cfff1ac0698085ae1e75655e8c9762e9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cfff1ac0698085ae1e75655e8c9762e9_JaffaCakes118
Size

610KB
MD5

cfff1ac0698085ae1e75655e8c9762e9
SHA1

353b4f4ea674416070b03b5f980a00061086b383
SHA256

e7035712cae0b8c1bec1f5810f19851ab53f7ce307f880a9b14b781af9caf613
SHA512

e2684eba063e3b3c2d827257a3ff110ed10442a10f38f7d6e5e82382d6f7da018f9ff7d5a9230b94d8b85068f61a3991de3d766c1069949fed1082bb27fef75a
SSDEEP

12288:nL9DqEkRB2h3P5JugVfU0t4rw7eEBClBeYEzEb535FE5:L9DLvJ3ugtPtnyEB2g8p5q5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfff1ac0698085ae1e75655e8c9762e9_JaffaCakes118

Files

cfff1ac0698085ae1e75655e8c9762e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ddf7e027c5cac7906966dab6a71f38fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
SetNamedPipeHandleState
GetShortPathNameA
LoadLibraryExA
ReadFile
ScrollConsoleScreenBufferA
GetLargestConsoleWindowSize
SetProcessWorkingSetSize
GetTickCount
EnumTimeFormatsW
CreateFileW
GetSystemDefaultLangID
DeleteCriticalSection
SetFileTime
lstrcatW
SetThreadLocale
IsValidLocale
GlobalFree
FlushConsoleInputBuffer
SetLastError
ExitProcess
_lread
GetNumberFormatW

user32

BroadcastSystemMessageW
PostQuitMessage
LoadIconW
SetMenuItemInfoW
InsertMenuItemW
DeleteMenu
SetDlgItemTextW
SetKeyboardState
SetRect
MonitorFromPoint
GetScrollRange
GetWindowLongA
ShowScrollBar
GetSysColorBrush
DispatchMessageA
DrawCaption
LoadMenuA
SendMessageA
GetClipboardViewer
DestroyCaret
MonitorFromWindow
GetSystemMenu
LoadMenuIndirectW
SetSysColors

gdi32

CreateMetaFileW
GetBrushOrgEx
SelectObject
SwapBuffers
PlayMetaFile
GetCharWidthW

advapi32

RegEnumValueW
CryptCreateHash
RegEnumKeyExA
RegSaveKeyA
RegQueryInfoKeyA
GetPrivateObjectSecurity
AdjustTokenPrivileges
CryptEncrypt
RegUnLoadKeyW
GetNamedSecurityInfoW
RegOpenKeyA
IsValidSid
CryptSetHashParam
StartServiceA
RegConnectRegistryA
LookupAccountNameA
DeregisterEventSource
CryptAcquireContextA
RegUnLoadKeyA
SetNamedSecurityInfoA
NotifyChangeEventLog
CreateProcessAsUserW

shell32

Shell_NotifyIconA
DragAcceptFiles
ShellExecuteA
FindExecutableA
DragFinish

ole32

StgCreateStorageEx
CLSIDFromString
OleQueryLinkFromData
GetClassFile
OleSave
OleBuildVersion
CoResumeClassObjects
CoGetTreatAsClass
StgOpenStorage

oleaut32

SafeArrayUnaccessData
LoadTypeLi
SafeArrayCreate

comctl32

ImageList_DragShowNolock

shlwapi

HashData
PathRenameExtensionW
SHDeleteKeyW

Sections

.text
Size: 20KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddf7e027c5cac7906966dab6a71f38fc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 20KB - Virtual size: 213KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 252KB - Virtual size: 251KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 20KB - Virtual size: 213KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 252KB - Virtual size: 251KB

.rsrc
Size: 8KB - Virtual size: 5KB