02e275e20427787858ee3d82b805393f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

02e275e20427787858ee3d82b805393f_JaffaCakes118
Size

257KB
MD5

02e275e20427787858ee3d82b805393f
SHA1

6cd80a921b1bb144e7c2706035e39a80474f29f6
SHA256

62954303189eca670f95ec6cb152e823812d7069f32ecc709081e495146c5376
SHA512

a3b41bcc93a0718ca7096809e34d17f1cfd8d3edf07e6fdc66326e7ea947f497d01b9b66fa4d4fb0c62ecfb2e914b3a78286628ec45dab8e026caecc50bd4575
SSDEEP

3072:mK6eZFXZ4wEIBaKaqr6q36aCqqqCa6XqK2aAgBWovXVwoKUGFtFyUvsMgTp/1UvP:jIY/WXJK1gsg/gzEk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02e275e20427787858ee3d82b805393f_JaffaCakes118

Files

02e275e20427787858ee3d82b805393f_JaffaCakes118
.exe windows:3 windows x86 arch:x86

af1e0cdac3f130d9bc36472e3dc76f51

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadWritePtr
IsDBCSLeadByteEx
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LocalSize
LockResource
MapViewOfFile
Module32NextW
MultiByteToWideChar
OpenEventW
OpenFileMappingW
OpenProcess
OpenThread
ProcessIdToSessionId
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReadFileEx
ReleaseMutex
SetCalendarInfoW
SetConsoleCtrlHandler
HeapSize
SetConsoleOutputCP
SetConsoleTextAttribute
SetEvent
SetFilePointer
SetFilePointerEx
SetLastError
SetPriorityClass
SetProcessAffinityMask
SetProcessShutdownParameters
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SwitchToThread
SystemTimeToFileTime
TerminateProcess
TerminateThread
Thread32First
TlsAlloc
TlsFree
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile
lstrcatW
lstrcmpW
lstrcmpi
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW
HeapSetInformation
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapCompact
HeapAlloc
GlobalCompact
GetVersionExW
GetVersionExA
AreFileApisANSI
GetUserDefaultUILanguage
GetUserDefaultLCID
GetTickCount
GetThreadTimes
GetThreadLocale
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetSystemDirectoryW
GetSystemDefaultUILanguage
GetSystemDefaultLCID
GetStringTypeExW
GetStringTypeExA
GetStringTypeA
GetStdHandle
GetStartupInfoW
GetStartupInfoA
GetProcessHeap
GetProcessAffinityMask
GetProcAddress
GetPriorityClass
GetNumberOfConsoleMouseButtons
GetNumberFormatW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetLocaleInfoW
GetLastError
GetFullPathNameW
GetFullPathNameA
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentDirectoryA
GetCurrencyFormatW
GetConsoleScreenBufferInfo
GetConsoleOutputCP
GetConsoleMode
GetConsoleFontSize
GetComputerNameW
GetCompressedFileSizeW
GetCommandLineW
GetCommConfig
GetCalendarInfoA
FreeLibrary
FormatMessageW
FormatMessageA
FlushConsoleInputBuffer
FindResourceW
FindResourceExW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
ExpandEnvironmentStringsW
ExitProcess
EnterCriticalSection
EncodePointer
DuplicateHandle
DisconnectNamedPipe
DeviceIoControl
DeleteTimerQueueEx
DeleteFileA
DeleteCriticalSection
DecodePointer
DebugBreak
CreateWaitableTimerW
CreateThread
CreateProcessW
CreateMutexW
CreateFileW
CreateFileMappingW
CreateFileA
CreateEventW
CreateEventA
CompareStringW
CloseHandle
ChangeTimerQueueTimer
BackupRead
SetConsoleMode

user32

IsCharLowerA
ShowCaret
GetOpenClipboardWindow
GetDesktopWindow
CountClipboardFormats
GetAsyncKeyState
GetSysColor
GetWindowTextLengthW
GetWindowTextLengthA
IsGUIThread
EnumClipboardFormats
CharLowerA
GetClipboardData
GetFocus
GetProcessWindowStation
GetDialogBaseUnits
GetClipboardSequenceNumber
CloseDesktop
GetQueueStatus
GetKBCodePage
IsCharAlphaW
GetListBoxInfo
IsIconic
DestroyCursor
IsCharUpperW
wsprintfW
WinHelpW
ValidateRect
UpdateWindow
UnregisterClassW
TranslateMessage
ShowWindow
SetWindowLongW
SetTimer
SetScrollInfo
SetForegroundWindow
SetFocus
SetDlgItemTextW
SetDlgItemTextA
SetClassWord
SendMessageW
SendDlgItemMessageW
ScreenToClient
ReleaseDC
RegisterDeviceNotificationW
RegisterClassW
PostThreadMessageW
PostQuitMessage
PostMessageW
PeekMessageW
OpenWindowStationW
OemToCharA
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MessageBoxW
MessageBeep
MapVirtualKeyExW
LoadIconW
LoadCursorW
KillTimer
IsDlgButtonChecked
IsDialogMessageW
IsDialogMessage
GetWindowLongW
GetSystemMenu
GetParent
GetMessageW
GetMessageTime
GetKeyboardLayoutNameW
GetDlgItemTextW
GetDlgItem
GetDlgCtrlID
GetDC
GetCursorPos
GetCaretPos
EnumChildWindows
EndDialog
EnableWindow
DrawTextA
DlgDirListA
DispatchMessageW
DialogBoxParamW
DestroyWindow
DeleteMenu
DefWindowProcW
DefDlgProcW
DdeQueryConvInfo
CreateIcon
CreateDialogParamW
CopyIcon
ChildWindowFromPoint
CheckRadioButton
CharNextW
CallWindowProcW
BeginPaint
AppendMenuW
AppendMenuA
CreateWindowExW

