f09ceccbe10afbcf59c55c359117405d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f09ceccbe10afbcf59c55c359117405d_JaffaCakes118
Size

58KB
MD5

f09ceccbe10afbcf59c55c359117405d
SHA1

a731bb32639626192ecf6168caf31bf3d1d902eb
SHA256

148a1c5dff9ecd194a0e5fa50a371ee86b9cddf07d3e6c5fdcb3931495749767
SHA512

f426794d7c2aac6d61688a357bbaf87520bc3fe53b482f9e289549a6b9ada01c1f7bc9369f8a28d0864276fee14ca17a67f77866d66a1c5f8f034332582d4b9d
SSDEEP

1536:NAyuaGmTwupZiBHbIdTUDKBCN73x7w0GVzWK/QxaYzL:flEuXiBsyDO6K3sn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f09ceccbe10afbcf59c55c359117405d_JaffaCakes118

Files

f09ceccbe10afbcf59c55c359117405d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

35deccedff1a0fcbce53519fd6666266

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GdiConvertBitmap
GetNearestColor
PATHOBJ_bEnum
GetICMProfileW
DdEntry15
GetClipBox
SetPolyFillMode
ExtTextOutA
GdiGetPageCount
GdiCreateLocalEnhMetaFile
ExtCreateRegion
IntersectClipRect
SetLayoutWidth
DdEntry47
SetSystemPaletteUse
PolyPolygon
EngStrokeAndFillPath
PaintRgn
GetLayout
ResetDCA
DdEntry24
MoveToEx
GetTextAlign
GetOutlineTextMetricsA
GetEnhMetaFileBits
SetGraphicsMode
DeleteDC
CLIPOBJ_cEnumStart
GdiArtificialDecrementDriver
CreatePolyPolygonRgn
GdiPlayDCScript
FONTOBJ_pxoGetXform
GetObjectW
GetWinMetaFileBits
RemoveFontResourceA
GetCharWidth32W
EnumMetaFile
CheckColorsInGamut
FONTOBJ_pvTrueTypeFontFile
EngBitBlt
GetTextFaceAliasW
GetArcDirection
GdiEntry12
SetBkMode
XFORMOBJ_iGetXform
XFORMOBJ_bApplyXform
GdiGetCodePage
FONTOBJ_cGetAllGlyphHandles

kernel32

OpenThread
LoadModule
GetDiskFreeSpaceExW
IsValidLanguageGroup
SetConsoleMode
SetCalendarInfoA
MoveFileExA
FreeLibraryAndExitThread
HeapCreate
DebugActiveProcess
GetVolumeNameForVolumeMountPointA
ReadDirectoryChangesW
GlobalWire
GetPrivateProfileSectionNamesW
ReadFileScatter
GetTempPathW
OpenProfileUserMapping
ReadConsoleW
BeginUpdateResourceW
GetCalendarInfoW
DosPathToSessionPathW
GlobalAlloc
AssignProcessToJobObject
EnumSystemCodePagesA
PeekConsoleInputA
HeapFree
GetConsoleCommandHistoryA
GetUserGeoID
SetCurrentDirectoryA
GlobalFix
SetDefaultCommConfigA
SetFileShortNameA
GetOverlappedResult
CreateActCtxW
GetConsoleTitleA
InitAtomTable
EnumResourceNamesW
GetProcessVersion
EndUpdateResourceA
IsValidLocale
GetVolumeNameForVolumeMountPointW
OpenConsoleW
GetNumberFormatA
RemoveDirectoryW
VirtualAlloc
_llseek
HeapWalk
LoadLibraryA
FindNextFileW
AddLocalAlternateComputerNameA
FindFirstChangeNotificationA
SetConsoleCursorMode
CreateMutexA
CmdBatNotification
SetDefaultCommConfigW
PeekConsoleInputW

regapi

RegCdDeleteA
RegWdEnumerateA
RegCdEnumerateA
RegGetMachinePolicy
RegBuildNumberQuery
RegWdDeleteW
RegUserConfigSet
RegMergeUserConfigWithUserParameters
RegWinStationQueryA
RegWinStationQueryEx
RegUserConfigRename
RegFreeUtilityCommandList
RegPdQueryW
RegWdEnumerateW
RegWdCreateW
RegConsoleShadowQueryW
RegDefaultUserConfigQueryW
RegPdEnumerateA
RegWdQueryW
RegWinStationQueryNumValueW
RegPdDeleteW
RegSAMUserConfig
RegWinStationQueryDefaultSecurity
RegWinStationCreateA
RegQueryOEMId
RegIsTServer
RegPdDeleteA
RegWdDeleteA
RegWinStationAccessCheck

cdosys

DllUnregisterServer
DllRegisterServer
DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35deccedff1a0fcbce53519fd6666266

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

regapi

cdosys

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 14KB - Virtual size: 62KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 268B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 14KB - Virtual size: 62KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 268B