ce2033292135762dd5cc8eab1b3126aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ce2033292135762dd5cc8eab1b3126aa_JaffaCakes118
Size

385KB
MD5

ce2033292135762dd5cc8eab1b3126aa
SHA1

3d207f9818fc030466d12733745d005d79d488fc
SHA256

10eb9e4390b2535ca94e72e56402fad5af49d2a067bbff25c19e681839026247
SHA512

b1579597e18bdcd99068f4e44d7c83d9b26698b473c47271a69d27a7b5e575c11992017b5c0d030de279671f31633d531f29e3581bffd374bfecd296ba1f4c2a
SSDEEP

6144:J2z4wN3d5mrVEo3wZtup0TpMwz0OAQIrH/aNVZJFm+FtM2hHgQQGDWMM0Et3:I0Gd5OTwfuuOLOByaNSqlAQQoWMMf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce2033292135762dd5cc8eab1b3126aa_JaffaCakes118

Files

ce2033292135762dd5cc8eab1b3126aa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2f719978455f4d37a3e6dbfcf95c44f7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CADeleteLocalAutoEnrollmentObject
CAOIDGetProperty
CAGetCAExpiration
CASetCASecurity
CASetCertTypeProperty
CAGetCertTypeExtensions
CASetCACertificate
CAFreeCAProperty
CAIsCertTypeCurrent
CASetCAFlags
CAAddCACertificateType
CASetCertTypeFlagsEx
CACountCAs
CAFindByName
CACreateCertType
CACloseCertType
CAUpdateCA
CASetCertTypeExpiration
CASetCertTypePropertyEx
CACertTypeAccessCheck
CACertTypeRegisterQuery
CAOIDAdd
CASetCertTypeFlags
CAFreeCertTypeProperty
CACreateLocalAutoEnrollmentObject
CASetCAExpiration
CACertTypeUnregisterQuery
CAAccessCheckEx
CAGetCASecurity
CAOIDCreateNew
CAAccessCheck
CAGetCertTypeKeySpec
CACloseCA
CACertTypeGetSecurity
CAGetCertTypeFlagsEx
CAGetCAFlags
CAEnumCertTypes
CAGetCAProperty
CAEnumCertTypesEx
DllInstall
CAEnumFirstCA
CAEnumNextCertType

mapi32

__ValidateParameters@8
SzFindLastCh@8
__CPPValidateParameters@8
EncodeID@12
HrEntryIDFromSz@12
FGetComponentPath@20
HrDecomposeEID@28
ScCopyProps@16
HrGetOneProp@12
MAPILogonEx
FtAddFt@16
WrapCompressedRTFStream@12
cmc_look_up
ScMAPIXFromSMAPI
FtDivFtBogus@20
MAPIDetails
WrapProgress@20
FtgRegisterIdleRoutine@20
MAPIAddress
GetTnefStreamCodepage@12
cmc_read
WrapCompressedRTFStream
SzFindSz@8
BMAPISaveMail
LAUNCHWIZARD
HrComposeMsgID@24
RTFSync
MAPIUninitialize@0
FPropExists@8
cmc_free
MNLS_WideCharToMultiByte@32
FPropContainsProp@12
ScGenerateMuid@4

shlwapi

PathRemoveFileSpecA
StrChrW
PathAddExtensionA
PathRenameExtensionW
PathIsDirectoryW
SHStrDupA
ColorRGBToHLS
PathIsURLA
PathIsRelativeW
StrFormatKBSizeW
StrDupA
UrlHashW
PathFindOnPathA
StrToInt64ExA
PathCanonicalizeA
PathRemoveBlanksW
StrToIntW
StrRStrIA
IntlStrEqWorkerW
PathIsPrefixW
UrlCombineW
SHCreateStreamOnFileW
StrPBrkA
UrlGetLocationW
StrRStrIW
PathMakePrettyW

