3ae4f7b37a85d3256e19890d539e85c7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ae4f7b37a85d3256e19890d539e85c7_JaffaCakes118
Size

43KB
MD5

3ae4f7b37a85d3256e19890d539e85c7
SHA1

52a1dd8dde09fe05d10bc1ad2842885464d5f1f8
SHA256

0c4071ac8f0b7a4168784ff9dec85b990a1642e86bf195e1321a1c851711e0f5
SHA512

fd177ea9fe79b11a04244c2ea4f539829b03abe47777669abf0a1692caf11d686dc89fe2948299726db5e7211f8d88fc260772b98c30c04b1b35cf0d2873f084
SSDEEP

768:SHJbBtOfdKKxwzOulgZAeObXtrkqrpC7I6uexjRuU6uIqbFpkuAUkk:SJBtOVtgOJWe+h0e0jRukIEpydk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ae4f7b37a85d3256e19890d539e85c7_JaffaCakes118

Files

3ae4f7b37a85d3256e19890d539e85c7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d92c569d347b9850975720f2a701280d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameW
PurgeComm
GetUserDefaultLangID
EndUpdateResourceW
UTRegister
ReadConsoleInputExA
GlobalUnWire
AreFileApisANSI
GetConsoleInputExeNameW
OpenMutexA
Module32Next
SetEnvironmentVariableW
TlsSetValue
GlobalMemoryStatus
GetPrivateProfileStructA
SetConsoleOutputCP
FormatMessageA
GetProcessShutdownParameters
LeaveCriticalSection
ExpandEnvironmentStringsW
GetOEMCP
LoadLibraryA
GetExitCodeProcess
FlushInstructionCache
DefineDosDeviceA
SetConsoleMenuClose
SetCommTimeouts
MapViewOfFile
ReadFileEx
SetUnhandledExceptionFilter
ChangeTimerQueueTimer
QueryPerformanceCounter
WriteFileGather
WaitForDebugEvent
VirtualAlloc
CancelTimerQueueTimer
GetPrivateProfileStringW
SetConsoleNumberOfCommandsA
CreateRemoteThread

crtdll

_mbscmp
__fpecode
_local_unwind2
_mktemp
_chgsign
_sleep
gets
_itoa
iswgraph
_getsystime
_fileinfo_dll
_setmode
isalpha
isalnum
_clearfp
_mbsdup
_daylight_dll
gmtime
sinh
_spawnl
_mbschr
perror
_CIsin
_mbsninc
_utime
_rotl
strlen
_spawnvp
_CIcos

msoert2

GetHtmlCharset
FBuildTempPath
HrCopyStreamToByte
CreateSystemHandleName
HrGetStreamPos
OpenFileStream
IUnknownList_CreateInstance
MessageBoxInstW
HrGetBodyElement
OpenFileStreamShareW
HrBSTRToLPSZ
HrIStreamToBSTR
ChConvertFromHex
UlStripWhitespace
DeleteTempFileOnShutdownEx
PVGetMsgParam
HrStreamSeekSet
HrFillRasCombo
GetExePath
CreateEnumFormatEtc
DeleteTempFile
HrIndexOfMonth
FIsSpaceA
CreateDataObject
PszDayFromIndex
RicheditStreamOut
OpenFileStreamShare
FIsValidFileNameCharA
GetDllMajorVersion
WriteStreamToFileHandle
CchFileTimeToDateTimeSz
IDrawText
PVDecodeObject
HrGetMsgParam
CleanupFileNameInPlaceA

