2f7d8654ed24dc7e0b29431ec41abbf9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f7d8654ed24dc7e0b29431ec41abbf9_JaffaCakes118
Size

444KB
MD5

2f7d8654ed24dc7e0b29431ec41abbf9
SHA1

5d87ef3c00ccce0885158a1029eb751b1f615b2f
SHA256

68264c44774c650ce96e87807781ed0dcf25a1d50cc90e08731fde466b25c791
SHA512

8d7d1321cea04db8fb8ec08f85ed9d294a5f597284099e429be44c353fadacca9780779f2f7e570b4a06877166a2b2aabb878637af7122d2d02704ede455812f
SSDEEP

12288:Ng97xWb9arM4DTETZKXFy16ti+sY0IBHyFw+:xMrMwoKVyM7g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f7d8654ed24dc7e0b29431ec41abbf9_JaffaCakes118

Files

2f7d8654ed24dc7e0b29431ec41abbf9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

82849f0a4ebf1eb30b9a236c2b8117eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\noble\a\Release\mounts.pdb

Imports

kernel32

GetStartupInfoA
RtlUnwind
HeapSize
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetACP
IsValidCodePage
SetHandleCount
GetFileType
SetStdHandle
GetConsoleCP
GetConsoleMode
Sleep
FreeEnvironmentStringsA
GetCommandLineA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
VirtualQuery
VirtualAlloc
HeapReAlloc
IsDebuggerPresent
SetCommMask
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ExitProcess
SetErrorMode
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
WritePrivateProfileStringA
GetPrivateProfileIntA
InterlockedDecrement
GetModuleFileNameW
GetTickCount
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GlobalAlloc
GlobalFree
GetCurrentProcessId
GlobalLock
GlobalUnlock
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
LoadLibraryA
lstrcmpW
GetVersionExA
FindResourceA
CompareStringA
lstrlenA
RaiseException
GetVersion
InterlockedExchange
ClearCommError
SetLastError
SetCommTimeouts
WriteProfileStringA
GetProfileStringA
WideCharToMultiByte
lstrlenW
lstrcpyA
EnumResourceTypesA
lstrcatA
lstrcpyW
FreeResource
UpdateResourceA
LockResource
LoadLibraryW
MulDiv
SizeofResource
GetModuleHandleA
LoadResource
GetProcAddress
FindResourceExA
CloseHandle
GetCurrentThread
GetLastError
GetModuleFileNameA
CreateFileA
MultiByteToWideChar
LocalAlloc
ConnectNamedPipe
CreateNamedPipeA
HeapFree
CreateEventA
GetAtomNameW
GetProcessHeap
WaitForSingleObject
WaitCommEvent
HeapAlloc
GetEnvironmentStrings

user32

TranslateMessage
ValidateRect
CreateDialogIndirectParamA
GetNextDlgTabItem
DestroyMenu
GetActiveWindow
GrayStringA
DrawTextExA
TabbedTextOutA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
GetKeyState
IsWindowVisible
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
CallWindowProcA
IsIconic
GetWindowPlacement
GetWindow
SetMenu
BeginDeferWindowPos
PostThreadMessageA
GetUpdateRect
GetParent
AppendMenuA
MessageBoxA
SetWindowTextA
SetActiveWindow
GetSysColorBrush
ClientToScreen
SetRect
InsertMenuA
GetSysColor
CreateMenu
GetAsyncKeyState
OffsetRect
CreateWindowExA
GetMenu
SetWindowPos
CheckMenuItem
SystemParametersInfoA
SetWindowTextW
InflateRect
SetCapture
GetWindowRect
GetSystemMenu
CreateWindowExW
IsDlgButtonChecked
DestroyWindow
SetCursor
GetWindowDC
SendMessageW
SetWindowLongW
IsWindowEnabled
GetWindowTextW
GetFocus
GetDesktopWindow
GetWindowTextLengthW
UnregisterClassA
ReleaseDC
GetSystemMetrics
GetDC
EndDialog
GetClientRect
InvalidateRect
MoveWindow
ScreenToClient
RegisterClipboardFormatA
FillRect
GetWindowInfo
GetCursorPos
EndPaint
IsWindow
DefWindowProcA
DefMDIChildProcA
PostQuitMessage
DrawTextA
MapWindowPoints
RedrawWindow
LoadStringA
GetWindowThreadProcessId
BeginPaint
InvalidateRgn
SetFocus
ExitWindowsEx
GetMessageA
LoadAcceleratorsA
SetForegroundWindow
SetDlgItemTextA
HideCaret
ShowWindow
wsprintfA
IsClipboardFormatAvailable
EnableMenuItem
FindWindowA
SetWindowLongA
CharUpperBuffA
PostMessageA
GetWindowLongA
GetPropW
CharLowerA
ReleaseCapture
GetDlgItem
BringWindowToTop
CharNextA
EndDeferWindowPos
GetForegroundWindow
CharPrevA
DeferWindowPos
UpdateWindow
SendMessageA
LoadCursorA
EnableWindow

