a5dfae0ef9407d9d8a4830a05a7bd53a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a5dfae0ef9407d9d8a4830a05a7bd53a_JaffaCakes118
Size

25KB
MD5

a5dfae0ef9407d9d8a4830a05a7bd53a
SHA1

5c92666ba5faa0516d7302fda9f11cb1d8e47e48
SHA256

436a7f5f5f649ac2289561901ca9b87483163dfb505042bca1e2920255fd25b6
SHA512

404b9ad5f7302842b77f17e9c10e0550b0279df0d53db432a28d1ed16a485b30bf63b9f628b5388064cd46408760f32d2941eb80bf415dee7ba75ee025796567
SSDEEP

768:Ue8z/ZLzkmQ9bfWMwIUCDbdtHYpbcuoii:Uzz/ZLu9Dhypbcuw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5dfae0ef9407d9d8a4830a05a7bd53a_JaffaCakes118

Files

a5dfae0ef9407d9d8a4830a05a7bd53a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1fad03757cbe167bb02fcd21defcbf66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

uxtheme

IsThemePartDefined
GetThemePosition
DrawThemeParentBackground
EnableTheming
DrawThemeIcon
GetThemePartSize
GetThemeTextExtent
GetThemeSysColor
GetThemeTextMetrics
GetThemeBackgroundContentRect
IsThemeDialogTextureEnabled
GetThemeFont
GetThemeSysString
GetCurrentThemeName
GetThemeRect
OpenThemeData
GetThemeIntList
GetThemeDocumentationProperty
GetWindowTheme
GetThemeColor
DrawThemeEdge
GetThemeMargins
GetThemeFilename
GetThemeSysSize
IsAppThemed
GetThemeInt
SetWindowTheme
GetThemeAppProperties
GetThemeSysInt
GetThemeBackgroundExtent
GetThemeSysFont
DrawThemeText
CloseThemeData
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
HitTestThemeBackground
GetThemeSysColorBrush
GetThemeMetric
GetThemeBool
GetThemeSysBool
GetThemeBackgroundRegion
IsThemeActive

msdart

?_CurrentThreadId@CReaderWriterLock3@@CGJXZ
?_InsertThisIntoGlobalList@CLKRHashTable@@AAEXXZ
?_TryReadLock@CReaderWriterLock@@AAE_NXZ
?_Clear@CLKRLinearHashTable@@AAEX_N@Z
?_ReadLockSpin@CReaderWriterLock3@@AAEXW4SPIN_TYPE@1@@Z
?sm_llGlobalList@CLKRLinearHashTable@@0VCLockedDoubleList@@A
?sm_dblDfltSpinAdjFctr@CCritSec@@1NA
?FindRecord@CLKRHashTable@@QBE?AW4LK_RETCODE@@PBX@Z
?IsWinNt4orLater@CMdVersionInfo@@SAHXZ
?_EqualKeys@CLKRLinearHashTable@@ABE_NKK@Z
??1CLKRLinearHashTable@@QAE@XZ
?SetDefaultSpinAdjustmentFactor@CReaderWriterLock3@@SGXN@Z
?WriteLock@CLKRHashTable@@QAEXXZ
?sm_wDefaultSpinCount@CReaderWriterLock2@@1GA
?_PredTrue@CLKRLinearHashTable@@CG?AW4LK_PREDICATE@@PBXPAX@Z
?ReadUnlock@CReaderWriterLock3@@QAEXXZ
?ReadOrWriteUnlock@CReaderWriterLock3@@QAEX_N@Z
?IsEmpty@CSingleList@@QBE_NXZ
?Lock@CLockedDoubleList@@QAEXXZ
?ConvertSharedToExclusive@CLKRHashTable@@QBEXXZ
?_AddRefRecord@CLKRLinearHashTable@@ABEXPBXH@Z
?SetDefaultSpinAdjustmentFactor@CFakeLock@@SGXN@Z
?sm_dblDfltSpinAdjFctr@CReaderWriterLock@@1NA
?GetDefaultSpinAdjustmentFactor@CFakeLock@@SGNXZ
?ReadUnlock@CReaderWriterLock@@QAEXXZ
?SetSpinCount@CReaderWriterLock3@@QAE_NG@Z
?TryReadLock@CFakeLock@@QAE_NXZ
?DeleteKey@CLKRHashTable@@QAE?AW4LK_RETCODE@@K@Z
?BucketIndex@CLKRHashTableStats@@SGJJ@Z
?SetSpinCount@CSpinLock@@QAE_NG@Z
?ReadLock@CCritSec@@QAEXXZ
?SetSpinCount@CCritSec@@QAE_NG@Z
?InsertTail@CDoubleList@@QAEXQAVCListEntry@@@Z
?_Expand@CLKRLinearHashTable@@AAE?AW4LK_RETCODE@@XZ
?_TryLock@CSpinLock@@AAE_NXZ
?_CalcKeyHash@CLKRHashTable@@ABEKK@Z
?IsLocked@CLockedSingleList@@QBE_NXZ
IrtlTrace
?SetDefaultSpinCount@CSpinLock@@SGXG@Z
?TryWriteLock@CSmallSpinLock@@QAE_NXZ
?InsertHead@CDoubleList@@QAEXQAVCListEntry@@@Z
??0CReaderWriterLock2@@QAE@XZ
?sm_dblDfltSpinAdjFctr@CSmallSpinLock@@1NA

