5ad03e7169e232c796135782f4b6f459_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5ad03e7169e232c796135782f4b6f459_JaffaCakes118
Size

364KB
MD5

5ad03e7169e232c796135782f4b6f459
SHA1

803486c04030fdec8eca6be1ecad419a4dd060c0
SHA256

26dd7ec9076822b6b25af0d62132354dd604f2736819b98f60f5caedeb281665
SHA512

4a880411be810d7473f3d1b9acdb024b8efed1c4e1c4ce6b82673413fc872f4a21dbf96bc438e533e6a75fca070d3bf493f6e138f593a99e656d36b1b12fd592
SSDEEP

6144:4ySMZLnOaMVCksMt8Lhebi2LCiafQUp7ZRKonlzzLKWLuJ+FNNIIrcPm:4aOTQnMta4bjLAJ/Dd/KObFf0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ad03e7169e232c796135782f4b6f459_JaffaCakes118

Files

5ad03e7169e232c796135782f4b6f459_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d9590fb4e0754d94d45bd771a30cfe95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

msi

MsiProvideQualifiedComponentExA
MsiGetProductCodeFromPackageCodeA
MsiGetSummaryInformationW
MsiDoActionA
MsiApplyPatchA
MsiViewFetch
MsiGetComponentStateA
MsiNotifySidChangeW
MsiGetFileSignatureInformationW
MsiSourceListClearAllW
MsiSetFeatureStateW
MsiCreateAndVerifyInstallerDirectory
MsiDeleteUserDataW
MsiOpenDatabaseW
MsiDatabaseImportW
MsiCollectUserInfoW
MsiSummaryInfoSetPropertyW
MsiSourceListAddSourceA
MsiDatabaseExportW
MsiRecordDataSize
MsiProvideQualifiedComponentW
MsiDatabaseGenerateTransformA
MsiViewGetColumnInfo
MsiOpenProductA
MsiLoadStringA
MsiProvideQualifiedComponentExW
MsiSetInstallLevel
MsiGetFeatureStateA
MsiSourceListForceResolutionW
MsiEnumPatchesA
MsiViewModify
MsiFormatRecordA
MsiEnableLogA
MsiProvideAssemblyW
MsiSetPropertyA
MsiDatabaseOpenViewA
MsiViewGetErrorA
MsiGetFileVersionW
MsiConfigureFeatureFromDescriptorA
MsiGetTargetPathA
MsiSummaryInfoGetPropertyA

comctl32

FlatSB_GetScrollInfo
CreateToolbarEx
ImageList_AddIcon
CreateStatusWindowA
FlatSB_SetScrollRange
ImageList_SetFlags
ImageList_Read
ImageList_Duplicate
ImageList_Add
CreatePropertySheetPageW
ImageList_SetBkColor
DrawStatusTextA
ImageList_Draw
ImageList_GetImageCount
ImageList_GetDragImage
ImageList_SetImageCount
ImageList_Destroy
GetMUILanguage
ImageList_GetImageRect
CreateStatusWindowW
DrawInsert
DllGetVersion
ImageList_DrawIndirect
ImageList_LoadImage
ImageList_DragEnter
ImageList_GetImageInfo

shlwapi

ColorRGBToHLS
wvnsprintfW
SHRegDuplicateHKey
PathStripToRootW
PathCombineA
PathRemoveBlanksW
StrCmpNIW
SHDeleteOrphanKeyA
StrCmpNIA
AssocQueryKeyW
StrPBrkA
SHLoadIndirectString
SHRegGetUSValueA
SHRegOpenUSKeyA
SHGetValueA
PathCompactPathExA
PathRemoveBackslashA
PathMatchSpecW
AssocQueryStringA
PathCreateFromUrlA
StrFormatKBSizeA
PathRemoveExtensionA
SHRegWriteUSValueW
StrRChrA
StrCSpnIA
PathRemoveFileSpecW
StrChrNW
PathIsDirectoryEmptyW
PathIsUNCA
SHCreateStreamOnFileA
PathIsUNCW
SHQueryInfoKeyW
StrFromTimeIntervalA
SHRegQueryInfoUSKeyW
PathUnquoteSpacesA
PathIsContentTypeW

