acd7b576123fffbdfbd847abc6d63fef_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

acd7b576123fffbdfbd847abc6d63fef_JaffaCakes118
Size

367KB
MD5

acd7b576123fffbdfbd847abc6d63fef
SHA1

05710a1514ef9f4bce9db7af3ba3c189d03c2ced
SHA256

b7c9bbe987e8c3dff1a66c5b43ed8ef72c466fbc020170c7d515d61d37aedb78
SHA512

3b89f8979f17fc9f290a4c6cc6781a64c95ee858c05c52ee43e86677d439af0dbf52dcbc454a050e5fa3fd3adb63750dfb59fe9e6be65e0e8271a26b5b5cc4c6
SSDEEP

6144:nKGYFu4EurvIs8HfCFaRTZhHLmPSZ8+4CCmxVceM3xr4z1WOc97i+1iTD:KGvSIsy9TZhsh+4C5xq3xcZWOc9WsY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acd7b576123fffbdfbd847abc6d63fef_JaffaCakes118

Files

acd7b576123fffbdfbd847abc6d63fef_JaffaCakes118
.exe windows:5 windows x86 arch:x86

67289416526f8a784078955649d5c940

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSocketHandle
GlobalLock
GetSystemTimeAdjustment
GetConsoleKeyboardLayoutNameW
GlobalUnWire
GetUserGeoID
LoadLibraryA
SetMessageWaitingIndicator
IsValidLocale
GetProfileStringW
GlobalFix
GetPrivateProfileStringW
DnsHostnameToComputerNameA
ResetEvent
GetModuleHandleW
PrivCopyFileExW
DefineDosDeviceA
CreateNamedPipeW
LocalSize
SetInformationJobObject
lstrcpy
EnterCriticalSection
lstrlenW
GetCompressedFileSizeA
GetConsoleTitleW
VirtualAlloc
CreateSemaphoreW
LeaveCriticalSection
DeleteCriticalSection
SetFilePointerEx

expsrv

EbDestroyContext
rtcGetAllSettings
__vbaFileCloseAll
__vbaLateMemStAd
rtcRightVar
_adj_fdivr_m16i
__vbaVarLateMemStAd
__vbaVarCopy
rtcSpaceBstr
__vbaDateVar
__vbaVargVarCopy
__vbaAryDestruct
rtcPackTime
__vbaStrR4
rtcIsArray
__vbaI2Abs
rtCyFromErrVar
__vbaR8Str
__vbaVarTstGe
__vbaRedimPreserveVar2
__vbaNew
__vbaAryRebase1Var
rtcUpperCaseBstr
__vbaAryRecMove
__vbaUdtVar
__vbaVarTextTstNe
__vbaPutFxStr3
__vbaVarTstLe
rtcFileAttributes
__vbaR4ForNextCheck
__vbaStrUI1

gdi32

GetOutlineTextMetricsA
GetWinMetaFileBits
GdiDeleteSpoolFileHandle
SetSystemPaletteUse
DdEntry43
SetMagicColors
SetPaletteEntries
AnimatePalette
CheckColorsInGamut
StartPage
GetLogColorSpaceW
GetGlyphIndicesW
RemoveFontResourceExA
GetWorldTransform
GetCharABCWidthsFloatW
DdEntry40
SetICMMode
EngCopyBits
Ellipse
GetFontData
SetWindowExtEx
GetTextCharacterExtra
GetEUDCTimeStampExW
InvertRgn
CLIPOBJ_ppoGetPath
Polyline
GdiEntry12
GetROP2
GetTextCharsetInfo

cfgmgr32

CM_Get_DevNode_Registry_PropertyA
CM_Get_Next_Res_Des_Ex
CM_Free_Log_Conf
CM_Get_HW_Prof_FlagsA
CM_Get_Hardware_Profile_Info_ExW
CM_Get_Device_ID_ListA
CM_Query_And_Remove_SubTree_ExA
CM_Uninstall_DevNode
CM_Add_Res_Des_Ex
CM_Detect_Resource_Conflict
CM_Get_Hardware_Profile_InfoW
CM_Get_Device_ID_ListW
CM_Get_Depth
CM_Add_Res_Des
CM_Get_Next_Res_Des
CM_Get_Resource_Conflict_Count
CM_Get_Child
CM_Get_HW_Prof_Flags_ExW
CM_Set_HW_Prof_FlagsA
CM_Free_Res_Des_Handle
CM_Get_Device_ID_List_SizeW
CM_Get_Device_Interface_ListW
CM_Register_Device_Driver
CM_Add_ID_ExW
CM_Set_HW_Prof_Flags_ExA
CM_Get_Class_Registry_PropertyA
CM_Get_Device_ID_List_Size_ExW
CM_Open_Class_KeyA
CM_Get_Device_ID_List_Size_ExA
CM_Get_Device_Interface_AliasA
CM_Get_Device_IDA

