2ac6d3e3f2af90c55066ad6c2159e656_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ac6d3e3f2af90c55066ad6c2159e656_JaffaCakes118
Size

28KB
MD5

2ac6d3e3f2af90c55066ad6c2159e656
SHA1

03acc7dcc0a628af111aefd7b7527462c23d190e
SHA256

eb738f9811e498d4dd4e7a0c37e3601dd65dd86a3c7f708858541744022cc1d1
SHA512

2fcfca2280d26c7646069f0a6e0b12fa296880c6a1e7121fc832ed1ff8b929bec146f15fafdb80784f8e1c4c3379415105afa3bef93bf0bc6e9f94b9e0867d19
SSDEEP

384:6WyfP9LjQpNWEYiHVaqKuHbqvuQ2hOt9U/Q/18nxqLv:WP9LjQiYHOu7q4BQ/184

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ac6d3e3f2af90c55066ad6c2159e656_JaffaCakes118

Files

2ac6d3e3f2af90c55066ad6c2159e656_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac2ca6dae87620000ecc7c74fd0cc23b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AbortSystemShutdownW
AccessCheckAndAuditAlarmA
AccessCheckAndAuditAlarmW
AccessCheckByTypeResultList
AccessCheckByTypeResultListAndAuditAlarmW
AddAuditAccessObjectAce
BuildTrusteeWithNameW
ClearEventLogW
ConvertAccessToSecurityDescriptorA
ConvertSecurityDescriptorToAccessW
CreatePrivateObjectSecurityEx
CryptReleaseContext
CryptSetProviderExW
ElfChangeNotify
ElfNumberOfRecords
EnumServicesStatusW
GetAce
GetCurrentHwProfileA
GetExplicitEntriesFromAclA
GetMultipleTrusteeA
GetNamedSecurityInfoW
GetSecurityInfo
GetTrusteeNameW
GetUserNameW
InitializeSid
InitiateSystemShutdownW
IsValidAcl
LookupAccountSidA
LookupSecurityDescriptorPartsW
LsaAddPrivilegesToAccount
LsaEnumerateAccountRights
LsaEnumerateTrustedDomains
LsaFreeMemory
LsaQueryInfoTrustedDomain
LsaSetSecret
MakeSelfRelativeSD
QueryServiceLockStatusA
ReportEventW
SetAclInformation
UnlockServiceDatabase

kernel32

AddAtomW
AllocConsole
BackupSeek
CancelIo
ClearCommError
CloseHandle
CloseProfileUserMapping
CompareStringA
CompareStringW
ConvertThreadToFiber
CreateEventW
CreateFiber
CreatePipe
CreateRemoteThread
DebugActiveProcess
DosDateTimeToFileTime
EnumSystemCodePagesW
ExitProcess
ExpandEnvironmentStringsW
FatalExit
FindAtomA
FlushConsoleInputBuffer
FlushFileBuffers
FlushInstructionCache
FoldStringW
FreeLibraryAndExitThread
GetCommConfig
GetCommandLineW
GetCompressedFileSizeA
GetConsoleAliasesLengthA
GetCurrentConsoleFont
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetFileAttributesA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleW
GetNumberOfConsoleFonts
GetPrivateProfileStringA
GetQueuedCompletionStatus
GetShortPathNameW
GetStartupInfoW
GetSystemDefaultLCID
GetSystemDirectoryA
GetSystemTime
GetVersion
GetVersionExA
GlobalAddAtomA
GlobalDeleteAtom
GlobalFix
GlobalLock
GlobalUnWire
GlobalUnlock
InitAtomTable
InitializeCriticalSection
IsBadHugeReadPtr
IsValidCodePage
LCMapStringW
LoadLibraryW
LoadLibraryExA
LocalAlloc
LocalFlags
LocalLock
MoveFileA
MoveFileW
MoveFileExA
OpenMutexW
ReadConsoleA
ReadFileEx
ScrollConsoleScreenBufferA
SetCommConfig
SetCommMask
SetCommState
SetConsoleDisplayMode
SetConsoleNumberOfCommandsA
SetLastError
SetNamedPipeHandleState
SetSystemPowerState
SetThreadAffinityMask
SetTimeZoneInformation
SetVolumeLabelA
ShowConsoleCursor
UnlockFileEx
VDMOperationStarted
VirtualProtect
WaitNamedPipeW
WriteConsoleOutputCharacterA
WriteFileEx
WriteProfileSectionA
WriteTapemark
_lcreat
_llseek
_lread
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpynA

