cfe82388c27902a239322c30292bbeea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cfe82388c27902a239322c30292bbeea_JaffaCakes118
Size

541KB
MD5

cfe82388c27902a239322c30292bbeea
SHA1

5434c095428b44bc284bd6f55f2e97a738a1e9a3
SHA256

fffa88e9909190f527d5c13b924d1911b1e5f6a786c73bd5ee74eaa6ad5d3644
SHA512

513c1f9c0226aa5b02221061a9169fbd349a40896f8613e47c495888db7f3a2379b9d1769bec1e0100d97ba942c8ce36fa10a37a5432059fb6e377def2ce896f
SSDEEP

12288:YWezG16jF0lAvBEYFfBK8+106K05bkX4N:+F0W5ZfQ0cs4N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfe82388c27902a239322c30292bbeea_JaffaCakes118

Files

cfe82388c27902a239322c30292bbeea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a9b5e339b414e60a035a9016c9de3c83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptCreateHash
CryptGetKeyParam
LookupSecurityDescriptorPartsW

user32

ShowCaret
LoadAcceleratorsA
DrawStateW
CharPrevA
RegisterClassExA
GetCursorInfo
DdeUnaccessData
IsWindowEnabled
UnloadKeyboardLayout
SetMenuDefaultItem
GetWindowTextLengthW
GetKeyboardLayoutNameW
RegisterDeviceNotificationA
SetWindowsHookW
ShowWindowAsync
DlgDirSelectComboBoxExW
RealGetWindowClass
GetOpenClipboardWindow
GetMenuDefaultItem
IntersectRect
GetMenuItemCount
GrayStringA
AdjustWindowRectEx
EnumPropsExA
RegisterClassA
EmptyClipboard

comdlg32

GetOpenFileNameA
PageSetupDlgW
LoadAlterBitmap
GetFileTitleA

kernel32

HeapCreate
GetUserDefaultLCID
GetStringTypeA
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetModuleFileNameA
IsDebuggerPresent
WriteConsoleA
CompareStringA
SetStdHandle
GetStdHandle
HeapSize
SetUnhandledExceptionFilter
GetCurrentProcessId
GetOEMCP
TlsAlloc
SetConsoleCtrlHandler
GetTimeZoneInformation
FreeLibrary
VirtualQuery
VirtualAlloc
CompareStringW
DeleteCriticalSection
GetCurrentProcess
MultiByteToWideChar
GetConsoleMode
WriteConsoleW
LoadLibraryA
GetConsoleOutputCP
WritePrivateProfileSectionA
HeapFree
GetLocaleInfoW
GetStringTypeW
GetStartupInfoA
GetTickCount
SetFilePointer
FileTimeToDosDateTime
ReadFile
CreateDirectoryExW
GetEnvironmentStrings
ExitProcess
ReadFileEx
GetCPInfo
GetFileType
CreateSemaphoreW
SetEnvironmentVariableA
UnhandledExceptionFilter
LCMapStringW
GetCommandLineA
GetCurrentThreadId
HeapAlloc
FreeEnvironmentStringsA
GetCurrentThread
InterlockedExchange
TlsGetValue
CreateFileA
InitializeCriticalSectionAndSpinCount
TerminateProcess
OpenMutexA
InterlockedDecrement
LCMapStringA
IsValidLocale
GetConsoleCP
TlsFree
GetModuleHandleW
Sleep
TlsSetValue
IsValidCodePage
WideCharToMultiByte
GetSystemTimeAsFileTime
GetModuleHandleA
DeleteFiber
FlushFileBuffers
InterlockedIncrement
GetPrivateProfileSectionNamesA
CreateMutexA
GetLocaleInfoA
SetLastError
HeapDestroy
SetLocaleInfoW
GetLastError
IsBadWritePtr
GetEnvironmentStringsW
GetACP
SetHandleCount
QueryPerformanceCounter
HeapReAlloc
VirtualFree
FreeEnvironmentStringsW
RtlUnwind
EnumSystemLocalesA
GetProcAddress
GetDateFormatA
CloseHandle
GetTimeFormatA

shell32

SHAppBarMessage

gdi32

GetMetaFileBitsEx

comctl32

InitCommonControlsEx

Sections

.text
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9b5e339b414e60a035a9016c9de3c83

Headers

File Characteristics

Imports

advapi32

user32

comdlg32

kernel32

shell32

gdi32

comctl32

Sections

.text Size: 203KB - Virtual size: 203KB

.rdata Size: 10KB - Virtual size: 24KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 203KB - Virtual size: 203KB

.rdata
Size: 10KB - Virtual size: 24KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 12KB - Virtual size: 12KB