a7b0fbaa32f1b7fbb66421c6370a2936_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a7b0fbaa32f1b7fbb66421c6370a2936_JaffaCakes118
Size

47KB
MD5

a7b0fbaa32f1b7fbb66421c6370a2936
SHA1

149f1df771364ffe77a510fc6a1d23e39f95e2e5
SHA256

f60833d20b1396c7114ab1f9dd700c154c67eb99c1328adecf7b84c0787e4ba3
SHA512

7664ebebce8e3a6deb870c7bdc3f92bf08e38f8e539522df74354cad3ebffa5de7a7fd9940640610815304e2827b99fe8676f85bfd84eac9d04c9924234a81c6
SSDEEP

768:SRPs8pS3URVCnQq6U3zHRLwYAZqPL9LH+2neQdLhWVa5ycSsp/RHFjAL:OkUWUR86U7R1AZqPL9Le2neQRgY9Sspy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7b0fbaa32f1b7fbb66421c6370a2936_JaffaCakes118

Files

a7b0fbaa32f1b7fbb66421c6370a2936_JaffaCakes118
.exe windows:5 windows x86 arch:x86

16eceea8644bc87b96e4cfb0fdadcab9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

scecli

SceSysPrep
SceGenerateGroupPolicy
SceFreeMemory
SceSetupBackupSecurity
SceCommitTransaction
SceSetDatabaseSetting
SceWriteSecurityProfileInfo
SceSvcGetInformationTemplate
SceStartTransaction
SceCompareSecurityDescriptors
SceCreateDirectory
SceGetTimeStamp
SceUpdateSecurityProfile
SceEnumerateServices
SceCompareNameList
SceConfigureSystem
SceGenerateRollback
SceAddToNameList
SceGetSecurityProfileInfo
SceDcPromoCreateGPOsInSysvol
SceEnforceSecurityPolicyPropagation
InitializeChangeNotify
SceGetObjectSecurity
SceSetupGenerateTemplate
SceFreeProfileMemory
SceDcPromoteSecurityEx
SceGetDatabaseSetting
SceCopyBaseProfile
SceUpdateObjectInfo
SceGetScpProfileDescription
SceIsSystemDatabase
SceOpenProfile
DeltaNotify
SceNotifyPolicyDelta
SceSvcSetInformationTemplate
SceGetDbTime
SceSvcUpdateInfo

kernel32

GlobalMemoryStatus
ReleaseActCtx
GetUserDefaultUILanguage
LocalFlags
VirtualAlloc
HeapCreate
FillConsoleOutputCharacterW
VirtualAllocEx
FindFirstFileExW
SetSystemPowerState
GetPrivateProfileIntA
CreateNamedPipeA
GetSystemTimeAsFileTime
OpenConsoleW
GetPrivateProfileSectionA
WriteConsoleInputA
VirtualLock
TlsGetValue
GetConsoleAliasExesLengthW
LockFile
GetLocaleInfoW
CreateActCtxA
VerifyConsoleIoHandle
IsDebuggerPresent
BuildCommDCBA
GlobalHandle
WriteProfileStringA
CreateTapePartition
BeginUpdateResourceA
TermsrvAppInstallMode
WriteConsoleOutputW
SetConsoleIcon
LoadLibraryA
EnumCalendarInfoA
SetFilePointer
GetTapeStatus
GetComputerNameExA
GetConsoleAliasW
SetInformationJobObject
CmdBatNotification
SetFileAttributesA
HeapDestroy
LocalAlloc

dbghelp

FindExecutableImage
SymEnumerateModules
SymSetSearchPath
SymGetModuleBase64
omap
ImageRvaToVa
ImageDirectoryEntryToDataEx
SymGetLineNext
dh
GetTimestampForLoadedLibrary
SymMatchFileName
SymEnumerateSymbols
MakeSureDirectoryPathExists
DbgHelpCreateUserDump
SymInitialize
SymEnumSourceFiles
StackWalk64
UnmapDebugInformation
dbghelp
SymGetSymFromName64
EnumerateLoadedModules
lmi
UnDecorateSymbolName
ImagehlpApiVersion
SymRegisterFunctionEntryCallback64
SymEnumTypes
SymGetSymPrev64
SymLoadModuleEx
SymFromAddr
SymUnDName
SymGetSymFromAddr64
SymEnumerateSymbols64
SymGetModuleInfo
SymSetContext
SymEnumerateModules64
SymUnloadModule64
SymEnumerateSymbolsW
SymSetOptions
SymLoadModule64
SymFunctionTableAccess
vc7fpo
SearchTreeForFile

opengl32

glVertex3dv
glGetTexGenfv
glRectf
glGetTexGendv
glVertex3sv
glGetString
glEnd
wglGetProcAddress
glClearAccum
glFrontFace
glNormal3s
glTexImage2D
glPixelMapuiv
glListBase
glColor3fv
glColor4fv
glEvalCoord1d
glLightiv
glEnable
glRasterPos2i
glTexCoord4iv
glGetLightiv
glTexCoord3sv
glGetPolygonStipple
glPolygonMode
glPixelStorei
glGenTextures
glVertex2fv
glStencilFunc
wglDeleteContext
glVertex4fv
glColor4iv
glRasterPos4iv
glNormal3d

comdlg32

ReplaceTextA
GetOpenFileNameW
GetSaveFileNameA
dwLBSubclass
dwOKSubclass
PrintDlgW
ChooseFontA
CommDlgExtendedError
ChooseColorA
Ssync_ANSI_UNICODE_Struct_For_WOW
GetOpenFileNameA
GetFileTitleW
GetSaveFileNameW
WantArrows
ChooseFontW
PrintDlgExA
ChooseColorW
FindTextW
GetFileTitleA
FindTextA
PageSetupDlgA
PrintDlgA
PrintDlgExW
ReplaceTextW
LoadAlterBitmap

oleaut32

VarDecFromR8
QueryPathOfRegTypeLib
VarUI1FromUI2
VarI1FromUI1
VariantTimeToSystemTime
OaBuildVersion
VarFormatPercent
VarI4FromI1
SafeArrayPtrOfIndex
VarBstrFromR8
VarDecNeg
VarDateFromUI4
VarCyFix
VarXor
VarCyFromUI2
VarR8FromI1
SafeArrayDestroyDescriptor
VarNot
LPSAFEARRAY_UserFree
VarBstrFromI2
VarI1FromStr
VarDateFromI8
VarR4FromI4
VarR4FromDec
VarUI8FromBool
VarIdiv
OleTranslateColor
VarUI2FromR4
VarUI2FromUI8

gdi32

PolyBezier
SetPixelV
GdiDeleteLocalDC
GdiCreateLocalMetaFilePict
FontIsLinked
GdiSetBatchLimit
GetDCOrgEx
DdEntry19
AddFontMemResourceEx
EndPage
GetETM
GetTextFaceA
GdiConvertEnhMetaFile
GdiRealizationInfo
GetTextExtentPoint32W
GetCurrentPositionEx
Pie
GetTextCharacterExtra
XLATEOBJ_piVector
STROBJ_vEnumStart
DdEntry14
GetStringBitmapW
EngDeleteSemaphore
PlayEnhMetaFile
GetTransform

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16eceea8644bc87b96e4cfb0fdadcab9

Headers

DLL Characteristics

File Characteristics

Imports

scecli

kernel32

dbghelp

opengl32

comdlg32

oleaut32

gdi32

Sections

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 55KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 55KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 1024B