07154614893b9141b030c6382e669625_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

07154614893b9141b030c6382e669625_JaffaCakes118
Size

24KB
MD5

07154614893b9141b030c6382e669625
SHA1

75da41b688c0ee5a668a73b6571be4a98a6170c8
SHA256

cf9d4f2b83f386c940afad49c06292efde3709d847a288320111dff402ebacd1
SHA512

a9f3ec0e29b8e10fd8b5ca268638921f966f5a72b1e7327960d4fa632a4169094865141354aaa8d88c30cc32b9f78fb02ba16ce930bef6e39778612e816fe2ac
SSDEEP

768:hCU8Pb9BujZLu9t37eCx4xreSVDRv2+h41GV:h6PpyZLW374JdRvfi1GV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07154614893b9141b030c6382e669625_JaffaCakes118

Files

07154614893b9141b030c6382e669625_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5c122c363d3dc87d74e6ca99cadf32b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Module32NextW
ReleaseSemaphore
GetConsoleAliasW
VirtualAlloc
Process32FirstW
SetClientTimeZoneInformation
Sleep
GetConsoleCommandHistoryLengthA
CreateFileW
lstrcatW
SetLastConsoleEventActive
SetProcessAffinityMask
GetLastError
CreateDirectoryW
LocalFree
SetVolumeMountPointA
PeekNamedPipe
CopyFileW
TermsrvAppInstallMode
lstrcmpA
GetSystemTime
GetConsoleWindow
ReplaceFileW
HeapQueryInformation
MultiByteToWideChar
GetFirmwareEnvironmentVariableW
SetConsoleInputExeNameW
BuildCommDCBW
Module32FirstW
LZSeek
GetExitCodeThread
SetEnvironmentVariableA
VDMConsoleOperation
FindFirstVolumeW
GetVersion
GetShortPathNameW
ExitProcess
WaitForSingleObjectEx
ExpandEnvironmentStringsA
GetFileType
Beep
GetSystemDirectoryW
SetHandleContext
UnlockFile
AllocateUserPhysicalPages
CreateDirectoryExW
FatalAppExitW
DeviceIoControl
GetThreadPriorityBoost
WaitForMultipleObjectsEx
WaitForMultipleObjects

user32

ChildWindowFromPointEx
GetOpenClipboardWindow
SetFocus
EnumDesktopsA
SetMenuItemInfoW
EndDialog
LoadMenuIndirectA
User32InitializeImmEntryTable
IsIconic
SetCaretBlinkTime
WINNLSGetEnableStatus
FrameRect
AllowSetForegroundWindow
EnumPropsExA
RealGetWindowClassA
CharUpperBuffW
BlockInput
IsCharAlphaNumericW
RegisterDeviceNotificationW
OpenIcon
SendIMEMessageExW
SetWindowsHookW
GetDlgCtrlID
SetMenu
CheckDlgButton
RegisterLogonProcess
DdeNameService
EndPaint
GetPriorityClipboardFormat
UnregisterUserApiHook
GetMenuItemInfoW
GetDlgItemInt
InvertRect
PackDDElParam
CreateDialogIndirectParamAorW
InvalidateRgn
GetCapture
ModifyMenuW
SetRect
FindWindowExW
OpenDesktopW
PostThreadMessageW
WaitForInputIdle
IsServerSideWindow
SetWindowRgn
CharUpperW

shell32

SHCreateQueryCancelAutoPlayMoniker
SHFileOperationA
SHGetSettings
SHPathPrepareForWriteA
ShellHookProc
DllCanUnloadNow
SHPathPrepareForWriteW
SHQueryRecycleBinA
SHGetMalloc
SHQueryRecycleBinW
DragAcceptFiles
ExtractIconEx
SHOpenFolderAndSelectItems
StrCmpNIW
SHBrowseForFolderW
StrCmpNIA
SHCreateDirectoryExW
SheChangeDirA
StrNCmpW
ShellExecuteEx
SHGetFileInfoA
SheChangeDirExW
ExtractAssociatedIconExW
SHAppBarMessage
SHGetSpecialFolderPathA

