abde1b59019c37e94494dfb0296b5764_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

abde1b59019c37e94494dfb0296b5764_JaffaCakes118
Size

880KB
MD5

abde1b59019c37e94494dfb0296b5764
SHA1

94b0cde0be99983c42103ed3fcfbb8af6efd8dec
SHA256

e0dbc9683c6c000c8bbabb1ebf51d513d55fd6872c7212e68a2e42793bb553d5
SHA512

e8b3217750e46d6e00ffae89d5e564914c4b25fa63f768fe2f8e671f5dc964a682c8124f83f5f18efd3d681a70450f1f3e405c5f364a432c2561cf25fb04285c
SSDEEP

12288:60uBqQuQjGMP512wthy57IhNtLhcoJDoh7jfN9jq+CRjA+1o/FApm8IQOBO6poEE:BumwXOORhcPlMzjJ14Aw8IQ8Tpom2wI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abde1b59019c37e94494dfb0296b5764_JaffaCakes118

Files

abde1b59019c37e94494dfb0296b5764_JaffaCakes118
.exe windows:5 windows x86 arch:x86

47ab0acabf7f6e99e1a41bc3456e0e2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
SetHandleCount
SetConsoleCursor
GetConsoleTitleA
TlsSetValue
GetFileTime
InterlockedPopEntrySList
GetCurrentDirectoryW
EnumCalendarInfoExA
CloseHandle
RemoveDirectoryA
GetVersionExA
VirtualAlloc
GetLogicalDriveStringsA
DnsHostnameToComputerNameW
TransmitCommChar
GetSystemTimeAdjustment
SearchPathA
GetGeoInfoA
GetModuleHandleA
SetFileApisToOEM
DebugBreakProcess
EnumResourceTypesA
DeleteCriticalSection
LocalCompact
LoadLibraryA
QueryPerformanceCounter
UnregisterWait
ReadProcessMemory
lstrcpy
FindClose
FindAtomW
GlobalFindAtomW
PostQueuedCompletionStatus
lstrcmpW
GlobalUnWire
HeapCompact
GetNamedPipeHandleStateW
GetThreadTimes
ResetWriteWatch
FormatMessageW
GetSystemTimeAsFileTime
TerminateJobObject
GetStringTypeA
LeaveCriticalSection
SetCurrentDirectoryA
CompareStringW
lstrcmpA
DuplicateConsoleHandle
GetExpandedNameA
GetProfileStringA
EnumDateFormatsExW
GetWindowsDirectoryA
SetCalendarInfoA
FindResourceW
ReadConsoleInputA
TlsAlloc
CmdBatNotification
LCMapStringW
FindFirstVolumeMountPointW
EnumUILanguagesW
GetLastError
GetUserGeoID
WriteProfileStringA
GetPrivateProfileSectionNamesA
IsProcessInJob
GetConsoleDisplayMode
DeleteTimerQueueTimer
GetProfileSectionW
OpenFile
LoadResource
GetHandleContext
GetThreadPriority
GetConsoleHardwareState
DuplicateHandle
GetUserDefaultUILanguage
GetSystemInfo
EnterCriticalSection
CreateProcessInternalW
CreateRemoteThread
GetTempPathA
GetFileSizeEx

gdi32

cGetTTFFromFOT
SetWindowOrgEx
ClearBitmapAttributes
GetClipBox
GdiEntry5
DdEntry49
DdEntry50
StretchDIBits
GdiConsoleTextOut
GdiGetLocalDC
GdiEntry7
PolyPolyline
STROBJ_vEnumStart
STROBJ_bEnumPositionsOnly
GetColorAdjustment
EngCreateBitmap
EnumObjects
GetGlyphOutlineWow
ScaleWindowExtEx
LineDDA
GdiConvertDC
DdEntry39
PlgBlt
ExtEscape
bMakePathNameW
TextOutA
EnumFontsW
DdEntry15
HT_Get8BPPFormatPalette
GetLogColorSpaceA
CreateMetaFileA
PtVisible
XFORMOBJ_iGetXform
DdEntry43
MirrorRgn
GetTextFaceW
GetRandomRgn
GdiDescribePixelFormat
GdiCleanCacheDC
CreateFontIndirectExA
EngDeleteSemaphore
GetObjectType
GetGlyphOutlineW
GdiFixUpHandle