msvcrt40

_rmtmp
__p___wargv
_wctime
_wsplitpath
_cgets
??0ofstream@@QAE@HPADH@Z
?setp@streambuf@@IAEXPAD0@Z
atoi
iswprint
??_7stdiostream@@6B@
?blen@streambuf@@IBEHXZ
??6ostream@@QAEAAV0@D@Z
??_Estdiobuf@@UAEPAXI@Z
??_7ostrstream@@6B@
??6ostream@@QAEAAV0@M@Z
_yn
isalnum
__p__tzname
_adj_fdivr_m16i
strcmp
??_7istream_withassign@@6B@
_wexecvp
?gptr@streambuf@@IBEPADXZ
_expand
_pipe
atof
_wexecle
_mbsninc
_CIcos
fwrite
??0stdiostream@@QAE@PAU_iobuf@@@Z
_findclose
_mbsnbcnt
strftime
?setlock@ios@@QAAXXZ
??0logic_error@@QAE@ABQBD@Z
?doallocate@strstreambuf@@MAEHXZ
_wmakepath
??_Giostream@@UAEPAXI@Z
??5istream@@QAEAAV0@PAD@Z
?attach@filebuf@@QAEPAV1@H@Z

cfgmgr32

CM_Get_Device_Interface_List_SizeW
CM_Get_Class_NameW
CM_Get_Log_Conf_Priority_Ex
CM_Get_Class_Key_NameW
CM_Query_Remove_SubTree
CM_Get_Class_Registry_PropertyA
CM_Setup_DevNode_Ex
CM_Add_Res_Des_Ex
CM_Add_Range
CM_Delete_Class_Key_Ex
CM_Register_Device_Interface_ExW
CM_Open_DevNode_Key
CM_Get_Device_IDA
CM_Get_Res_Des_Data_Size_Ex
CM_Delete_DevNode_Key
CM_Free_Res_Des_Handle
CM_Get_Class_Key_Name_ExA
CM_Get_Next_Res_Des
CM_Get_Device_ID_List_ExA
CM_Query_Arbitrator_Free_Data_Ex
CM_Set_DevNode_Registry_Property_ExA
CM_Get_Global_State_Ex
CM_Query_And_Remove_SubTreeA
CM_Get_HW_Prof_Flags_ExW
CM_Enumerate_EnumeratorsA
CM_Get_Version
CM_Get_Device_Interface_Alias_ExW
CM_Query_Arbitrator_Free_Size_Ex
CM_Add_ID_ExA
CM_Next_Range
CM_Get_Class_Key_NameA
CM_Get_Device_ID_ListW

netapi32

I_BrowserResetNetlogonState
NetServerComputerNameDel
I_NetLogonSamLogonEx
I_NetServerTrustPasswordsGet
DsEnumerateDomainTrustsW
DsRoleAbortDownlevelServerUpgrade
NetLocalGroupSetInfo
NetDfsSetInfo
NetJoinDomain
NetUseEnum
I_NetDatabaseSync2
RxNetAccessDel
NetpAllocFtinfoEntry
I_NetServerAuthenticate
NetUseGetInfo
NetRegisterDomainNameChangeNotification
DsRoleServerSaveStateForUpgrade
I_NetAccountDeltas
NetConfigGetAll
NetUseAdd
NetMessageNameDel
NetShareEnumSticky
NetGetJoinInformation
DsGetDcNameW
NetGetDisplayInformationIndex
NlBindingSetAuthInfo
NetReplImportDirUnlock
I_NetGetForestTrustInformation
NetDfsMove
NetpInitFtinfoContext

setupapi

SetupQuerySourceListW
CM_Get_Device_ID_List_ExW
CM_Open_Class_Key_ExW
SetupCommitFileQueue
CMP_WaitServicesAvailable
SetupInstallFromInfSectionW
SetupInstallFileA
SetupVerifyInfFileA
SetupFreeSourceListA
SetupGetFileCompressionInfoA
SetupSetFileQueueAlternatePlatformW
pSetupGetFileTitle
CM_Unregister_Device_InterfaceA
SetupDiGetActualSectionToInstallA
CM_Get_Global_State
SetupGetLineCountA
CM_Query_Arbitrator_Free_Data_Ex
SetupGetBackupInformationA
pSetupInstallCatalog
SetupDiGetSelectedDriverW
SetupCopyOEMInfW
SetupDiInstallClassExW
SetupInstallFileExW
SetupDiGetDeviceInfoListDetailA

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d92c569d347b9850975720f2a701280d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

crtdll

msoert2

msvcrt40

cfgmgr32

netapi32

setupapi

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 35KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 35KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B