cbde54ccc3c13fe82a442ead8d2103e4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cbde54ccc3c13fe82a442ead8d2103e4_JaffaCakes118
Size

350KB
MD5

cbde54ccc3c13fe82a442ead8d2103e4
SHA1

e968914a83611a888cfbd131fd0c452821de20be
SHA256

17a9bf31abdc0baabd6f26b3fa67d2f169f533ef04496b7943667414bcd539c2
SHA512

6b3b21e1c5d780b5376c9e08df218cb0581f2cc981a66b5aa2b4c43a09df6477f5928cc767a6d8122dd25f35f9ac21df5b7124465a0d6c1c50e1440f91b73d1e
SSDEEP

6144:RukiCIXQRFUPRLLHpsn4kH4JMWmaF0oc:R0vXqFMFHps4kYeuz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbde54ccc3c13fe82a442ead8d2103e4_JaffaCakes118

Files

cbde54ccc3c13fe82a442ead8d2103e4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cbe4e98d1a8a97f8b718d29a2fd9a8aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Such\Fun\best\Both\Thousand\even\wintermatch.pdb

Imports

kernel32

HeapReAlloc
LoadLibraryW
WriteConsoleW
SetStdHandle
CreateFileW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
CloseHandle
SetFilePointer
CompareStringW
GetTempPathA
GetCurrentProcessId
TlsAlloc
GetCurrentDirectoryA
GetModuleHandleA
FindNextFileA
GetModuleFileNameA
WaitForMultipleObjects
LoadLibraryA
GetTempFileNameA
GetProcAddress
FindFirstFileA
GetShortPathNameA
MultiByteToWideChar
GetEnvironmentVariableA
GetFileAttributesA
Sleep
TlsSetValue
GetWindowsDirectoryA
WaitForSingleObject
ExitProcess
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
EncodePointer
DecodePointer
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
TlsGetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetStringTypeW
GetLocaleInfoW
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetEnvironmentVariableA

user32

CallNextHookEx
EnumWindows
GetWindowLongA
CreateWindowExA
ReleaseDC
DefWindowProcA
GetClassInfoExA

gdi32

RestoreDC
ExtTextOutA
StartDocA
Rectangle
CreateFontIndirectA
StartPage

comctl32

ImageList_Remove
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_Destroy

shlwapi

StrRetToBufA
StrCmpNA
StrStrA
UrlIsA
PathCreateFromUrlA

advapi32

RegCloseKey
RegEnumKeyA
RegOpenKeyA
FreeSid
OpenSCManagerA
AllocateAndInitializeSid
QueryServiceStatus
RegOpenKeyExA
RegCreateKeyExA
LookupPrivilegeValueA
InitializeSecurityDescriptor
RegDeleteKeyA
RegQueryValueExA
RegisterServiceCtrlHandlerA
RegSetValueExA
GetTokenInformation
SetEntriesInAclA
OpenThreadToken
DeleteService
StartServiceCtrlDispatcherA
OpenProcessToken
OpenServiceA

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbe4e98d1a8a97f8b718d29a2fd9a8aa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comctl32

shlwapi

advapi32

Sections

.text Size: 153KB - Virtual size: 153KB

.rdata Size: 55KB - Virtual size: 55KB

.data Size: 6KB - Virtual size: 76KB

.rsrc Size: 134KB - Virtual size: 133KB

.text
Size: 153KB - Virtual size: 153KB

.rdata
Size: 55KB - Virtual size: 55KB

.data
Size: 6KB - Virtual size: 76KB

.rsrc
Size: 134KB - Virtual size: 133KB