setupapi

CM_Get_Device_Interface_List_ExA
SetupCopyOEMInfW
CM_Register_Device_InterfaceW
CM_Get_Next_Log_Conf
CM_Get_Parent
SetupRemoveFileLogEntryW
SetupSetDirectoryIdW
CM_Add_Range
SetupDiGetActualSectionToInstallA
SetupDiSetDeviceRegistryPropertyA
SetupDiRegisterCoDeviceInstallers
CM_Free_Log_Conf
SetupGetFieldCount
SetupInstallFileExW
CMP_GetServerSideDeviceInstallFlags
CM_Add_Empty_Log_Conf_Ex
SetupDiGetHwProfileFriendlyNameW
SetupDiCallClassInstaller
CM_Unregister_Device_InterfaceA
CM_Get_Class_Key_Name_ExA
SetupInstallFileExA
pSetupMakeSurePathExists
CM_Get_Device_Interface_List_ExW
CM_Get_Depth_Ex
CM_Request_Eject_PC
CM_Get_Res_Des_Data_Size
SetupQueueRenameW
CM_Query_Arbitrator_Free_Size_Ex
SetupCopyErrorW
CMP_WaitNoPendingInstallEvents
SetupDiRemoveDeviceInterface
pSetupGetFileTitle
SetupDiClassNameFromGuidW
pSetupShouldDeviceBeExcluded
pSetupInstallCatalog
SetupInstallFileW
CM_Enumerate_Classes_Ex
SetupDiGetHwProfileList
CM_Free_Resource_Conflict_Handle
CM_Register_Device_Driver
pSetupMalloc
SetupGetBinaryField
CMP_RegisterNotification
SetupDiCreateDeviceInfoW

user32

ReasonCodeNeedsBugID
LookupIconIdFromDirectoryEx
LockSetForegroundWindow
MonitorFromWindow
WinHelpA
GetCursorFrameInfo
CliImmSetHotKey
ToAscii
SetWindowTextA
CreateIcon
DdeCreateStringHandleW
BuildReasonArray
GetKeyNameTextA
ExcludeUpdateRgn
IsCharUpperA
InvalidateRect
GetUserObjectInformationA
FillRect
MoveWindow
ValidateRect
GetMenuItemInfoA
MessageBoxIndirectA
MB_GetString
DdeSetUserHandle
LoadMenuW
UnregisterDeviceNotification
TranslateAcceleratorA
GetQueueStatus
DrawTextExA
LoadKeyboardLayoutEx

odbctrac

TraceSQLColAttributeW
TraceSQLFreeStmt
TraceSQLSetStmtOption
TraceSQLTablePrivileges
TraceSQLGetConnectOption
TraceSQLGetDiagField
TraceSQLGetDiagRec
TraceSQLDriverConnect
TraceSQLAllocHandle
TraceSQLSetConnectOption
TraceSQLDescribeCol
TraceSQLFreeEnv
TraceSQLStatistics
TraceSQLSetScrollOptions
TraceSQLGetCursorNameW
TraceSQLSetConnectAttrW
TraceSQLAllocStmt
TraceSQLSetEnvAttr
TraceSQLGetDescFieldW
TraceSQLExecute
TraceSQLDisconnect
TraceSQLGetTypeInfo
TraceSQLSetStmtAttr
TraceSQLGetInfoW
TraceSQLColumnsW

msvcrt

exit

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 384KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

47ab0acabf7f6e99e1a41bc3456e0e2c

Headers

File Characteristics

Imports

kernel32

gdi32

setupapi

user32

odbctrac

msvcrt

Sections

.text Size: 164KB - Virtual size: 164KB

.rdata Size: 308KB - Virtual size: 308KB

.data Size: 384KB - Virtual size: 1.8MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 20KB - Virtual size: 20KB

.text
Size: 164KB - Virtual size: 164KB

.rdata
Size: 308KB - Virtual size: 308KB

.data
Size: 384KB - Virtual size: 1.8MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 20KB - Virtual size: 20KB