gdi32

SetBitmapAttributes
ExtCreatePen
GdiGradientFill
EnumFontFamiliesExA
GetEnhMetaFilePaletteEntries
EngGetCurrentCodePage
GetCharABCWidthsFloatA
PaintRgn
SetDeviceGammaRamp
DdEntry37
GetROP2
RemoveFontResourceExA
GdiGetDevmodeForPage
SetWorldTransform
RealizePalette
GetTextExtentPointI
SetGraphicsMode
ModifyWorldTransform
GetWindowOrgEx
GdiQueryTable
UnloadNetworkFonts
GetEnhMetaFileHeader
GetGlyphIndicesA
GdiGetPageCount
GdiEntry4
PATHOBJ_vEnumStartClipLines
EngCreateBitmap
PlayMetaFileRecord
StartFormPage
ExtEscape
NamedEscape
GetTextMetricsW
CreatePatternBrush
GetTextMetricsA
DdEntry29
bMakePathNameW
GetETM
GdiConvertRegion
EngDeletePalette
GetWinMetaFileBits
GetTextExtentPointW
GetLogColorSpaceW
GetTextExtentPoint32A
DdEntry4
LineTo
EngQueryEMFInfo
EngPlgBlt
CreateFontW
GetKerningPairsW
CreateFontIndirectA
DdEntry18
GetArcDirection
DdEntry21
DdEntry41
CreateHalftonePalette
GdiConvertBitmapV5
GetKerningPairs
STROBJ_vEnumStart
DdEntry6
GetObjectA
GetBrushOrgEx
GetFontData
GetCharWidthInfo
PathToRegion
ResizePalette
SetAbortProc
SetMetaFileBitsEx
GdiGetLocalBrush
GetTextAlign
GdiEntry6
EnumMetaFile

kernel32

SetThreadPriorityBoost
CreateMutexW
InvalidateConsoleDIBits
GetLogicalDriveStringsW
InterlockedFlushSList
CloseConsoleHandle
GetPrivateProfileStructA
CompareStringA
LoadLibraryA
GetCurrentThread
FindClose
GetUserDefaultLCID
EnumLanguageGroupLocalesW
QueryPerformanceCounter
LocalAlloc
GetProfileStringW
GlobalWire
CreateMailslotW
GlobalFree
SetLocalPrimaryComputerNameA
GetLongPathNameW
VirtualAlloc
SetStdHandle
GetSystemWindowsDirectoryW
BaseUpdateAppcompatCache
SetEndOfFile
DeleteFileA
GetPrivateProfileSectionNamesA
MulDiv
GetEnvironmentStringsW
GetProcessHeaps
EnumSystemGeoID
SetCalendarInfoW
GetFullPathNameW

rasapi32

RasSetAutodialParamA
RasAutodialEntryToNetwork
RasDialA
RasSetOldPassword
RasGetCredentialsW
RasGetEapUserIdentityA
RasGetAutodialAddressA
RasClearConnectionStatistics
RasEnumDevicesW
RasCreatePhonebookEntryA
RasQueryRedialOnLinkFailure
RasHangUpA
RasSetCustomAuthDataW
RasGetCountryInfoA
RasGetEapUserIdentityW
RasSetCredentialsW
RasEnumAutodialAddressesA
RasGetAutodialAddressW
RasGetEntryPropertiesW
DwEnumEntryDetails
RasScriptReceive
RasAutodialAddressToNetwork
RasGetEntryPropertiesA
RasEnumAutodialAddressesW
RasCreatePhonebookEntryW
RasEditPhonebookEntryW
RasGetCountryInfoW
RasInvokeEapUI
RasSetCustomAuthDataA
RasSetSubEntryPropertiesA
RasSetAutodialAddressW
RasQuerySharedConnection
RasRenameEntryW
RasValidateEntryNameA
RasGetErrorStringW
RasDeleteEntryW
RasGetAutodialParamA
RasIsSharedConnection
RasSetEntryDialParamsW
RasGetEntryDialParamsW
RasGetEapUserDataW

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 626KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f719978455f4d37a3e6dbfcf95c44f7

Headers

DLL Characteristics

File Characteristics

Imports

certcli

mapi32

shlwapi

gdi32

kernel32

rasapi32

Sections

.text Size: 81KB - Virtual size: 81KB

.rdata Size: 136KB - Virtual size: 136KB

.data Size: 1KB - Virtual size: 626KB

.rsrc Size: 164KB - Virtual size: 164KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 136KB - Virtual size: 136KB

.data
Size: 1KB - Virtual size: 626KB

.rsrc
Size: 164KB - Virtual size: 164KB

.reloc
Size: 1024B - Virtual size: 1024B