02fae1b6a4d47cfc386b0267fb93c3c3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

02fae1b6a4d47cfc386b0267fb93c3c3_JaffaCakes118
Size

1.2MB
MD5

02fae1b6a4d47cfc386b0267fb93c3c3
SHA1

6858061de8c3f0558be3b6f36e73be07b01007fb
SHA256

0d382123819c1e6ba120584adaa1611135a04db677e3be880e91f422fb9c663f
SHA512

ded716fe688f630bfc8f0983f53569b20b6534b66a65db9b9d97434012a643ed63c8b313818528d661ec3d1eb87e13d711f64181a24cad0640f81979a8efe634
SSDEEP

12288:PCG/qboPqVi2AqGj7k9Rey+Nt7BOAth5eQX3S:NCbrK57FtzeQXi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02fae1b6a4d47cfc386b0267fb93c3c3_JaffaCakes118

Files

02fae1b6a4d47cfc386b0267fb93c3c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7f1beca1a762dd98fd95baa5aca2885d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetVersion
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
GetModuleHandleA
GetLastError
FatalAppExitA
SetConsoleIcon
GetStdHandle
VerLanguageNameA
VerLanguageNameW
SetConsoleTitleA
FindFirstFileA
WritePrivateProfileStructW
SetComPlusPackageInstallStatus
GetConsoleAliasA

user32

GetWindowThreadProcessId
GetCaretBlinkTime
DragObject
OpenDesktopA
CheckMenuRadioItem
GetOpenClipboardWindow
LookupIconIdFromDirectory
ValidateRect
CreateIcon
ReasonCodeNeedsBugID
DdeSetQualityOfService
IsCharLowerA
IMPGetIMEA
FindWindowExW

comctl32

DPA_Create
DPA_EnumCallback
ImageList_DragMove
DPA_SetPtr
CreateMappedBitmap
CreatePropertySheetPageW
Str_SetPtrW
_TrackMouseEvent
ImageList_DragLeave
CreateMRUListW
DPA_DeletePtr
ImageList_Read
CreateStatusWindowA
DPA_Destroy
DPA_InsertPtr
DSA_DestroyCallback
ImageList_GetDragImage

imagehlp

ImageGetDigestStream
SymEnumerateSymbolsW
ImagehlpApiVersionEx
FindFileInPath
SymGetSymFromName
UnDecorateSymbolName
SymUnloadModule64
FindExecutableImage

gdiplus

GdipGetAdjustableArrowCapFillState
GdipAddPathArcI
GdipBeginContainer2
GdipCreateBitmapFromResource
GdipSaveGraphics
GdipIsOutlineVisiblePathPoint
GdipTransformMatrixPointsI
GdipDrawRectangle
GdipTranslateRegionI
GdipGetAllPropertyItems
GdipCreateRegionHrgn
GdipCloneMatrix
GdipCloneImage
GdipBitmapLockBits
GdipFillPolygon2

winmm

mciSendStringA
mmioFlush
wid32Message
midiInGetID
midiOutGetVolume
waveInGetPosition
mmioClose
waveInPrepareHeader
waveOutGetDevCapsW
auxGetVolume
mci32Message
tid32Message
mmioSendMessage
timeGetSystemTime
GetDriverModuleHandle

version

VerFindFileA
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerQueryValueW
VerFindFileW
VerInstallFileW

oleaut32

VarCyCmp
VarI1FromBool
VarFormatNumber
CreateTypeLib
VarI4FromUI8
SafeArrayAllocDescriptor
VarDecAbs
VarUI1FromR4
VarIdiv
VarCyFromI2
VarCmp
VarUI4FromI8
VarDateFromI1
VarNeg
VarI2FromBool
VarUI4FromDisp

gdi32

GetEnhMetaFileA
DdEntry3
EngFindResource
PATHOBJ_vEnumStartClipLines
CombineTransform
StartPage
PolyBezierTo
BitBlt
GdiGetSpoolFileHandle
PolyTextOutW
OffsetViewportOrgEx
GetCharABCWidthsW
RemoveFontResourceExA
GetEUDCTimeStampExW
GetWorldTransform
DdEntry47

shell32

SHUpdateImageA
DoEnvironmentSubstA
SHInvokePrinterCommandW
SheSetCurDrive
StrStrA
RestartDialog
SHSimpleIDListFromPath
ILSaveToStream
SHBrowseForFolderW
ShellExec_RunDLL
SHAlloc
DragFinish
StrRStrIA
DragQueryPoint
FindExecutableA
OpenRegStream
CDefFolderMenu_Create2
SHBrowseForFolderA
CommandLineToArgvW
SHSetLocalizedName
SHBindToParent

ole32

OleMetafilePictFromIconAndLabel
OleConvertIStorageToOLESTREAMEx
GetDocumentBitStg
OleCreateLink
DllGetClassObject
WriteFmtUserTypeStg
HMETAFILEPICT_UserUnmarshal
OleSetAutoConvert
CLSIDFromOle1Class

winspool.drv

DeviceCapabilitiesW
PerfOpen
StartDocPrinterW
FreePrinterNotifyInfo
AdvancedDocumentPropertiesW
PlayGdiScriptOnPrinterIC
GetPrinterDriverDirectoryW
ScheduleJob
GetFormW
DeletePrintProvidorA
AddJobW
OpenPrinterW
GetSpoolFileHandle
DeletePrinterKeyA
FindClosePrinterChangeNotification

comdlg32

GetSaveFileNameA
PrintDlgA
CommDlgExtendedError
LoadAlterBitmap
ReplaceTextA
Ssync_ANSI_UNICODE_Struct_For_WOW
GetFileTitleA
PrintDlgW
ChooseColorW
GetSaveFileNameW
PrintDlgExW
ChooseFontA
FindTextW
PageSetupDlgA

oleacc

AccessibleObjectFromPoint
AccessibleObjectFromWindow
DllCanUnloadNow
GetStateTextW
LIBID_Accessibility
GetStateTextA
LresultFromObject
IID_IAccessibleHandler
GetRoleTextW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f1beca1a762dd98fd95baa5aca2885d

Headers

File Characteristics

Imports

kernel32

user32

comctl32

imagehlp

gdiplus

winmm

version

oleaut32

gdi32

shell32

ole32

winspool.drv

comdlg32

oleacc

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.data Size: 41KB - Virtual size: 41KB

.rdata Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 428B

.text
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 41KB - Virtual size: 41KB

.rdata
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 428B