048eaf8f6f8f1567d67edb4a582cb021_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

048eaf8f6f8f1567d67edb4a582cb021_JaffaCakes118
Size

736KB
MD5

048eaf8f6f8f1567d67edb4a582cb021
SHA1

6bc4822a95c1d375b544df6bc1a566f1393ba598
SHA256

32c89c8e6ab723536e2bf3c53339cc95d8b97b6a6885565823c98c6c68f8b41b
SHA512

4cf073a8c9bd0487f3f4a25dca9f6dbcf9adad2d0c9cba992d4a9a1f5ee4b98e21f5079e33b93812c49cc0b2cf7191a9063ce93ec52d32a0dea129b9a784ed3d
SSDEEP

12288:sovmIajF26wPUD5MvCaGyba91k6ctu3HGqv6LPwtlRJjahSSsk9cp8wYMbOCSuoz:sovmIYFSPUD5Mv/L6ctu3HGqv6LPSlzw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
048eaf8f6f8f1567d67edb4a582cb021_JaffaCakes118

Files

048eaf8f6f8f1567d67edb4a582cb021_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a6236d98075a86bbe65a45df5fec6b95

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\VT\gratu\Release\cubes.pdb

Imports

kernel32

CreateFileA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetProcessHeap
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetStdHandle
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetACP
HeapReAlloc
HeapSize
HeapAlloc
VirtualFree
HeapFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetTickCount
SetHandleCount
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
GetSystemInfo
ExitProcess
Sleep
RtlUnwind
IsBadReadPtr
HeapValidate
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetModuleHandleW
SetEndOfFile
FlushFileBuffers
OpenEventA
ReadFile
GetCurrentProcess
WritePrivateProfileStringA
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
InterlockedIncrement
GetOEMCP
GetCPInfo
GetAtomNameA
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetErrorMode
InterlockedDecrement
GlobalFree
SetEvent
GetCurrentProcessId
InterlockedExchange
GlobalAlloc
lstrcmpA
GetCurrentThread
GetLocaleInfoA
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
CompareStringA
MultiByteToWideChar
FreeResource
lstrcmpW
FreeLibrary
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
GlobalLock
GlobalUnlock
MulDiv
SetLastError
LocalFileTimeToFileTime
LocalFree
LocalSize
GetVersionExA
CreateToolhelp32Snapshot
GetModuleHandleA
LocalAlloc
LoadLibraryA
GetLocalTime
VirtualAlloc
GetProcAddress
GetLastError
SetConsoleTitleA
GetModuleFileNameW
CreateEventA
LoadLibraryW
GetPrivateProfileIntA
OpenProcess
GetDateFormatA
FormatMessageA
WaitForSingleObject
GetUserDefaultLCID
QueryPerformanceCounter
SystemTimeToFileTime
lstrlenA
CreateThread
CloseHandle
RaiseException
ExitThread
WriteFile
SetFilePointer

user32

CreateDialogIndirectParamA
SetCursor
IsWindowEnabled
MoveWindow
IsDialogMessageA
RegisterWindowMessageA
GetClassInfoExA
GetClassInfoA
SendDlgItemMessageA
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
WinHelpA
TrackPopupMenu
GetDlgItem
GetWindowTextA
GetKeyState
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
SetMenu
GetMenu
GetMessageTime
GetMessagePos
SetWindowLongA
OffsetRect
IntersectRect
GetWindowPlacement
LoadIconA
EnableWindow
EndDialog
GetLastActivePopup
GetWindow
GetTopWindow
GetNextDlgTabItem
GetDesktopWindow
GetCapture
SetActiveWindow
GetActiveWindow
ShowOwnedPopups
IsWindowVisible
ValidateRect
InvalidateRect
MapWindowPoints
BringWindowToTop
IsIconic
PostMessageA
PeekMessageA
LoadImageA
GetSystemMetrics
RegisterClassA
GetWindowThreadProcessId
LoadMenuA
ModifyMenuA
InsertMenuItemA
GetSubMenu
GetMenuItemInfoA
GetMenuState
GetMenuItemID
GetMenuItemCount
EnableMenuItem
CheckMenuItem
DestroyMenu
SetRectEmpty
ReleaseCapture
GetClipboardFormatNameA
IsMenu
CreatePopupMenu
UnpackDDElParam
LoadAcceleratorsA
TranslateAcceleratorA
ReuseDDElParam
SetClipboardViewer
LoadCursorA
UpdateWindow
InflateRect
PtInRect
SystemParametersInfoA
OpenClipboard
DispatchMessageA
AppendMenuA
ShowWindow
GetCursorPos
UnregisterClassA
SetWindowPos
DefWindowProcA
ReleaseDC
SetScrollPos
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DrawIcon
FillRect
GetSysColorBrush
GetSysColor
GetWindowDC
ClientToScreen
IsWindow
ScreenToClient
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EndPaint
DestroyWindow
GetMessageA
CloseClipboard
GetSystemMenu
GetWindowRect
RegisterClassExA
PostQuitMessage
SetForegroundWindow
DeleteMenu
GetFocus
LoadBitmapA
GetParent
wsprintfA
FindWindowExA
GetClientRect
CreateWindowExA
GetClipboardData
SetFocus
SendMessageA
BeginPaint
SetScrollRange
GetDC
DrawFocusRect
TranslateMessage
GetForegroundWindow
GetKeyboardLayout
MessageBoxA
GetWindowLongA
SetWindowTextA

gdi32

SaveDC
CreateCompatibleDC
PtVisible
RectVisible
Rectangle
BitBlt
StretchBlt
GetPixel
TextOutA
GetTextExtentPoint32A
Escape
CreateCompatibleBitmap
CreateFontIndirectA
ExtTextOutA
GetObjectA
GetDIBColorTable
SelectObject
DeleteObject
GetTextMetricsA
RestoreDC
GetStockObject
SetBkColor
SetBkMode
CreateSolidBrush
MoveToEx
CreateEllipticRgn
CreateBitmap
SetTextColor
GetDeviceCaps
GetObjectType
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
CreatePatternBrush
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
DeleteDC

comdlg32

GetOpenFileNameA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCreateKeyExA
SetThreadToken
RevertToSelf
OpenThreadToken
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
LsaOpenPolicy

shell32

DragFinish
DragQueryFileA
SHGetSpecialFolderLocation

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathMatchSpecA

ole32

StringFromCLSID
CoTaskMemFree
CoUninitialize
CoInitializeEx
CoCreateInstance
StgOpenStorage
StgCreateDocfile
RevokeDragDrop

oleaut32

VariantInit
VariantChangeType
VariantClear

urlmon

CoInternetCombineUrl

msacm32

acmFormatEnumA
acmMetrics

imm32

ImmIsIME
ImmReleaseContext
ImmSetConversionStatus
ImmGetCompositionWindow
ImmGetConversionStatus
ImmGetContext

oleacc

CreateStdAccessibleObject
LresultFromObject

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

snmpapi

SnmpUtilIdsToA

Sections

.text
Size: 480KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6236d98075a86bbe65a45df5fec6b95

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

urlmon

msacm32

imm32

oleacc

setupapi

snmpapi

Sections

.text Size: 480KB - Virtual size: 480KB

.rdata Size: 117KB - Virtual size: 117KB

.data Size: 15KB - Virtual size: 31KB

.rsrc Size: 121KB - Virtual size: 121KB

.text
Size: 480KB - Virtual size: 480KB

.rdata
Size: 117KB - Virtual size: 117KB

.data
Size: 15KB - Virtual size: 31KB

.rsrc
Size: 121KB - Virtual size: 121KB