bd797e2f511867eabfff20db5f5eb9b7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bd797e2f511867eabfff20db5f5eb9b7_JaffaCakes118
Size

358KB
MD5

bd797e2f511867eabfff20db5f5eb9b7
SHA1

b9239a32715f6083ad61905292ca7392cc8ab1da
SHA256

8db634ae9c698fd07476296ab3ad03d4d7ff86c2867ca16f0b9aeca6804ed602
SHA512

986828c3b61899d09a58b58c56f8ea573f797b153776d80555bb704484105ff6fdf60c030abed3dcb11d7c3a9297558bcba75a7d42fe5248e4197eef8c493c2f
SSDEEP

6144:vSxEpvyN/EikIH6j55b4KZzVTeGgvbX49JC7380HyHLfe6TsI9gvNJg:GEUNH3k55EAVT5rJoiLmusI9gvNq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd797e2f511867eabfff20db5f5eb9b7_JaffaCakes118

Files

bd797e2f511867eabfff20db5f5eb9b7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8138f70c1ac35bd8f82c35cfb67c4124

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetServiceKeyNameA
ConvertStringSecurityDescriptorToSecurityDescriptorA
FreeEncryptionCertificateHashList
RegDeleteValueA
SystemFunction022
GetSecurityDescriptorSacl
CloseTrace
CloseCodeAuthzLevel
LookupPrivilegeDisplayNameW
CreatePrivateObjectSecurity
RegSaveKeyExA
DeregisterEventSource
AddAccessAllowedAceEx
LsaSetSecurityObject
RegDeleteValueW
QueryServiceConfig2A
FileEncryptionStatusA
GetAccessPermissionsForObjectW
SystemFunction025
CryptCreateHash
AddAccessAllowedObjectAce
QueryServiceConfigA
LsaCreateTrustedDomainEx
LookupPrivilegeDisplayNameA
SetServiceStatus
CryptDecrypt
ObjectPrivilegeAuditAlarmA
LsaEnumerateTrustedDomainsEx
SetTraceCallback
IsValidAcl

certcli

CAGetCertTypeKeySpec
CAGetCertTypeExtensionsEx
CAOIDGetLdapURL
CADeleteCA
CAUpdateCertType
CAAccessCheck
CAOIDAdd
CASetCertTypeProperty
CACreateCertType
CAAddCACertificateType
CAGetCAExpiration
CAAccessCheckEx
CAOIDDelete
CACertTypeGetSecurity
CAOIDCreateNew
CARemoveCACertificateType
CADeleteCertType
CAGetCAProperty
CAEnumFirstCA
CACertTypeRegisterQuery
CADeleteLocalAutoEnrollmentObject
CAGetCertTypeProperty
CACertTypeSetSecurity
CAGetCertTypePropertyEx
CASetCAFlags
CACertTypeUnregisterQuery
DllInstall
CAOIDFreeProperty
CACloseCertType
CACreateNewCA
CACountCAs
CAEnumCertTypesEx
CASetCACertificate

opengl32

glDrawPixels
glPointSize
glEvalCoord2f
glTexCoord2f
glVertex3sv
glTranslatef
glVertex3iv
glRasterPos3s
glIndexubv
glNormal3f
glPopAttrib
glGetIntegerv
wglGetPixelFormat
glMapGrid1d
glColor4ubv
glTexParameteriv
glGetMapfv
glGetFloatv
glFogi
glBindTexture
glFogfv
glMaterialiv
glTexSubImage1D
glFinish
glClearIndex
glMap2f
glFrustum
glGetLightiv
glRasterPos3dv
glReadBuffer
glGetClipPlane
glTexCoord1s
glEvalMesh2
glClearDepth
glLightiv
glPixelMapfv
glColor3f
glVertex2dv

msvcirt

??0stdiobuf@@QAE@PAU_iobuf@@@Z
?open@ofstream@@QAEXPBDHH@Z
?unbuffered@streambuf@@IAEXH@Z
?pword@ios@@QBEAAPAXH@Z
??0ios@@IAE@ABV0@@Z
?sh_write@filebuf@@2HB
??1istrstream@@UAE@XZ
?blen@streambuf@@IBEHXZ
?flags@ios@@QBEJXZ
?lock@ios@@QAAXXZ
??0ostream_withassign@@QAE@ABV0@@Z
??0strstream@@QAE@XZ
?unlock@streambuf@@QAEXXZ
?x_maxbit@ios@@0JA
??_Dofstream@@QAEXXZ
??1stdiostream@@UAE@XZ
??_Gistrstream@@UAEPAXI@Z
??5istream@@QAEAAV0@AAH@Z
?is_open@ofstream@@QBEHXZ
??0istream_withassign@@QAE@PAVstreambuf@@@Z
??0iostream@@QAE@PAVstreambuf@@@Z
??6ostream@@QAEAAV0@PBC@Z
??_Estrstream@@UAEPAXI@Z
??0ostrstream@@QAE@ABV0@@Z
??6ostream@@QAEAAV0@D@Z
?open@ifstream@@QAEXPBDHH@Z
??Bios@@QBEPAXXZ
??_Eistream_withassign@@UAEPAXI@Z
??0istrstream@@QAE@PAD@Z
?rdstate@ios@@QBEHXZ
?sh_none@filebuf@@2HB
??4logic_error@@QAEAAV0@ABV0@@Z
??6ostream@@QAEAAV0@PAVstreambuf@@@Z

kernel32

GetSystemWow64DirectoryA
WriteProfileStringA
GetFileAttributesExA
RaiseException
WaitForSingleObjectEx
GetWindowsDirectoryW
UnlockFile
FillConsoleOutputCharacterW
LocalSize
IsDBCSLeadByte
DnsHostnameToComputerNameW
GetConsoleCursorMode
EnumSystemCodePagesW
RemoveDirectoryA
GetDefaultCommConfigA
LoadLibraryA
GetCommConfig
LZDone
GetStartupInfoW
GetSystemDefaultUILanguage
IsBadStringPtrW
GetCurrentProcessId
GetModuleHandleW
EnumCalendarInfoW
QueryPerformanceCounter
TlsAlloc
LZCreateFileW
lstrcpyW
VirtualAlloc
VerifyVersionInfoW
HeapCompact
GetConsoleTitleA
UnlockFileEx
SetTimeZoneInformation
SetConsoleInputExeNameA
OutputDebugStringA
SetConsoleTitleW
SetErrorMode
Heap32ListFirst
CreateRemoteThread
InvalidateConsoleDIBits
GlobalFindAtomW

gdi32

GdiEntry13
SetMetaFileBitsEx
EnumEnhMetaFile
GetBoundsRect
GetGlyphOutlineA
EngPaint
EngStretchBlt
GetWindowOrgEx
GetDeviceCaps
BRUSHOBJ_pvGetRbrush
GdiQueryFonts
GetLogColorSpaceA
CreateEnhMetaFileW
DeleteObject
GetTextExtentExPointW
CreatePatternBrush
GetRandomRgn
EngCheckAbort
GetETM
GetKerningPairsA
SelectFontLocal
EngBitBlt
SetBkColor
DdEntry12
GetTextColor
GdiConvertEnhMetaFile
DdEntry47
FONTOBJ_cGetAllGlyphHandles
SetICMProfileA
BeginPath
GetCharABCWidthsW
FONTOBJ_vGetInfo

wiashext

MakeFullPidlForDevice
AddDeviceWasChosenA
DoDeleteAllItems
DllGetClassObject
AddDeviceWasChosenW
AddDeviceWasChosen

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8138f70c1ac35bd8f82c35cfb67c4124

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

certcli

opengl32

msvcirt

kernel32

gdi32

wiashext

Sections

.text Size: 85KB - Virtual size: 85KB

.rdata Size: 121KB - Virtual size: 121KB

.data Size: 141KB - Virtual size: 596KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 85KB - Virtual size: 85KB

.rdata
Size: 121KB - Virtual size: 121KB

.data
Size: 141KB - Virtual size: 596KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1024B - Virtual size: 1024B