0daa6f0da08af74037771e366e2f6bcd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0daa6f0da08af74037771e366e2f6bcd_JaffaCakes118
Size

848KB
MD5

0daa6f0da08af74037771e366e2f6bcd
SHA1

15cbc55f284096d4c7c7e9f3f9c306741e101873
SHA256

c31abc55417822ed8d47ffe93d14eb319a8dbef55cdf4190a7727637c2d96e34
SHA512

26116e29248ed8ee6a5e9b0d9e78836fc8c4bdbb2a3f747edaf713fa482462d64325f930c4f75c827572110a12b2b0feb96d8cc8cd405543af3f6aa48fa8802f
SSDEEP

24576:sWWyn5ewpLMH3+T9WLo1YQQQf6VlsDbNGmzAMsa34jzr:cRwpC3+T9WLoWx2bNGmzAMsnjzr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0daa6f0da08af74037771e366e2f6bcd_JaffaCakes118

Files

0daa6f0da08af74037771e366e2f6bcd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c013c7d788a22b9cb1fb9b340aad8e43

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddLocalAlternateComputerNameA
FindNextFileA
VerSetConditionMask
GetTapeStatus
GetStringTypeA
GetLocaleInfoW
LeaveCriticalSection
GetConsoleCursorInfo
SetEnvironmentVariableW
SetCalendarInfoW
GetStartupInfoA
SearchPathW
UnlockFileEx
lstrcpyn
EnterCriticalSection
DefineDosDeviceW
LoadLibraryA
PrepareTape
GetDriveTypeW
VirtualFree
ExitProcess
OpenConsoleW
GetNumberOfConsoleInputEvents
SetHandleContext
SetFileAttributesA
ConvertThreadToFiber
DeleteAtom
DeleteCriticalSection
UnlockFile
RegisterWowExec
GetConsoleMode
EnumSystemLanguageGroupsW
AddAtomA
ConnectNamedPipe
VirtualAlloc
SearchPathA
FindActCtxSectionGuid
CancelIo
ExpungeConsoleCommandHistoryW
SetErrorMode
CreateEventW
GetFileAttributesExA
CreateHardLinkA
ExpandEnvironmentStringsW
WriteProfileSectionA
SetStdHandle
SwitchToThread
GetTempPathA

msvcp60

?_Init@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXPAPAG0PAH001@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z
?ignore@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@HH@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@ABV01@@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDH@Z
?quiet_NaN@?$numeric_limits@F@std@@SAFXZ
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QAEXF@Z
?pbackfail@?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@MAEHH@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
_Mbrtowc
?open@?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAEXPBDH@Z
?close@?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAEXXZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?sync@?$basic_filebuf@GU?$char_traits@G@std@@@std@@MAEHXZ
??9std@@YA_NABV?$complex@O@0@ABO@Z
??0_Winit@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??1?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@UAE@XZ
?_Sinh@?$_Ctr@M@std@@SAMMM@Z
?find_last_not_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
??_Fbad_cast@std@@QAEXXZ
??Ostd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??4logic_error@std@@QAEAAV01@ABV01@@Z
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??Kstd@@YA?AV?$complex@O@0@ABV10@ABO@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
??4id@locale@std@@QAEAAV012@ABV012@@Z
??_F_Locinfo@std@@QAEXXZ
?narrow@?$ctype@D@std@@QBEPBDPBD0DPAD@Z
?denorm_min@?$numeric_limits@J@std@@SAJXZ
??Bios_base@std@@QBEPAXXZ
?empty@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE_NXZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??_7ctype_base@std@@6B@
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IABV12@@Z
??Dstd@@YA?AV?$complex@N@0@ABNABV10@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
?do_widen@?$ctype@G@std@@MBEPBDPBD0PAG@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?denorm_min@?$numeric_limits@G@std@@SAGXZ