netapi32

DsGetDcSiteCoverageW
NetUserDel
NetWkstaTransportAdd
DsValidateSubnetNameW
NetpMergeFtinfo
I_NetLogonUasLogon
DsGetDcCloseW
NetRemoteComputerSupports
NetpSetFileSecurity
NetGroupGetUsers
DsGetDcNameWithAccountA
I_NetDfsIsThisADomainName
I_NetServerAuthenticate3
I_NetServerReqChallenge
NetDfsAddFtRoot
NetConfigGet
NetReplImportDirGetInfo
NetpDbgPrint
NetUserGetLocalGroups
NetServiceEnum
RxNetAccessEnum
NetServerSetInfo
I_NetLogonControl
DsRoleGetDcOperationProgress
RxNetUserPasswordSet
NetUseDel
NetGetDCName
I_NetServerSetServiceBitsEx
NetMessageNameDel
I_NetLogonSendToSam
NetLocalGroupAdd
NetReplExportDirAdd
DsRoleServerSaveStateForUpgrade
NetServerEnumEx
I_NetServerAuthenticate2
NetScheduleJobDel

kernel32

CreateConsoleScreenBuffer
EnumResourceTypesW
PeekNamedPipe
GetSystemWow64DirectoryW
GetFullPathNameW
SetLastError
GetNumberOfConsoleMouseButtons
VirtualAlloc
WriteConsoleInputA
FindActCtxSectionStringA
GetConsoleCharType
IsDBCSLeadByte
EnumCalendarInfoExW
GetCurrentThread
OutputDebugStringA
DuplicateHandle
OpenProfileUserMapping
SetConsoleWindowInfo
RemoveDirectoryW
GlobalFlags
SetPriorityClass
TerminateThread
GlobalHandle
LoadLibraryA
AddRefActCtx
GetCompressedFileSizeW
GetProfileStringA
SetConsoleMaximumWindowSize
WriteConsoleOutputW
GetUserDefaultLCID
GetCurrentThreadId
OpenFileMappingW
HeapReAlloc
UTUnRegister
SetFilePointerEx
SetupComm
SetConsoleInputExeNameA
FindFirstVolumeW
WriteConsoleInputVDMW
GetEnvironmentStringsA
GlobalAlloc
GetThreadPriorityBoost
DeleteTimerQueue
GetCommandLineA
ReadConsoleA
HeapAlloc
AddConsoleAliasA
GetConsoleInputExeNameA
SetConsoleHardwareState
GetCurrentProcessId

mapi32

ScRelocNotifications@20
MAPIAddress
MAPIAllocateMore@12
CloseIMsgSession@4
DeregisterIdleRoutine@4
FBadSortOrderSet@4
MAPIAdminProfiles@8
ScDupPropset@16
MAPISendMail
MAPIDetails
GetTnefStreamCodepage@12
HrDecomposeMsgID@24
FBadRowSet@4
UNKOBJ_Free@8
MAPISendDocuments
HrAddColumns@16
WrapStoreEntryID@24
PRProviderInit
HrEntryIDFromSz@12
ScMAPIXFromCMC
MAPIUninitialize
MAPIAllocateBuffer@8
ScCountProps@12
MAPILogonEx
cmc_send
LAUNCHWIZARD
MNLS_lstrcmpW@8
cmc_read
ChangeIdleRoutine@28

Sections

.text
Size: 90KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9590fb4e0754d94d45bd771a30cfe95

Headers

File Characteristics

Imports

msi

comctl32

shlwapi

netapi32

kernel32

mapi32

Sections

.text Size: 90KB - Virtual size: 92KB

.rdata Size: 204KB - Virtual size: 208KB

.data Size: 32KB - Virtual size: 384KB

.rsrc Size: 34KB - Virtual size: 36KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 90KB - Virtual size: 92KB

.rdata
Size: 204KB - Virtual size: 208KB

.data
Size: 32KB - Virtual size: 384KB

.rsrc
Size: 34KB - Virtual size: 36KB

.reloc
Size: 1024B - Virtual size: 4KB