301c3c4f9de0cdd48a009306c641dff7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

301c3c4f9de0cdd48a009306c641dff7_JaffaCakes118
Size

866KB
MD5

301c3c4f9de0cdd48a009306c641dff7
SHA1

8485b00b7f453ac46d52140368a9caf1a3cb0fde
SHA256

1ff2bc295fe7799993bdfd3715fb72113c86b43d81fb003ef9a9a5e127fc658a
SHA512

54309e753a0e7277798d31b870de6ecf91fdc7313f0cc51a73325b3b1f712425d7408480f8ebebddcee7cf03dc2b5b65e8998b8212403e31d82249e6938d0220
SSDEEP

24576:+gVxUA/Rb4MfULaL3GBcfC7l9CKi7EWcd5+viW1A:+ORMXg3wcfCZPi7s6i6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
301c3c4f9de0cdd48a009306c641dff7_JaffaCakes118

Files

301c3c4f9de0cdd48a009306c641dff7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f0ef4c81e0fd530b584c0644ff271b1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutSetPitch
midiStreamRestart
mciSetYieldProc
mciDriverNotify
midiInGetErrorTextW
PlaySoundW
waveInGetDevCapsA
mixerGetDevCapsA
midiDisconnect
mmioSetBuffer
DrvGetModuleHandle
mixerGetLineControlsW
mmioSeek
mciGetDeviceIDA
midiInStop
GetDriverModuleHandle
timeKillEvent
sndPlaySoundA
mixerGetControlDetailsW
waveOutRestart
wod32Message
joyGetPosEx
joySetThreshold
timeSetEvent
mciSendCommandA
midiOutClose
mmioFlush
mixerMessage
midiConnect
waveInMessage
WOW32ResolveMultiMediaHandle
joyGetThreshold
mixerGetLineInfoA
waveOutGetID
midiInUnprepareHeader
mmTaskBlock
mciDriverYield
PlaySound
mmioClose
mciLoadCommandResource
auxGetNumDevs
waveInStop
waveInReset
joySetCapture
midiOutPrepareHeader

mscat32

CryptCATGetCatAttrInfo
CryptCATEnumerateCatAttr
CryptCATCDFEnumMembersByCDFTagEx
CryptCATGetMemberInfo
CryptCATPutAttrInfo
CryptCATEnumerateAttr
CryptCATCDFEnumMembersByCDFTag
CryptCATCDFEnumAttributesWithCDFTag
CryptCATPersistStore
CatalogCompactHashDatabase
CryptCATAdminReleaseContext
CryptCATCDFEnumCatAttributes
IsCatalogFile
CryptCATAdminAddCatalog
CryptCATClose
CryptCATCDFEnumMembers
CryptCATCDFEnumAttributes
CryptCATAdminReleaseCatalogContext
CryptCATHandleFromStore
MsCatFreeHashTag
CryptCATAdminEnumCatalogFromHash
CryptCATEnumerateMember
CryptCATCDFClose
CryptCATStoreFromHandle
CryptCATCDFOpen
CryptCATCatalogInfoFromContext
CryptCATAdminCalcHashFromFileHandle
CryptCATGetAttrInfo
CryptCATAdminAcquireContext

kernel32

GetEnvironmentStringsW
GetLastError
SetThreadContext
GetEnvironmentVariableW
GetNextVDMCommand
lstrlenA
lstrcpy
SetThreadLocale
ConsoleMenuControl
WaitNamedPipeW
LZOpenFileW
GetSystemWow64DirectoryA
FormatMessageA
GetCurrentDirectoryW
GlobalMemoryStatusEx
SleepEx
GetStringTypeExW
SetThreadAffinityMask
lstrcpyA
EnumResourceNamesW
FileTimeToDosDateTime
EnumSystemLocalesW
PeekConsoleInputW
GetPrivateProfileStringA
SetNamedPipeHandleState
GetCurrentThread
TzSpecificLocalTimeToSystemTime
VirtualAlloc
IsBadHugeReadPtr
GetCommandLineW
GetSystemDefaultLCID
GetConsoleHardwareState
IsBadStringPtrA
LoadLibraryA
GetDriveTypeA
UnregisterConsoleIME
QueryPerformanceCounter
WritePrivateProfileSectionW
RemoveDirectoryW
GetThreadLocale
GetHandleContext
CreatePipe
UnlockFile
GetSystemWow64DirectoryW
GlobalWire