msacm32

acmDriverMessage
acmFormatTagDetailsW
acmFilterChooseA
acmDriverRemove
acmFilterTagDetailsW
acmFilterChooseW
acmStreamSize
acmMetrics
acmFormatChooseA
acmDriverDetailsW
acmStreamOpen
acmStreamUnprepareHeader
acmDriverAddA
acmFormatEnumA
acmDriverClose
acmFilterTagEnumW
acmMessage32
acmStreamClose
acmFormatChooseW
acmFormatSuggest
acmFormatTagEnumA
acmDriverAddW
acmFilterTagDetailsA
acmDriverID
acmFormatEnumW
acmFormatTagEnumW
acmDriverPriority
acmDriverOpen

msls31

LsQueryCpPpointSubline
LssbGetObjDimSubline
LsdnFinishRegularAddAdvancePen
LsFinishCurrentSubline
LsdnQueryPenNode
LsdnFinishByPen
LsdnSkipCurTab
LsTruncateSubline
LsdnFinishDeleteAll
LsdnResolvePrevTab
LsdnGetFormatDepth
LsCreateSubline
LsEnumLine
LsQueryPointPcpSubline
LsAppendRunToCurrentSubline
LsModifyLineHeight
LsGetReverseLsimethods
LsdnResetObjDim
LsPointUV2FromPointUV1
LsFindPrevBreakSubline
LsFetchAppendToCurrentSubline
LsdnResetPenNode
LsGetLineDur
LsResetRMInCurrentSubline
LsSetBreaking
LsDisplaySubline
LsDestroyLine
LsdnFinishDelete
LsdnFinishByOneChar
LsSetModWidthPairs
LsSetBreakSubline
LsSetDoc
LsLwMultDivR
LssbGetNumberDnodesInSubline

user32

FindWindowExW
EmptyClipboard
ExitWindowsEx
RegisterRawInputDevices
LoadMenuA
GetKeyboardLayout
UnlockWindowStation
GetWindow
RegisterDeviceNotificationA
GetDoubleClickTime
GetMenuItemInfoA
MessageBoxExW
EnumDesktopsA
GetClassNameW
GetClipboardViewer
UpdateLayeredWindow
CreateWindowExW
GetOpenClipboardWindow
AnyPopup
IsCharAlphaNumericA
ChangeDisplaySettingsA
IsWindowVisible
SetUserObjectSecurity
DispatchMessageW
TranslateAcceleratorW
PtInRect
MapVirtualKeyExA
SetKeyboardState
PostMessageA
DrawFrame

msvcirt

??_7ifstream@@6B@
??4ifstream@@QAEAAV0@ABV0@@Z
??0strstreambuf@@QAE@XZ
?width@ios@@QBEHXZ
??0streambuf@@IAE@XZ
??0ifstream@@QAE@PBDHH@Z
??0ostream@@IAE@ABV0@@Z
?str@strstream@@QAEPADXZ
??4stdiostream@@QAEAAV0@AAV0@@Z
__dummy_export
??_Dostream@@QAEXXZ
??1fstream@@UAE@XZ
?sync@filebuf@@UAEHXZ
?fd@ofstream@@QBEHXZ
??_Gstdiostream@@UAEPAXI@Z
?egptr@streambuf@@IBEPADXZ
?blen@streambuf@@IBEHXZ
?osfx@ostream@@QAEXXZ
??Bios@@QBEPAXXZ
?unlock@streambuf@@QAEXXZ
?open@fstream@@QAEXPBDHH@Z
??_Gstrstreambuf@@UAEPAXI@Z
??_Difstream@@QAEXXZ
??0strstream@@QAE@XZ
??5istream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z
??4logic_error@@QAEAAV0@ABV0@@Z

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 572KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c013c7d788a22b9cb1fb9b340aad8e43

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp60

msacm32

msls31

user32

msvcirt

Sections

.text Size: 51KB - Virtual size: 50KB

.rdata Size: 221KB - Virtual size: 220KB

.data Size: 572KB - Virtual size: 2.0MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 51KB - Virtual size: 50KB

.rdata
Size: 221KB - Virtual size: 220KB

.data
Size: 572KB - Virtual size: 2.0MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB