30f3fd52d23f40a37ff6871657febae6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30f3fd52d23f40a37ff6871657febae6_JaffaCakes118
Size

863KB
MD5

30f3fd52d23f40a37ff6871657febae6
SHA1

8b899f60d5fc6a9269ffc1de7c6c53c473cfe9c1
SHA256

96192932bc9cf45a212bb4a9ecbba6e7dd3b6d056f053ed5d425e8724c27383e
SHA512

b94e349fe96693ca1eeb424c691acff9010cfd31e2e4e5c81026a5d6e88bc9bc51243c5488f0b4942fb9a000a1982062333f0a42f733e90042079f544b3672aa
SSDEEP

24576:r43HvQCumxwOOxrIZuQK6uSDLafZi9OKGwHcw:cjxZC6uSDLalBwHn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30f3fd52d23f40a37ff6871657febae6_JaffaCakes118

Files

30f3fd52d23f40a37ff6871657febae6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

801edcece69e17f445b35c2db477c331

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynW
SetConsoleOutputCP
VerSetConditionMask
GetCPInfoExA
GetPrivateProfileStringA
RtlCaptureContext
InterlockedFlushSList
FindNextChangeNotification
BaseUpdateAppcompatCache
BackupRead
LoadLibraryA
SetConsoleScreenBufferSize
SetConsoleMaximumWindowSize
CopyFileExA
GetWindowsDirectoryA
ReleaseActCtx
GetFileTime
SetConsoleInputExeNameA
InterlockedPopEntrySList
GetWindowsDirectoryW
EnumCalendarInfoExW
FindFirstChangeNotificationW
GetCurrentActCtx
VerifyVersionInfoW
FatalExit
CloseConsoleHandle
InitializeSListHead
FindResourceA
GetConsoleOutputCP
GetModuleHandleA
CreateDirectoryExA
EnumResourceNamesW
lstrcpyA
BaseCleanupAppcompatCacheSupport
EraseTape
BeginUpdateResourceA
QueryPerformanceCounter
GetConsoleAliasesLengthA
EnumResourceNamesA
OpenSemaphoreA
ConvertFiberToThread
GetCurrentThread
LockFile
GetVDMCurrentDirectories
GetEnvironmentStringsW
RemoveDirectoryW
SetLastConsoleEventActive
PeekConsoleInputW
GetFileType
IsBadHugeReadPtr
WriteFileGather
WritePrivateProfileStringA
GetThreadTimes
CancelDeviceWakeupRequest
EnumSystemLanguageGroupsW
ReleaseMutex
EnumTimeFormatsW
lstrcmpA
LocalAlloc
SetConsoleMode
SuspendThread
HeapDestroy
WritePrivateProfileSectionA
UnregisterConsoleIME
GlobalCompact
SetThreadPriorityBoost
ReadConsoleA
ReadConsoleOutputA
SetFilePointer
DnsHostnameToComputerNameW
GetCurrentProcess
VirtualAlloc
GetCPInfo
lstrlenA
UpdateResourceW
GetConsoleAliasA
GetAtomNameW
VirtualProtectEx
FindFirstFileA
VerLanguageNameA

avifil32

AVIStreamOpenFromFile
AVIFileOpenW
AVIStreamLength
EditStreamSetNameW
AVIStreamReadFormat
AVIStreamGetFrameOpen
AVIFileOpenA
AVIStreamInfoA
AVIBuildFilterW
AVIMakeFileFromStreams
AVIMakeStreamFromClipboard
AVIFileCreateStreamA
AVIFileWriteData
AVIGetFromClipboard
EditStreamCut
AVISaveVW
EditStreamPaste
AVIStreamBeginStreaming
AVIFileInit
AVIFileExit
AVIStreamRead
EditStreamSetInfoA
DllGetClassObject
AVIStreamSampleToTime
EditStreamCopy
AVISaveW
EditStreamSetInfo
EditStreamSetNameA
IID_IAVIStream
AVIStreamWrite
AVIStreamTimeToSample

opengl32

glIndexd
glEvalCoord1fv
glMultMatrixf
glVertex2fv
glTexEnvi
glLineStipple
glTexCoord1fv
glPrioritizeTextures
glTexGenfv
glPixelStoref
wglCreateContext
glPixelTransferf
glEnd
glVertex3i
glPixelMapfv
glRotated
glRasterPos3iv
glIsList
glGetError
glPushName
glListBase
glStencilOp
glTexCoord1dv
glNormal3dv
glIndexMask
glGenTextures
glTexCoord1s
glSelectBuffer
glLightf

samlib

SamOpenGroup
SamOpenAlias
SamEnumerateGroupsInDomain
SamGetMembersInAlias
SamOpenUser
SamCloseHandle
SamiLmChangePasswordUser
SamQuerySecurityObject
SamSetMemberAttributesOfGroup
SamGetMembersInGroup
SamQueryInformationDomain
SamRidToSid
SamGetAliasMembership
SamDeleteAlias
SamQueryInformationAlias
SamChangePasswordUser2
SamiSetBootKeyInformation
SamLookupIdsInDomain
SamFreeMemory
SamShutdownSamServer
SamGetCompatibilityMode
SamAddMultipleMembersToAlias
SamDeleteUser
SamCreateGroupInDomain
SamRemoveMemberFromForeignDomain
SamCreateAliasInDomain

sqlunirl

_CreateAcceleratorTable_@8
_LoadMenu@8
_GetCompressedFileSize_@8
_GetMenuString_@20
_GetWindowTextLength@4
_ShellExecute_@24
_GetPrivateProfileSectionNames_@12
_GetClassLong_@8
_CreateDesktop_@24
_NDdeShareGetInfo_@28
_CharLower@4
_PostThreadMessage_@16
_CommDlg_OpenSave_GetFolderPath@12
_LoadAccelerators_@8
_SetFileSecurity_@12
_ReadConsoleInput_@16
_GetFileAttributes_@4
_ObjectOpenAuditAlarm_@48
_CommDlg_OpenSave_GetFilePath@12
newMultiByteFromWideCharEx
_OpenSCManager_@12
_RegConnectRegistry_@12
_GlobalFindAtom_@4
_FindFirstChangeNotification_@12
_GetVolumeInformation_@32
_RemoveFontResource_@4
_SetWindowText@8
_OpenFileMapping_@12
_GetLogColorSpace_@12
_GetDiskFreeSpaceEx_@16
_CopyEnhMetaFile_@8
_GetTimeFormat_@24
_EnumFonts_@16
_lstrcmp_@8
_ExtractAssociatedIcon_@12
_LookupPrivilegeValue_@12
_FreeEnvironmentStrings@4
_GrayString_@36
_OpenFile_@12
_ShellAbout_@16
_CreateDialogIndirectParam@20
_GetCurrentDirectory_@8
_LoadCursorFromFile_@4

Sections

.text
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

801edcece69e17f445b35c2db477c331

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

avifil32

opengl32

samlib

sqlunirl

Sections

.text Size: 327KB - Virtual size: 327KB

.rdata Size: 318KB - Virtual size: 318KB

.data Size: 1024B - Virtual size: 1.7MB

.rsrc Size: 215KB - Virtual size: 215KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 327KB - Virtual size: 327KB

.rdata
Size: 318KB - Virtual size: 318KB

.data
Size: 1024B - Virtual size: 1.7MB

.rsrc
Size: 215KB - Virtual size: 215KB

.reloc
Size: 1024B - Virtual size: 1024B