2e3bac3bdfb0215c66c62bab9b765b89_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2e3bac3bdfb0215c66c62bab9b765b89_JaffaCakes118
Size

173KB
MD5

2e3bac3bdfb0215c66c62bab9b765b89
SHA1

7f4c3d06c23789191885d5d5c5f93f50f92f9cbb
SHA256

322d0cf1f415f124bccf0fedb238bc6cbbaf3332965b533b9d7bb95650407e4b
SHA512

86377cb8e4d391287b82638941d6ccdf9bb8d34f9e00d984c0cac913a9cb90a14f684deee9a719287e8f9caf517a284acb27fcc05900fd8aef5ffd1200850f9c
SSDEEP

3072:NQoJbAl63Bsxd4lo0j3ARWkIU8AfGEDGifSjaLMbdau:NeQBsH4lFj3ARzdfS2gbd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e3bac3bdfb0215c66c62bab9b765b89_JaffaCakes118

Files

2e3bac3bdfb0215c66c62bab9b765b89_JaffaCakes118
.exe windows:3 windows x86 arch:x86

dc7651d4a0287de269b89236830124ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExpandedNameW
CreateEventW
CreateDirectoryW
VirtualAlloc
GetOEMCP
SetCurrentDirectoryA
InitializeCriticalSection
IsDebuggerPresent
FreeResource
DeleteAtom
GlobalGetAtomNameW
OpenWaitableTimerW
GlobalAlloc
GetTickCount
SetThreadPriority
lstrcpyn
TlsAlloc
WaitForSingleObject
OpenMutexA
GetDiskFreeSpaceA
GetFileType
GetUserDefaultLCID
CreateSemaphoreW
LoadLibraryW
ExitProcess
EnumCalendarInfoA
GetVersion
OpenSemaphoreW
GetCurrentDirectoryA
GetShortPathNameW
GetFullPathNameW
GetFileAttributesW
GetModuleHandleW
GetEnvironmentVariableA
FileTimeToDosDateTime

user32

DialogBoxIndirectParamW
WaitMessage
CharUpperA
EnumDesktopsA
DefFrameProcA
UnregisterClassW
CharUpperW
FrameRect
EnumDesktopsW
GetMenuStringA
DrawTextA
DestroyCursor
GetMenuItemInfoW
CreatePopupMenu
PostQuitMessage
DestroyMenu
GetParent
CascadeWindows
DefDlgProcW
LoadCursorW
SetCapture
SetTimer
MessageBoxW
GetClientRect
CharLowerA
GetMessageW
OffsetRect
SetWindowRgn
RegisterClassA
GetMessageA
GetDCEx
DestroyWindow
GetKeyboardType
EnableMenuItem
GetWindowLongW
CopyImage
CheckMenuItem
CreateDesktopW
CharNextW
GetTopWindow
GetActiveWindow

gdi32

SetBitmapBits
GetBoundsRect
PtVisible
GetCurrentObject
ResizePalette
GetWorldTransform
UpdateColors
GetOutlineTextMetricsW
GetTextFaceW
StartFormPage
GetMetaFileA
CreateEnhMetaFileW
PolyPolygon
SetArcDirection
CreateHatchBrush
GetGlyphIndicesW
CreateBitmapIndirect
PathToRegion
CreateDIBPatternBrush
SetICMProfileW
EndPage
SetICMProfileA
GetCharWidthI
PatBlt
GetBkColor
CreateMetaFileW

advapi32

RegDeleteValueW
RegFlushKey
RegEnumKeyExA
RegReplaceKeyW
RegDeleteKeyA
RegQueryValueExW
RegSetValueA
RegEnumKeyExW
RegCreateKeyA
RegQueryValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegQueryMultipleValuesA
RegCreateKeyExW
RegSaveKeyW
GetTrusteeFormW
RegReplaceKeyA
RegEnumValueW
RegCreateKeyExA

shlwapi

PathIsUNCA

comctl32

ImageList_GetIconSize
ImageList_LoadImageW
DestroyPropertySheetPage
InitCommonControlsEx

version

VerQueryValueA
VerFindFileW
VerInstallFileW

winmm

waveOutGetPitch
mixerGetLineControlsW
mmioRenameW
timeSetEvent
mixerGetNumDevs
mciSendStringW
mciGetDeviceIDFromElementIDA
mciSendCommandA
mciSendStringA
midiConnect
sndPlaySoundA
joySetThreshold

inetcomm

MimeOleSMimeCapAddCert
MimeEditCreateMimeDocument
MimeOleInetDateToFileTime
MimeOleSMimeCapAddSMimeCap
MimeOleSetCompatMode
MimeOleSMimeCapGetEncAlg
MimeOleGetBodyPropW

oledlg

OleUIPasteSpecialA
OleUIUpdateLinksW
OleUIObjectPropertiesW
OleUIBusyW
OleUIUpdateLinksA
OleUIPromptUserW
OleUIChangeSourceW
OleUIChangeIconA
OleUIAddVerbMenuW
OleUIInsertObjectW

sqlunirl

_LookupAccountSid_@28
_GetWindowsDirectory_@8
_MoveFileEx_@12
_QueryServiceConfig_@16
_RegisterClassEx_@4
_IsDialogMessage@8
_SetCurrentDirectory_@4
_PrivilegedServiceAuditAlarm_@20
_GetToolsFilePath@16
_GetKeyboardLayoutName_@4
_MapVirtualKeyEx_@12

crypt32

CertCreateCertificateChainEngine
CertOIDToAlgId
CryptSIPRemoveSignedDataMsg
PFXExportCertStore
CertFindAttribute
CryptEncodeObject
CertAddEncodedCertificateToSystemStoreW
CertVerifyCRLRevocation
CryptUnregisterOIDFunction
CryptImportPKCS8

Sections

.lLmoZ
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UfsuGZ
Size: 3KB - Virtual size: 46KB

IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BYQcj
Size: 82KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.QQKpq
Size: 3KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc7651d4a0287de269b89236830124ee

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

comctl32

version

winmm

inetcomm

oledlg

sqlunirl

crypt32

Sections

.lLmoZ Size: 18KB - Virtual size: 18KB

.rdata Size: 5KB - Virtual size: 5KB

.UfsuGZ Size: 3KB - Virtual size: 46KB

.data Size: 6KB - Virtual size: 9KB

.BYQcj Size: 82KB - Virtual size: 162KB

.QQKpq Size: 3KB - Virtual size: 33KB

.rsrc Size: 53KB - Virtual size: 53KB

.reloc Size: 512B - Virtual size: 24KB

.lLmoZ
Size: 18KB - Virtual size: 18KB

.rdata
Size: 5KB - Virtual size: 5KB

.UfsuGZ
Size: 3KB - Virtual size: 46KB

.data
Size: 6KB - Virtual size: 9KB

.BYQcj
Size: 82KB - Virtual size: 162KB

.QQKpq
Size: 3KB - Virtual size: 33KB

.rsrc
Size: 53KB - Virtual size: 53KB

.reloc
Size: 512B - Virtual size: 24KB