sqlunirl

_GetOpenFileName@4
_FindText_@4
_SHGetFileInfo_@20
_DlgDirList_@20
_GetKeyboardLayoutName_@4
newWideCharFromMultiByte
_LoadImage_@24
_GetDefaultCommConfig_@12
_OpenMutex_@12
_CommDlg_OpenSave_GetSpec@12
_SetComputerName_@4
_GetEnvironmentStrings_@4
_ShellExecuteEx_@4
_GetVersionEx@4
_NDdeSetShareSecurity_@16
_ShellExecute_@24
_trename
_GetDiskFreeSpaceEx@16
_GetTextExtentExPoint_@28
_SetFileSecurity_@12
_OpenBackupEventLog_@8
_FindNextFile_@8
_StartServiceCtrlDispatcher_@4
_FindExecutable_@12
_IsCharAlpha_@4
_OutputDebugString_@4

opengl32

glVertex2sv
glTexCoord3s
glColor4bv
glGetPolygonStipple
glShadeModel
glTexImage1D
glCopyTexImage2D
glVertex2f
glLightModeli
glBindTexture
glStencilOp
glVertex2iv
glRasterPos4f
glDepthFunc
glIndexi
glTexGend
glIndexsv
glVertex3d
glGenTextures
glTexGendv
glIsEnabled
glColorMaterial
glNormal3dv
glPixelTransferi
glLightf
glColor3ub
glColor3b
glColor4iv
glGetDoublev
glDepthMask
glTexSubImage2D
glRasterPos2sv
glVertex3i

imagehlp

StackWalk
SymEnumSym
UpdateDebugInfoFileEx
ReBaseImage
SymLoadModule
RemoveRelocations
BindImageEx
ImageDirectoryEntryToDataEx
ImageRvaToSection
SymFindFileInPath
CheckSumMappedFile
SetImageConfigInformation
SymGetModuleInfo
UnmapDebugInformation
SearchTreeForFile
SymGetOptions
SymGetLineFromAddr
ReBaseImage64
SymLoadModule64
FindDebugInfoFileEx
ImagehlpApiVersionEx
SymEnumerateSymbolsW
ImageDirectoryEntryToData
SymGetModuleBase64
SymGetSymFromName64
SymGetSymPrev
SymFunctionTableAccess64
SplitSymbols
SymGetLineFromName
SymGetSymFromAddr
FindExecutableImageEx
SymUnloadModule
SymRegisterCallback64
SymGetSymPrev64
SymEnumerateSymbols64
SymEnumerateSymbols

user32

GetMenuState
SetDlgItemTextA
EnableWindow
GetDlgCtrlID
UnhookWinEvent
DlgDirListW
DdeQueryConvInfo
GetDesktopWindow
GetScrollPos
DispatchMessageW
SendMessageTimeoutW
LoadMenuW
GetUserObjectInformationW
GetProgmanWindow
GetFocus
LoadLocalFonts
SetTaskmanWindow
GetClipboardSequenceNumber
OpenDesktopA
ShowCursor
PrivateExtractIconsW
ChangeMenuA
GetRegisteredRawInputDevices
OpenInputDesktop
IsCharUpperA
GetMouseMovePointsEx
CopyRect
CharNextExA

iprop

PropStgNameToFmtId
FmtIdToPropStgName
PropVariantClear
StgCreatePropStg
FreePropVariantArray
PropVariantCopy
StgOpenPropStg
StgCreatePropSetStg

wiavideo

DllGetClassObject
DllUnregisterServer
DllRegisterServer

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 300KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67289416526f8a784078955649d5c940

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

expsrv

gdi32

cfgmgr32

sqlunirl

opengl32

imagehlp

user32

iprop

wiavideo

Sections

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 300KB - Virtual size: 724KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 300KB - Virtual size: 724KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB