ae70aff1280366189addd3c27ff6634f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ae70aff1280366189addd3c27ff6634f_JaffaCakes118
Size

238KB
MD5

ae70aff1280366189addd3c27ff6634f
SHA1

1cda1733e6b07a5e342d6901a0c8d21c372ea229
SHA256

e8c7e4f2dbb1a5b4bac39f005eab3e072749d66f3a84b60c64cff0efb616a8c8
SHA512

a3aae272cdfd35211e950b85102ee8658ba617837f7170916e6f23c0848f9363a5e22b7c53b492078a54304ed26a2873c80fe62ce642655058666393aa8e0f78
SSDEEP

3072:C+W3+bdPVQG2kUoBpWlhbEWvw/YhIp+nCdG00jYwsSwC9gFWR6pqk7qyQA8E8Mle:CxqQGOoBybtyYhM+AGBNsHC9Z6bble

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae70aff1280366189addd3c27ff6634f_JaffaCakes118

Files

ae70aff1280366189addd3c27ff6634f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0985310c94d89c5dea387847445670c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
InitializeCriticalSectionAndSpinCount
VirtualAlloc
HeapReAlloc
HeapSize
HeapAlloc
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
CreateFileA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualFree
HeapFree
HeapCreate
LoadLibraryA
SetEndOfFile
GetProcessHeap
ReadFile
GetTickCount
GetLocalTime
Sleep
GetModuleFileNameA
WriteFile
GetCommandLineA
GetTempPathA
CreateDirectoryA
DeleteFileA
RemoveDirectoryA
MoveFileA
CreateMutexA
GetLastError
lstrcpyA
lstrcatA
lstrlenA
ExpandEnvironmentStringsA
GetFileAttributesExA
CreateThread
WaitForSingleObject
TerminateThread
CloseHandle
SetStdHandle
HeapDestroy
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
LoadLibraryW
ExitProcess
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
LCMapStringW
LCMapStringA
MultiByteToWideChar
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
SetLastError
TlsFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
GetModuleHandleW
TlsGetValue
GetProcAddress
IsBadReadPtr
HeapValidate
GetStartupInfoA
GetModuleFileNameW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RaiseException
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement

user32

wsprintfA

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegSetValueExA

ole32

CoInitialize
GetClassFile

shell32

ShellExecuteA

shlwapi

PathRemoveBlanksA
PathFileExistsA
PathFindFileNameA
PathIsDirectoryA
PathGetArgsA

gdi32

FlattenPath
GetSystemPaletteUse
CreateDIBitmap
OffsetRgn
RemoveFontResourceW
PtInRegion
GetCharacterPlacementW
CreateEllipticRgn
WidenPath
GetDCBrushColor
PatBlt
LPtoDP
GetCharABCWidthsFloatW
GdiGradientFill
GetTextColor
UnrealizeObject
PolyTextOutA
GetCharABCWidthsI
GetGlyphOutlineA
RemoveFontMemResourceEx
SelectPalette
InvertRgn
GetCharABCWidthsFloatA
EnumFontFamiliesExA
SelectClipRgn
CancelDC
SetICMProfileA
PathToRegion
RectVisible
CreateDIBPatternBrush
GetTextExtentPointA
EnumICMProfilesW
GetTextExtentExPointA
SetAbortProc
SelectObject
GetWindowOrgEx
CreateMetaFileA
CreateRoundRectRgn
CreateEnhMetaFileA
DeleteObject
ColorMatchToTarget
GetGlyphIndicesW
RealizePalette
GetLogColorSpaceW
SetDIBits
GetColorSpace
CloseFigure
CreateBitmapIndirect
GetEnhMetaFileDescriptionA
PtVisible
GetCharABCWidthsW
AddFontResourceExW
SetWorldTransform
SetGraphicsMode
FloodFill
GetPolyFillMode
SetTextJustification
GetKerningPairsA
SetTextColor
GetObjectType
GetCurrentObject
EnumFontFamiliesExW
EnumFontFamiliesA
EndPage
GetSystemPaletteEntries
StartDocA
SetWindowOrgEx
StretchDIBits
LineTo
GetTextExtentPoint32A
GetTextMetricsW
CreateScalableFontResourceA
SetStretchBltMode
IntersectClipRect
GetMetaFileBitsEx
CreateColorSpaceA
GetCurrentPositionEx
SetPixelFormat
GdiSetBatchLimit
GetGlyphOutlineW
GetEnhMetaFilePixelFormat
GetRasterizerCaps
EnumObjects
AddFontResourceW
CombineTransform
CreateFontW
ChoosePixelFormat
SetArcDirection
GetTextCharsetInfo
GetEnhMetaFileBits
CopyMetaFileW
EnumFontsW
PolyPolyline
GetICMProfileW
CreateHatchBrush
GetTextExtentExPointI
CreateFontIndirectW
CreateFontIndirectExW
GetDIBColorTable
GetEnhMetaFileW
RemoveFontResourceA

ws2_32

recv
closesocket
__WSAFDIsSet
select
connect
ioctlsocket
htons
socket
gethostbyname
WSAStartup
send

netapi32

Netbios

comdlg32

PrintDlgW
FindTextW
ChooseColorW
PageSetupDlgA
PageSetupDlgW
ChooseColorA
ChooseFontA
GetOpenFileNameW
ReplaceTextA
CommDlgExtendedError
GetFileTitleW

comsvcs

SafeRef
MTSCreateActivity

imm32

ImmGetRegisterWordStyleW
ImmAssociateContext
ImmGetDescriptionW
ImmRegisterWordW
ImmInstallIMEA
ImmConfigureIMEA
ImmGetIMEFileNameA
ImmRegisterWordA
ImmSetCandidateWindow
ImmSetStatusWindowPos
ImmGetDefaultIMEWnd
ImmGetProperty
ImmGetDescriptionA
ImmEscapeW
ImmSimulateHotKey
ImmGetOpenStatus
ImmGetCandidateListA
ImmGetContext
ImmGetCandidateListCountA
ImmGetCandidateListW
ImmIsUIMessageA
ImmGetCompositionWindow
ImmSetCompositionFontA
ImmUnregisterWordW
ImmGetCandidateListCountW
ImmIsIME
ImmSetOpenStatus
ImmGetVirtualKey
ImmDisableTextFrameService
ImmGetConversionStatus
ImmGetCompositionFontW
ImmEnumInputContext

msi

ord36
ord14
ord175
ord209
ord232
ord239
ord94
ord68
ord45
ord192
ord228
ord38
ord81
ord258
ord193
ord189
ord39
ord168
ord83
ord241
ord37
ord156
ord8
ord40
ord42
ord11
ord177
ord242
ord205
ord231
ord112
ord65
ord260
ord215
ord190
ord267
ord202
ord6
ord264
ord10
ord203
ord66
ord281
ord274
ord72
ord56
ord261
ord101
ord211
ord257
ord172
ord7
ord254
ord70
ord237
ord272
ord179
ord204
ord5
ord271

msvfw32

DrawDibSetPalette
DrawDibTime
ICRemove
DrawDibRealize
ICDraw
ICCompress
ord2
MCIWndCreateW
MCIWndCreateA
ICDrawBegin
ICCompressorFree
DrawDibOpen
DrawDibDraw
ICSeqCompressFrameEnd
ICSendMessage
ICGetInfo
ICImageDecompress
DrawDibStart
ICSeqCompressFrameStart

mswsock

AcceptEx

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0985310c94d89c5dea387847445670c8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

shlwapi

gdi32

ws2_32

netapi32

comdlg32

comsvcs

imm32

msi

msvfw32

mswsock

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 65KB - Virtual size: 65KB

.data Size: 4KB - Virtual size: 21KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 65KB - Virtual size: 65KB

.data
Size: 4KB - Virtual size: 21KB