29f8d6102eeae3c9864ee958081ce7ef_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

29f8d6102eeae3c9864ee958081ce7ef_JaffaCakes118
Size

384KB
MD5

29f8d6102eeae3c9864ee958081ce7ef
SHA1

2b463d285559fdbe61c213ae0254c5ce0a54ef73
SHA256

3c002ac95b57e2a7597b4fda5b82a317bb5f60d66dbcb06b0b6d290e34306c6d
SHA512

5d55b23ccaad544605002202ff6ac16ed85aa8aaad929b4c72e938b9ca7f7dd969dbf340fb0afaaa9218bb966063c2e98961963f4ba670a427ef4f7f6c1796ac
SSDEEP

12288:R4/kOVG3MjYXrM08apXYT0zXAspwGD6pq2p:R4/XG3Mj6pIT0l2GD65

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29f8d6102eeae3c9864ee958081ce7ef_JaffaCakes118

Files

29f8d6102eeae3c9864ee958081ce7ef_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ba6512cb3811a85a716dbe76cb8032dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cfgmgr32

CM_Locate_DevNodeW
CM_Set_Class_Registry_PropertyW
CM_Add_ID_ExA
CM_Query_Remove_SubTree_Ex
CM_Get_Device_IDA
CM_Query_Arbitrator_Free_Data
CM_Add_IDA
CM_Add_Res_Des_Ex
CM_Enumerate_Enumerators_ExW
CM_Setup_DevNode
CM_Get_Device_ID_List_Size_ExA
CM_Set_DevNode_Registry_Property_ExW
CM_Get_DevNode_Status_Ex
CM_Locate_DevNodeA
CM_Invert_Range_List
CM_Query_Arbitrator_Free_Data_Ex
CM_Set_HW_Prof
CM_Set_HW_Prof_Flags_ExW
CM_Get_Device_ID_ListA
CM_Disable_DevNode_Ex
CM_Reenumerate_DevNode
CM_Set_Class_Registry_PropertyA
CM_Register_Device_Interface_ExW
CM_Get_Class_Key_NameW
CM_Get_Resource_Conflict_DetailsW
CM_Add_Empty_Log_Conf_Ex
CM_Get_Class_Registry_PropertyW
CM_Query_And_Remove_SubTree_ExW
CM_Get_Version_Ex
CM_Connect_MachineA

crtdll

wcscat
isleadbyte
vfwprintf
_winmajor_dll
_fdopen
_swab
sinh
ctime
_daylight_dll
setvbuf
_commit
pow
feof
_exit
_getcwd
wcslen
_tempnam
_nextafter
_ismbcl2
tan
_strninc
_cwait
ftell
_mbsnccnt
_CIatan2
fgetwc
_msize
_strtime
puts
_tzset
iswpunct
_strupr
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
_execle
_strncnt
_mbsdup
log
asin
wctomb
_fgetwchar
div
calloc
abort
_chgsign

uxtheme

GetThemeColor
GetThemeTextExtent
GetThemeSysFont
GetWindowTheme
IsThemePartDefined
IsThemeActive
GetThemeSysColor
GetThemeIntList
GetThemePropertyOrigin
GetThemeInt
GetThemeBool
GetThemeString
GetThemeEnumValue
GetThemeFilename
IsThemeDialogTextureEnabled
IsThemeBackgroundPartiallyTransparent
GetThemeBackgroundRegion
GetThemeSysColorBrush
DrawThemeBackground
GetThemeSysBool
GetThemeSysInt
EnableThemeDialogTexture
GetThemeBackgroundExtent
OpenThemeData
HitTestThemeBackground
GetThemeSysSize
DrawThemeText

kernel32

ReleaseActCtx
GetCurrentThread
TerminateThread
DeleteFileA
QueryPerformanceCounter
QueryDosDeviceW
SetEnvironmentVariableA
FindFirstFileA
LocalAlloc
AddAtomA
EraseTape
UnlockFileEx
WaitNamedPipeW
SetCalendarInfoA
Heap32First
GetEnvironmentStringsW
GetLongPathNameA
SetCommConfig
RtlCaptureStackBackTrace
LoadLibraryA
GetHandleContext
LZCopy
OpenProfileUserMapping
SetConsoleMaximumWindowSize
EnumDateFormatsExW
OpenEventA
LZDone
ReadConsoleInputExW
EnumUILanguagesW
GetModuleFileNameA
GetConsoleCommandHistoryLengthW
GetPrivateProfileStringA
OutputDebugStringW
UpdateResourceW
GetVolumePathNamesForVolumeNameA
GetCommConfig
AddLocalAlternateComputerNameA
RemoveVectoredExceptionHandler
VirtualAlloc
LocalHandle
ReplaceFileA

user32

GetClipboardFormatNameW
InvalidateRect
GetMenuDefaultItem
GetSysColorBrush
GetCursorPos
GetParent
ClientToScreen
DestroyIcon
GetLastInputInfo
SetMenuItemInfoA
DdeUninitialize
GetScrollInfo
AdjustWindowRect
LoadImageA
RegisterUserApiHook
DefMDIChildProcA
GetNextDlgGroupItem
RegisterClipboardFormatW
PostThreadMessageA
UpdateWindow
MapVirtualKeyW
GetAppCompatFlags2
GetSubMenu
CharToOemA
IsZoomed
DdeGetQualityOfService
GetWinStationInfo
UnionRect
GetThreadDesktop
SetWindowTextW
SetThreadDesktop
SoftModalMessageBox
DrawAnimatedRects
IMPQueryIMEA
SetFocus
DrawCaption
GetDCEx

dhcpsapi

DhcpRemoveOption
DhcpEnumSubnetClientsV4
DhcpDsClearHostServerEntries
DhcpServerSetConfigV4
DhcpDeleteMClientInfo
DhcpServerQueryDnsRegCredentials
DhcpEnumSubnetClients
DhcpModifyClass
DhcpSetOptionValues
DhcpGetThreadOptions
DhcpRemoveSubnetElementV5
DhcpCreateClientInfoV4
DhcpGetOptionInfoV5
DhcpCreateClientInfo
DhcpCreateSubnet
DhcpSetServerBindingInfo
DhcpSetOptionInfoV5
DhcpGetClientOptions
DhcpAddSubnetElementV5
DhcpServerQueryAttribute
DhcpSetOptionValueV5
DhcpGetMScopeInfo
DhcpSetSubnetInfo
DhcpAddSubnetElementV4
DhcpServerSetConfig
DhcpEnumSubnetElements
DhcpRemoveMScopeElement
DhcpSetOptionInfo
DhcpScanDatabase
DhcpSetMScopeInfo
DhcpSetOptionValue
DhcpServerGetConfigV4

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 531KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba6512cb3811a85a716dbe76cb8032dd

Headers

DLL Characteristics

File Characteristics

Imports

cfgmgr32

crtdll

uxtheme

kernel32

user32

dhcpsapi

Sections

.text Size: 144KB - Virtual size: 144KB

.rdata Size: 128KB - Virtual size: 128KB

.data Size: 1024B - Virtual size: 531KB

.rsrc Size: 109KB - Virtual size: 109KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 144KB - Virtual size: 144KB

.rdata
Size: 128KB - Virtual size: 128KB

.data
Size: 1024B - Virtual size: 531KB

.rsrc
Size: 109KB - Virtual size: 109KB

.reloc
Size: 1024B - Virtual size: 1024B