kernel32

Beep
GlobalAddAtomW
GetVersion
CreateWaitableTimerW
GetNumberOfConsoleInputEvents
SetFileShortNameW
VirtualAlloc
lstrcmpiA
ChangeTimerQueueTimer
WriteProcessMemory
GetStringTypeW
GlobalAddAtomA
TerminateJobObject
VirtualQueryEx
GlobalFix
RegisterWaitForSingleObject
Heap32ListNext
GetConsoleMode
ExpungeConsoleCommandHistoryA
Sleep
GetCurrentThreadId
lstrcmpiW
RemoveLocalAlternateComputerNameW
CompareStringW
HeapSetInformation
GetSystemTimeAsFileTime
GetNamedPipeHandleStateW
GetCurrencyFormatW
GetConsoleAliasW
GlobalCompact
GetLastError

netapi32

NetWkstaGetInfo
DsAddressToSiteNamesExW
NetServerComputerNameAdd
NetShareAdd
I_NetAccountDeltas
NetLocalGroupGetInfo
NetpNetBiosStatusToApiStatus
DsRoleGetDcOperationResults
I_NetDatabaseSync
RxNetAccessAdd
NetWkstaUserSetInfo
DsGetDcNextW
DsGetDcNameA
NetSetPrimaryComputerName
NetGetAnyDCName
NetDfsSetClientInfo
NetServerEnumEx
NetApiBufferAllocate
NetServerDiskEnum
NetServerTransportEnum
NetLogonSetServiceBits
NetpCopyFtinfoContext
DsGetSiteNameW
NetQueryDisplayInformation
NetpwPathCanonicalize
NetAlertRaise
NetMessageNameEnum
NetDfsGetInfo
NetServiceEnum
NetDfsSetInfo
NetpSetFileSecurity
NetEnumerateComputerNames
NetServiceGetInfo
NetReplExportDirSetInfo
NetMessageNameAdd

msvcirt

?seekoff@streambuf@@UAEJJW4seek_dir@ios@@H@Z
?clog@@3Vostream_withassign@@A
?sh_read@filebuf@@2HB
?rdbuf@stdiostream@@QBEPAVstdiobuf@@XZ
??_Dostream_withassign@@QAEXXZ
?what@exception@@UBEPBDXZ
??_Gistrstream@@UAEPAXI@Z
??_7istream_withassign@@6B@
?oct@@YAAAVios@@AAV1@@Z
?setbuf@filebuf@@UAEPAVstreambuf@@PADH@Z
??4istream@@IAEAAV0@PAVstreambuf@@@Z
?ws@@YAAAVistream@@AAV1@@Z
??5istream@@QAEAAV0@AAM@Z
?gcount@istream@@QBEHXZ
??_8strstream@@7Bostream@@@
?setg@streambuf@@IAEXPAD00@Z
??_Gostrstream@@UAEPAXI@Z
??0stdiostream@@QAE@ABV0@@Z
?read@istream@@QAEAAV1@PADH@Z
??0stdiostream@@QAE@PAU_iobuf@@@Z
??4ostream_withassign@@QAEAAVostream@@ABV1@@Z
??_Eostream_withassign@@UAEPAXI@Z
?pbase@streambuf@@IBEPADXZ
?setbuf@ofstream@@QAEPAVstreambuf@@PADH@Z
?get@istream@@QAEHXZ
??_7stdiostream@@6B@

msvcrt20

strcoll
?setbuf@filebuf@@UAEPAVstreambuf@@PADH@Z
_atodbl
?snextc@streambuf@@QAEHXZ
wcsncat
?attach@ifstream@@QAEXH@Z
?pcount@ostrstream@@QBEHXZ
__STRINGTOLD
_rmdir
?openprot@filebuf@@2HB
_endthread
_tcsrev
??1istrstream@@UAE@XZ
fread
?oct@@YAAAVios@@AAV1@@Z
_ismbcalnum
?_query_new_mode@@YAHXZ
wcsncmp
strncmp
_getch
_wspawnvp
_heapadd
fprintf
_stat
fwrite

opengl32

glCallLists
glColorMask
glEdgeFlagPointer
glIsList
glTexCoord3sv
glLightfv
glGetClipPlane
glRasterPos2d
glVertex3s
glIndexubv
glVertex3fv
glGenTextures
glMultMatrixf
glMapGrid1f
glLightiv
glVertex4sv
glGetTexParameteriv
glClearColor
glEnable
glTexGenf
glLineWidth
glRasterPos4iv
wglGetPixelFormat
glTexCoord2d
glColor3f
glClearAccum
wglSetLayerPaletteEntries
glGetMapfv

w32time

W32TimeQueryNTPProviderStatus
DllInstall
W32TimeQueryConfig
W32TimeGetNetlogonServiceBits
W32TimeDcPromo
W32TimeSyncNow
W32TimeVerifyUnjoinConfig
TimeProvCommand
TimeProvOpen
W32TmServiceMain
SvchostPushServiceGlobals
SvchostEntry_W32Time
TimeProvClose
fnW32TmRegisterServiceCtrlHandlerEx
W32TimeQueryHardwareProviderStatus
W32TimeBufferFree
DllRegisterServer
DllUnregisterServer
W32TimeSetConfig
fnW32TmSetServiceStatus
W32TimeVerifyJoinConfig

itircl

DllRegisterServer
DllUnregisterServer
DllGetClassObject
DllCanUnloadNow

user32

SetFocus

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1fad03757cbe167bb02fcd21defcbf66

Headers

DLL Characteristics

File Characteristics

Imports

uxtheme

msdart

kernel32

netapi32

msvcirt

msvcrt20

opengl32

w32time

itircl

user32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 1KB - Virtual size: 4KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 1KB - Virtual size: 4KB