msvcrt40

?setp@streambuf@@IAEXPAD0@Z
freopen
??8type_info@@QBEHABV0@@Z
strtok
??4exception@@QAEAAV0@ABV0@@Z
?sync@streambuf@@UAEHXZ
??0bad_typeid@@QAE@ABV0@@Z
??6ostream@@QAEAAV0@PBD@Z
?text@filebuf@@2HB
_setsystime
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
_mbclen
_wstrtime
_tzset
_ismbcspace
strcoll
_fpreset
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
_CIacos
_ismbckata
?precision@ios@@QBEHXZ
getenv
??5istream@@QAEAAV0@AAO@Z
?attach@ifstream@@QAEXH@Z
??0fstream@@QAE@ABV0@@Z
_adj_fdiv_m64
_statusfp
wcsspn
?setmode@ofstream@@QAEHH@Z
?x_maxbit@ios@@0JA
??1logic_error@@UAE@XZ
?seekp@ostream@@QAEAAV1@JW4seek_dir@ios@@@Z
ldexp
_mbsdec
_mbcjmstojis

expsrv

PutMemNewObj
rtcLog
__vbaVarVargNofree
__vbaVarNeg
rtcTrimVar
rtcRightTrimBstr
__vbaStrTextCmp
rtcCharValueBstr
__vbaUnkVar
__vbaStrI2
__vbaLateIdNamedCall
rtcSqr
rtcErrObj
VarPtr
rtcFormatNumber
__vbaStrToUnicode
rtcFixVar
rtcGetTimeBstr
__vbaCyFix
rtcFreeFile
__vbaForEachCollVar
__vbaObjSetAddref
__vbaForEachAry
rtcMidCharVar
__vbaR8ForNextCheck
__vbaNameFile
__vbaVargObj
GetMemStr
__vbaStrCat
__vbaFpCy
PutMemEvent
__vbaFileOpen
rtcIMEStatus
rtcAppActivate
__vbaRedim
__vbaLateIdNamedStAd
rtcAtn

msvcrt

_wsetlocale
sprintf
_wutime
__crtCompareStringW
_strtoui64
_cgetws
_commit
_wpgmptr
_mbsicoll
abs
pow
_purecall
_HUGE
_mbslen
?raw_name@type_info@@QBEPBDXZ
_fcvt
_vsnwprintf
__unDNameEx
??0bad_cast@@QAE@PBD@Z
_mbctoupper
_lock
strtoul
_wcsnset
_cgets
_fpieee_flt
__pioinfo
_wfdopen
_beginthread
_fileinfo
isleadbyte
_mbsrchr
fgetpos
_ismbbgraph
_mbstok
_acmdln
_CIlog
_wenviron
strcmp
is_wctype

ntdll

RtlUlongByteSwap
RtlxAnsiStringToUnicodeSize
ZwSetBootOptions
RtlSetIoCompletionCallback
RtlValidateProcessHeaps
RtlCreateTagHeap
ZwSetContextThread
bsearch
NtCreateMailslotFile
RtlQueryTagHeap
RtlEqualUnicodeString
ZwQuerySemaphore
RtlAppendAsciizToString
ZwClose
ZwReleaseMutant
ZwTerminateProcess
RtlGetLongestNtPathLength
ZwSetIntervalProfile
RtlGetUserInfoHeap
ZwReplaceKey
RtlNumberOfSetBits
NtDebugContinue
ZwRegisterThreadTerminatePort
RtlDuplicateUnicodeString
RtlWriteMemoryStream
RtlAddAuditAccessObjectAce
NtReplyWaitReplyPort
ZwSetBootEntryOrder
wcsspn
RtlCopySid
RtlExitUserThread
NtQueryPortInformationProcess
RtlSubtreeSuccessor
RtlEraseUnicodeString
RtlQueryProcessLockInformation

opengl32

glPixelMapusv
glTexCoord3s
glGetMapiv
glTranslated
glGetMapfv
glGetTexGenfv
glClipPlane
glIndexiv
glColor4us
glRasterPos3d
glRasterPos4dv
glListBase
glTexImage1D
glAreTexturesResident
glRasterPos2iv
glTexSubImage1D
glTexCoord4fv
glRecti
glRectiv
glEdgeFlagPointer
glFinish
glColorMaterial
glPolygonMode
glColor3usv
wglSetLayerPaletteEntries
glRectfv
glIndexfv

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5c122c363d3dc87d74e6ca99cadf32b2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

msvcrt40

expsrv

msvcrt

ntdll

opengl32

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 1KB - Virtual size: 3KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 1KB - Virtual size: 3KB