user32

ActivateKeyboardLayout
BeginDeferWindowPos
CharUpperA
CharUpperW
ClipCursor
CloseWindowStation
CountClipboardFormats
CreateCaret
CreateIconIndirect
DdeCmpStringHandles
DdeCreateStringHandleA
DdeDisconnectList
DefFrameProcW
DefWindowProcW
DestroyCursor
DialogBoxIndirectParamA
DlgDirListA
DlgDirListW
DrawEdge
EnumDisplaySettingsExW
EnumWindows
FillRect
FindWindowExW
FlashWindow
GetClipCursor
GetClipboardData
GetCursor
GetCursorInfo
GetDlgCtrlID
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetLastInputInfo
GetMenu
GetMenuItemInfoW
GetMenuItemRect
GetMessageA
GetParent
GetScrollPos
GetSysColor
GetWindowDC
GetWindowLongW
GetWindowModuleFileNameW
GetWindowPlacement
IMPGetIMEA
IMPQueryIMEW
InflateRect
InvalidateRgn
IsCharUpperW
IsChild
IsDialogMessageA
IsWindowVisible
LoadCursorFromFileA
LoadCursorFromFileW
LoadMenuW
LookupIconIdFromDirectoryEx
ModifyMenuW
OpenClipboard
OpenDesktopW
PostMessageW
RealChildWindowFromPoint
RegisterDeviceNotificationA
RegisterDeviceNotificationW
RegisterWindowMessageW
SendIMEMessageExA
SendNotifyMessageW
SetCapture
SetCursorPos
SetMenuItemBitmaps
SetMenuItemInfoW
SetUserObjectInformationA
SetWindowContextHelpId
SetWindowLongW
SetWindowPlacement
TabbedTextOutA
UnloadKeyboardLayout

gdi32

BitBlt
Chord
CreateCompatibleDC
CreateDIBPatternBrush
CreateICA
CreateICW
CreatePatternBrush
CreateRectRgnIndirect
CreateScalableFontResourceW
DeviceCapabilitiesExA
DeviceCapabilitiesExW
GdiComment
GdiGetBatchLimit
GetBkColor
GetBkMode
GetBoundsRect
GetCharWidthFloatW
GetClipBox
GetClipRgn
GetColorAdjustment
GetColorSpace
GetCurrentObject
GetEnhMetaFileA
GetEnhMetaFilePaletteEntries
GetKerningPairsA
GetKerningPairsW
GetOutlineTextMetricsW
GetPaletteEntries
GetPixel
GetPolyFillMode
GetROP2
GetRasterizerCaps
GetRegionData
GetStockObject
GetTextCharsetInfo
PathToRegion
PlayEnhMetaFile
PolyTextOutA
PolyTextOutW
Polygon
RealizePalette
RectVisible
ResetDCW
SelectBrushLocal
SetAbortProc
SetBkMode
SetMagicColors
SetMetaRgn
SetPolyFillMode
SetRelAbs
SetTextAlign
TextOutW
WidenPath

Sections

.text
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.piok
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac2ca6dae87620000ecc7c74fd0cc23b

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

Sections

.text Size: 5KB - Virtual size: 6KB

.data Size: 17KB - Virtual size: 30KB

.piok Size: 4KB - Virtual size: 16KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 5KB - Virtual size: 6KB

.data
Size: 17KB - Virtual size: 30KB

.piok
Size: 4KB - Virtual size: 16KB

.reloc
Size: 1024B - Virtual size: 4KB