gdi32

CloseFigure
FlattenPath
GetTextColor
EndDoc
CloseEnhMetaFile
SaveDC
BeginPath
GetTextCharacterExtra
RealizePalette
GetBkMode
EndPath
PathToRegion
GetLayout
GetGraphicsMode
GetStretchBltMode
UpdateICMRegKeyA
SetWindowExtEx
SetICMProfileW
SelectBrushLocal
RemoveFontResourceExW
Polyline
PolyPolyline
PolyBezierTo
Pie
PATHOBJ_vEnumStart
MoveToEx
GetTransform
GetTextCharsetInfo
GetTextAlign
GetPaletteEntries
GetMetaFileBitsEx
GetGlyphOutlineWow
GetClipRgn
GetCharWidthInfo
GdiReleaseDC
GdiQueryFonts
GdiPlayPrivatePageEMF
GdiPlayEMF
GdiConvertDC
GdiConvertAndCheckDC
EngUnicodeToMultiByteN
EngStretchBltROP
EngLineTo
EngGetPrinterDataFileName
EngCreateDeviceBitmap
EndFormPage
CreatePen
CreateMetaFileW
CreateHalftonePalette
CreateDiscardableBitmap
CreateDIBPatternBrush
GetColorSpace
AddFontResourceW

advapi32

RegOpenKeyW
UnregisterTraceGuids
TraceMessage
SetThreadToken
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RevertToSelf
ReportEventW
RegisterTraceGuidsW
RegisterEventSourceW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDisablePredefinedCache
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
OpenThreadToken
OpenProcessToken
MapGenericMask
MakeSelfRelativeSD
MakeAbsoluteSD
InitializeSecurityDescriptor
InitializeAcl
ImpersonateLoggedOnUser
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
GetTokenInformation
GetSecurityDescriptorLength
GetLengthSid
GetAclInformation
FreeSid
DeregisterEventSource
CopySid
ConvertStringSecurityDescriptorToSecurityDescriptorW
AllocateAndInitializeSid
AdjustTokenPrivileges
AddAce
AccessCheck
RegQueryValueExA

ole32

StringFromGUID2
CoUninitialize
CoSwitchCallContext
CoRevokeClassObject
CoRevertToSelf
CoRegisterClassObject
CoMarshalInterThreadInterfaceInStream
CoInitializeSecurity
CoInitializeEx
CoImpersonateClient
CoGetInterfaceAndReleaseStream
CoGetClassObject
CoGetCallContext
CoFreeUnusedLibrariesEx
CoCreateInstance
CoCreateGuid
CLSIDFromString

msvcrt

__getmainargs
wcstok
wcslen
setlocale
exit
_wcsicmp
_vsnwprintf
_purecall
_onexit
_initterm
_exit
_except_handler3
_controlfp
_cexit
_c_exit
_adjust_fdiv
_acmdln
__setusermatherr
_CxxThrowException
_XcptFilter
__CxxFrameHandler
__dllonexit
__p__commode
__p__fmode
__set_app_type

msvcr120

?__ExceptionPtrCopy@@YAXPAXPBX@Z

dui70

?SetDefaultButtonTracking@XProvider@DirectUI@@UEAAJ_N@Z

msvcr100

_wfsopen

Sections

.text
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gfids
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textbs
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textwcJ
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.l1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

a`KXtA
Size: 512B - Virtual size: 128B

.data1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

af1e0cdac3f130d9bc36472e3dc76f51

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

msvcrt

msvcr120

dui70

msvcr100

Sections

.text Size: 181KB - Virtual size: 180KB

.gfids Size: 11KB - Virtual size: 10KB

.textbs Size: 512B - Virtual size: 352B

.rsrc Size: 13KB - Virtual size: 13KB

.textwcJ Size: 512B - Virtual size: 6B

.l1 Size: 16KB - Virtual size: 16KB

a`KXtA Size: 512B - Virtual size: 128B

.data1 Size: 16KB - Virtual size: 16KB

.l1 Size: 16KB - Virtual size: 16KB

.text
Size: 181KB - Virtual size: 180KB

.gfids
Size: 11KB - Virtual size: 10KB

.textbs
Size: 512B - Virtual size: 352B

.rsrc
Size: 13KB - Virtual size: 13KB

.textwcJ
Size: 512B - Virtual size: 6B

.l1
Size: 16KB - Virtual size: 16KB

a`KXtA
Size: 512B - Virtual size: 128B

.data1
Size: 16KB - Virtual size: 16KB

.l1
Size: 16KB - Virtual size: 16KB