateThread
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
Sleep
GetVolumeInformationA
HeapDestroy
HeapCreate
HeapFree
HeapAlloc
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
IsBadReadPtr
IsBadWritePtr
lstrlenA
InterlockedDecrement
InterlockedIncrement
CreateEventA
SetEvent
GetSystemTime
GetFileTime
SetFileTime
OutputDebugStringA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
GetEnvironmentStringsW
ResumeThread
FreeLibrary
WaitForSingleObject
LoadLibraryA
GetProcAddress
MoveFileA
DeleteFileA
GetVersion
GetSystemDirectoryA
WriteFile
CreateFileA
ReadFile
SetFilePointer
CloseHandle
GetTickCount
IsBadCodePtr
VirtualProtect

user32

KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
SetTimer
GetCursorPos
ReleaseDC
wsprintfA
PostThreadMessageA
GetForegroundWindow
ExitWindowsEx
GetSystemMetrics
EndDialog
CreateDialogParamA
UpdateWindow
ShowWindow
IsWindow
PostQuitMessage
SetCursor
MessageBoxA
LoadStringA
GetPropA
SetPropA
DefWindowProcA
DestroyWindow
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
PostMessageA
UnregisterClassA
GetDC

gdi32

GetStockObject
GetDeviceCaps

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
GetUserNameA
RegEnumKeyExA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
DeregisterEventSource
CloseServiceHandle
OpenServiceA
OpenSCManagerA
RegCreateKeyA
CreateServiceA
DeleteService
StartServiceCtrlDispatcherA
StartServiceA
QueryServiceStatus
ControlService
RegisterServiceCtrlHandlerA
SetServiceStatus
ReportEventA
RegisterEventSourceA
InitiateSystemShutdownA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegConnectRegistryA
RegQueryValueExA

ole32

CoTaskMemFree
CoCreateInstance
StringFromCLSID
CoInitializeEx
CoInitialize
CoUninitialize

oleaut32

SysAllocStringLen
SysAllocString
SysFreeString

Sections

.text
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 656KB - Virtual size: 654KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c071c8f2b269ff93149ac73018a7c812

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

ole32

oleaut32

Sections

.text Size: 208KB - Virtual size: 205KB

.rdata Size: 656KB - Virtual size: 654KB

.data Size: 64KB - Virtual size: 63KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 208KB - Virtual size: 205KB

.rdata
Size: 656KB - Virtual size: 654KB

.data
Size: 64KB - Virtual size: 63KB

.rsrc
Size: 4KB - Virtual size: 1KB