2da159279d28fbe2ca1a0484f160fec3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2da159279d28fbe2ca1a0484f160fec3_JaffaCakes118
Size

394KB
MD5

2da159279d28fbe2ca1a0484f160fec3
SHA1

e94d34c43d78cdd5fbfc11569aa9f3f23510566d
SHA256

18a7a72ae4e95ef1a05906f51dae156cf7f5f08d0cd2ccfae6abfb996eba6494
SHA512

cf6935fd74c0c4faf0b7afb82e353f29d367a4fd5cfc0b584ed9c307faae4139f65de2c5725b00f0babe90deccb137fc8b6c6d2ee10811d50600f7247e362ece
SSDEEP

6144:wIvyReEnBox0qT4pHQyg+bEN7E6mkJlrMfBwD49bAauOIgMv+PqAbvpspg/km:wIqAaBocQKAZE69lQ597B3M2bvpsC1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2da159279d28fbe2ca1a0484f160fec3_JaffaCakes118

Files

2da159279d28fbe2ca1a0484f160fec3_JaffaCakes118
.exe windows:1 windows x86 arch:x86

41f936253e974bc2e1ea45222957e7f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msacm32

acmStreamMessage
acmFilterChooseW
XRegThunkEntry
acmDriverEnum
acmMessage32
acmFormatTagDetailsA
acmFormatEnumW
acmFilterTagDetailsW
acmStreamSize
acmFilterChooseA
acmFormatTagEnumA
acmFilterEnumA
acmFilterEnumW
acmStreamReset
acmFormatDetailsW
acmFormatTagDetailsW
acmFormatDetailsA
acmFormatEnumA
acmFilterDetailsW
acmStreamPrepareHeader

syssetup

AsrFreeContext
AsrCreateStateFileW
AsrAddSifEntryW

comdlg32

GetOpenFileNameW

mpr

WNetEnumResourceW

user32

LoadCursorW
CreateIconFromResource
SetTimer
RemoveMenu
DeleteMenu
SetWindowLongW
InvalidateRect
EnableMenuItem
GetNextDlgGroupItem
LockSetForegroundWindow
GetKeyState
LoadStringW
SetParent
SetActiveWindow
LoadImageW
SetClassLongW
UpdateWindow
PostMessageW
ClientToScreen
UnhookWindowsHookEx
AppendMenuW
wsprintfW
SendDlgItemMessageW
GetMonitorInfoW
GetFocus
DestroyWindow
InvalidateRgn

comctl32

CreatePropertySheetPageW

shell32

ExtractIconExW

advapi32

OpenEncryptedFileRawW
FreeSid
AllocateAndInitializeSid
RegLoadKeyW
StartServiceW
RegCloseKey
RegConnectRegistryW
RegSetValueExW
SetEntriesInAclW
ReportEventW
OpenThreadToken
WriteEncryptedFileRaw
RegEnumValueW

setupapi

SetupFindFirstLineW
SetupOpenInfFileW
SetupFindNextLine
SetupGetStringFieldW
SetupCloseInfFile
SetupGetIntField

msorcl32

SQLStatistics
SQLTables
SQLMoreResults
SQLDescribeParam
SQLParamData
SQLGetData
SQLSpecialColumns
SQLExecute
SQLGetStmtOption
SQLCancel
SQLProcedureColumns
SQLExtendedFetch
SQLFetch
SQLGetInfo
SQLExecDirect
SQLPrepare
SQLSetConnectOption
SQLSetCursorName
SQLNumParams
SQLAllocEnv
SQLBindParameter

mapi32

MAPIUninitialize
BMAPIGetReadMail
OpenStreamOnFile
cmc_send_documents
FixMAPI
RTFSync
HrGetOmiProvidersFlags
cmc_send
FGetComponentPath
GetTnefStreamCodepage
MAPIReadMail
LAUNCHWIZARD
OpenTnefStreamEx
ScMAPIXFromCMC
cmc_act_on

gdi32

SelectObject
GetMapMode

ole32

CoInitializeEx
StringFromGUID2
CLSIDFromString

kernel32

CreateProcessW
FindFirstVolumeMountPointW
GetSystemDirectoryW
FileTimeToLocalFileTime
FindFirstFileW
HeapSize
LocalFree
FileTimeToSystemTime
CloseHandle
VirtualFree
GetCurrentThread
LockFile
HeapAlloc
WritePrivateProfileStringW
BackupSeek
FindVolumeMountPointClose
GetPrivateProfileStringW
SetFileAttributesW
UnhandledExceptionFilter
GetFileSize
GetStartupInfoW
GlobalAlloc
VirtualAlloc
LocalFree
GetExitCodeThread
WriteFile
WriteTapemark
GetLocalTime
SetEndOfFile
CreateHardLinkW
RemoveDirectoryW
SetCurrentDirectoryW
GetDiskFreeSpaceExW
GetCurrentDirectoryA
TerminateProcess
SetUnhandledExceptionFilter
MultiByteToWideChar
GetProcessHeap
GetVersionExW
GlobalFree
SetFileTime
SetEvent
GetComputerNameW

netapi32

NetShareEnum
NetShareGetInfo

rpcrt4

UuidFromStringW

Sections

.text
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41f936253e974bc2e1ea45222957e7f0

Headers

DLL Characteristics

File Characteristics

Imports

msacm32

syssetup

comdlg32

mpr

user32

comctl32

shell32

advapi32

setupapi

msorcl32

mapi32

gdi32

ole32

kernel32

netapi32

rpcrt4

Sections

.text Size: 249KB - Virtual size: 249KB

.data Size: 57KB - Virtual size: 56KB

.rsrc Size: 87KB - Virtual size: 692KB

.text
Size: 249KB - Virtual size: 249KB

.data
Size: 57KB - Virtual size: 56KB

.rsrc
Size: 87KB - Virtual size: 692KB