sqlunirl

_DefWindowProc@16
_RegOpenKeyEx_@20
_FindText_@4
_ChangeMenu_@20
_NDdeShareSetInfo_@24
_NDdeGetErrorString_@12
_GlobalAddAtom_@4
ConvertMultiSZNameToW
_ObjectDeleteAuditAlarm_@12
_IsDialogMessage@8
_OpenBackupEventLog_@8
newMultiByteFromWideCharEx
_NDdeIsValidAppTopicList_@4
_CopyMetaFile_@8
_CreateIC_@16
_FindExecutable_@12
_CharUpperBuff_@8
_LoadMenu@8
_FindResource@12
_UpdateResource_@24
_CommDlg_OpenSave_GetFilePath@12
_CreateProcessAsUser_@44
_FindWindowEx_@16
_LoadAccelerators_@8
_ReadConsoleInput_@16
_LoadImage_@24
_IsCharUpper_@4
_WritePrivateProfileStruct_@20
_GetEnvironmentVariable_@12
_EnumFontFamiliesEx_@20
_FreeEnvironmentStrings@4
AbortSystemShutdown_
_DlgDirList_@20
_StartDoc@8
_NDdeShareAdd_@20
_CallNamedPipe_@28
_GetClassInfoEx_@12
_RegisterClassEx_@4
_PrivilegedServiceAuditAlarm_@20

opengl32

glEvalCoord2dv
glEnable
glGetMapdv
glTexCoord1iv
glFogfv
glEvalPoint2
glMapGrid2d
glRasterPos2i
glNormal3bv
glDisableClientState
glColor4iv
glNormal3i
glTexCoord1i
glColor4s
glIndexPointer
glScaled
glDeleteTextures
glBindTexture
glGetPixelMapusv
glColor4ubv
glEvalCoord1d
glNormal3sv
glVertex4i
wglUseFontBitmapsW
glMapGrid2f
glVertex3fv
glDepthRange
glCopyTexSubImage2D
wglUseFontOutlinesA
glLineWidth
glGetClipPlane
wglShareLists
glMaterialiv
glLoadMatrixf
glEvalCoord2fv
glVertex2sv

pdh

PdhTranslate009CounterA
PdhParseCounterPathA
PdhSetQueryTimeRange
PdhEnumObjectItemsA
PdhGetDllVersion
PdhEnumObjectItemsHA
PdhGetDefaultPerfCounterW
PdhBrowseCountersHA
PdhCloseQuery
PdhConnectMachineA
PdhUpdateLogFileCatalog
PdhVbGetCounterPathElements
PdhEnumMachinesHA
PdhReadRawLogRecord
PdhCollectQueryDataEx
PdhValidatePathA
PdhVbUpdateLog
PdhGetFormattedCounterArrayA
PdhCreateSQLTablesW
PdhCalculateCounterFromRawValue
PdhOpenLogA
PdhAdd009CounterA
PdhValidatePathW
PdhExpandWildCardPathHA
PdhVbAddCounter
PdhSetCounterScaleFactor
PdhAdd009CounterW

Sections

.text
Size: 189KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 179KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 495KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0ef4c81e0fd530b584c0644ff271b1f

Headers

DLL Characteristics

File Characteristics

Imports

winmm

mscat32

kernel32

sqlunirl

opengl32

pdh

Sections

.text Size: 189KB - Virtual size: 192KB

.rdata Size: 179KB - Virtual size: 180KB

.data Size: 512B - Virtual size: 1.9MB

.rsrc Size: 495KB - Virtual size: 496KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 189KB - Virtual size: 192KB

.rdata
Size: 179KB - Virtual size: 180KB

.data
Size: 512B - Virtual size: 1.9MB

.rsrc
Size: 495KB - Virtual size: 496KB

.reloc
Size: 1KB - Virtual size: 4KB