b52f1491413bfe4266dc82c1bdc26c9f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b52f1491413bfe4266dc82c1bdc26c9f_JaffaCakes118
Size

376KB
MD5

b52f1491413bfe4266dc82c1bdc26c9f
SHA1

796bde7936af6f1931f73985ece50f5a36ddb5bf
SHA256

5b07d6f3943a2706065368e02669fe2c47ff7ef30aa5c706cea25143a8de283a
SHA512

c37fe1dc743a3e70049e1c25f5dab2089b005a2317f75cfec3090cda615607f8943ee47ced6f43d43e0889de61fcf23e9cf71e9b612831a9e9899d26f5509948
SSDEEP

6144:kSCn7kTlIpkmKhEmnF1IgKqkAmIaj0q5WedJcvKjoGm1nq54UkUeBlW29Hcg8PAx:5tWkmPWWgdLaYaWeT3UGGK47UMrHcnM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b52f1491413bfe4266dc82c1bdc26c9f_JaffaCakes118

Files

b52f1491413bfe4266dc82c1bdc26c9f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d9428c64d19e6468971f8f524bfa2e5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EnumFontFamiliesExW
StartDocW
CreatePen
ExtFloodFill
SetPixelFormat
CloseEnhMetaFile
CreateFontIndirectW
OffsetClipRgn
EqualRgn
CreateSolidBrush
SetColorAdjustment
CreateRoundRectRgn
PolyBezier
GetWinMetaFileBits
RealizePalette
GetClipBox
SetPixelV
GetObjectW
GetTextCharsetInfo
ResizePalette
GetROP2
PolyPolyline
EndDoc
GetBrushOrgEx
GetBitmapBits
GetGlyphOutlineA
GetCharWidthA
GetTextMetricsA
StartDocA
EnumMetaFile
CreateDIBSection
CreateDCA
SaveDC
ExtCreateRegion
UnrealizeObject
GetDIBColorTable
TextOutA
ScaleViewportExtEx
EndPage
MoveToEx
SetBkColor
RectInRegion
Ellipse
PatBlt
GetTextExtentPoint32W
GetEnhMetaFileBits
CreateFontA
PlayEnhMetaFile
ResetDCW
BeginPath
SetROP2
ExtSelectClipRgn
GetWorldTransform
GetBkMode
EnumFontFamiliesA
GetStockObject
GetDeviceCaps
GetTextColor

advapi32

RegOpenKeyExW
CreateProcessAsUserA
GetServiceKeyNameA
SetServiceObjectSecurity
ReportEventW
InitializeAcl
CloseServiceHandle
EnumDependentServicesA
DeleteService
InitializeSid
MakeAbsoluteSD
GetServiceDisplayNameW
LsaAddAccountRights
RegCloseKey
EncryptFileW
ChangeServiceConfigW
RegSetValueA
AllocateAndInitializeSid
StartServiceCtrlDispatcherA
CopySid
OpenThreadToken
GetSidSubAuthorityCount
OpenEventLogW
SetFileSecurityA
RegSetValueExW
RegQueryValueA
SetSecurityDescriptorGroup
InitializeSecurityDescriptor
ReadEventLogW
GetFileSecurityW
RegCreateKeyExA
EnumServicesStatusA
GetSidSubAuthority
StartServiceA
RegConnectRegistryA
GetUserNameA
GetLengthSid
SetServiceStatus
RegDeleteKeyA
LookupPrivilegeValueW
QueryServiceConfigW
RegCreateKeyExW
RegQueryInfoKeyW
GetKernelObjectSecurity
LsaOpenPolicy
LookupAccountNameW
GetAce
RegEnumKeyW
RegSetValueExA

msvcrt

__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
_acmdln
__p__fmode
__set_app_type
_except_handler3
_controlfp
abs
_i64toa
_dup
_onexit
__dllonexit
__p__commode
_mbctohira
_setmbcp

user32

DrawTextW
LoadAcceleratorsA
GetPropA
CharUpperA
WindowFromDC
CharLowerBuffA
GetSysColorBrush
DrawAnimatedRects
KillTimer
DestroyCursor
SetForegroundWindow
LoadBitmapW
FrameRect
CharNextA
CheckMenuItem
SendInput
WinHelpA
DrawFrameControl
DdeFreeStringHandle
CharPrevW
ShowOwnedPopups
IsChild
LoadIconA
DragDetect
SetWindowRgn
SetRect
mouse_event
GetDC
GetDlgCtrlID
ChangeClipboardChain
IsIconic
RegisterClipboardFormatW
ScrollWindowEx
CallMsgFilterA
SetCapture
DdeConnectList
InSendMessage
PostThreadMessageA
CharLowerA
GetKeyState
ToAsciiEx
SetCaretPos
GetWindowModuleFileNameA
DrawStateA
MapVirtualKeyExW
GetScrollPos
GetWindowTextLengthA
IsMenu
CopyImage
AttachThreadInput
AppendMenuW
LoadCursorA
PeekMessageW
MapVirtualKeyExA
GetCursor
GetKeyboardState
CharUpperBuffW
SetDlgItemInt
WindowFromPoint
GetKeyboardLayoutList
CopyAcceleratorTableW
CreateMenu
GetCaretPos
LoadMenuW
GetMenuState
SetCaretBlinkTime
GetFocus
CreateDialogIndirectParamA
UnpackDDElParam
GetParent
SetFocus
GetSystemMetrics
DdeAccessData
CreateDialogIndirectParamW
GetWindowLongA
GetMessagePos
DdeClientTransaction
LoadKeyboardLayoutW
DrawIcon
CloseWindow
keybd_event
EnumDisplaySettingsW
PostThreadMessageW
DeferWindowPos
GetClassInfoA
DefWindowProcA
GetProcessWindowStation
GetWindowWord
SetScrollPos
CreatePopupMenu
GetClassInfoExW
CreateCursor
DrawTextA

mpr

WNetCancelConnectionA
WNetAddConnectionA
WNetGetConnectionA
WNetAddConnection2A
MultinetGetConnectionPerformanceA
WNetCancelConnection2A

kernel32

GetProfileIntA
GetStartupInfoA
GetModuleHandleA

rasapi32

RasEnumConnectionsA

mfc42

ord4424
ord1061
ord4080
ord3079
ord3825
ord3831
ord3830
ord3401
ord2976
ord3081
ord2985
ord3262
ord1022
ord4465
ord3259
ord1021
ord2982
ord3953
ord3738
ord1043
ord5307
ord4698
ord1036
ord2725
ord5302
ord1168
ord1064
ord3346
ord2396
ord1054
ord1089
ord3922
ord5731
ord1056
ord2554
ord4486
ord6375
ord815
ord561
ord5714
ord1576

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9428c64d19e6468971f8f524bfa2e5d

Headers

File Characteristics

Imports

gdi32

advapi32

msvcrt

user32

mpr

kernel32

rasapi32

mfc42

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 220KB - Virtual size: 219KB

.data Size: 20KB - Virtual size: 1.9MB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 220KB - Virtual size: 219KB

.data
Size: 20KB - Virtual size: 1.9MB

.rsrc
Size: 12KB - Virtual size: 9KB