gdi32

SetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
RectVisible
PtVisible
StartPage
RestoreDC
SaveDC
GetObjectA
GetClipBox
CreatePatternBrush
CreateBitmap
CreateFontIndirectW
ExcludeClipRect
DeleteDC
ExtTextOutA
CreateRectRgnIndirect
SetBkColor
BitBlt
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
CreateDIBSection
Rectangle
GetStockObject
SetDCPenColor
SelectObject
CreateFontIndirectA
SelectClipRgn
DeleteObject
CreateSolidBrush
LineTo
MoveToEx
StretchBlt
SetICMProfileA
SetICMMode
SetDeviceGammaRamp
SetTextColor
CreateDCA
GetDeviceGammaRamp
SetBkMode
EndPage
GetDeviceCaps
ExtTextOutW
GetTextExtentExPointW
PatBlt
GetTextMetricsW
SetBrushOrgEx

comdlg32

ChooseFontW
FindTextW
GetOpenFileNameA
PrintDlgW

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyExA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ImpersonateNamedPipeClient
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
LsaFreeMemory
LsaSetInformationPolicy
LsaQueryInformationPolicy
LsaOpenPolicy
CreateProcessAsUserA
GetUserNameA
MapGenericMask
DuplicateTokenEx
OpenThreadToken

shell32

ShellExecuteA
SHGetFileInfoW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA
PathFindFileNameA
StrChrA

ole32

CoUnmarshalInterface
CreateStreamOnHGlobal
CoInitialize
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
CoGetInterfaceAndReleaseStream
OleInitialize

oleaut32

VariantClear
VariantChangeType
VariantInit

netapi32

NetAuditRead
NetApiBufferFree
NetUserEnum
NetWkstaUserGetInfo
NetApiBufferSize

mpr

WNetAddConnection2A

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

avifil32

AVIFileCreateStreamA

msvfw32

GetOpenFileNamePreviewA

msacm32

acmFilterChooseA
acmDriverDetailsA

opengl32

glFlush
glScalef
glLoadIdentity
glColor3f
glClear

uxtheme

GetThemeInt

mscms

InstallColorProfileA
GetColorDirectoryA
CreateColorTransformW
TranslateColors
AssociateColorProfileWithDeviceA

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82849f0a4ebf1eb30b9a236c2b8117eb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

netapi32

mpr

avicap32

avifil32

msvfw32

msacm32

opengl32

uxtheme

mscms

Sections

.text Size: 176KB - Virtual size: 173KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 160KB - Virtual size: 157KB

.reloc Size: 40KB - Virtual size: 38KB

.text
Size: 176KB - Virtual size: 173KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 160KB - Virtual size: 157KB

.reloc
Size: 40KB - Virtual size: 38KB