ce8322fd137e4993e492b0d3ece4b89c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ce8322fd137e4993e492b0d3ece4b89c_JaffaCakes118
Size

284KB
MD5

ce8322fd137e4993e492b0d3ece4b89c
SHA1

f2a5e531a69b88d5fe6bf493f636c4d143ea86da
SHA256

d9ded34bf3f4e52e1309b95c6ec92ae2c7c20a30a6a7768bd4b8fce02afc600f
SHA512

2b580e4b03f13d2a74e2a476c58e11151c3715069c3422d4ea66e05bfc0d2a48d6cf003c0c4119573ffae079fe2f014fae243d2a6dcd796e179857df2f573a15
SSDEEP

6144:/ktjG++43SmY6//GbiK6WZELq9cjMz7EPWac:x43Jx/GJ6WZECxnEP8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce8322fd137e4993e492b0d3ece4b89c_JaffaCakes118

Files

ce8322fd137e4993e492b0d3ece4b89c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c76809b688f20af5f9fd18a5321acf1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\root\Desktop\Server MFC\Server MFC\release\Server.pdb

Imports

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
GetEnvironmentStrings
SetStdHandle
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FreeEnvironmentStringsA
GetProcAddress
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
HeapSize
RaiseException
RtlUnwind
GetStartupInfoW
HeapFree
SetErrorMode
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
ReadFile
GetThreadLocale
lstrlenA
InterlockedIncrement
GetModuleHandleA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
InterlockedDecrement
FormatMessageW
LocalFree
MulDiv
WritePrivateProfileStringW
GlobalFree
GetTickCount
GetCurrentThread
ConvertDefaultLocale
GetModuleFileNameW
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
InterlockedExchange
GlobalAlloc
FreeResource
GetCurrentThreadId
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
MultiByteToWideChar
GetVersionExA
GetVersion
GlobalLock
GlobalUnlock
GetCurrentProcessId
GetModuleHandleW
GlobalAddAtomW
WideCharToMultiByte
lstrlenW
GetLastError
SetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
ExitProcess
Sleep
CloseHandle
WriteFile
CreateFileA
VirtualFree
FreeLibrary
IsBadReadPtr
LoadLibraryW
HeapAlloc
GetProcessHeap
HeapReAlloc
VirtualAlloc
LoadLibraryA

user32

UnregisterClassW
GetSysColorBrush
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
LoadCursorW
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
RegisterClipboardFormatW
PostQuitMessage
GetDC
ReleaseDC
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
CheckMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetForegroundWindow
DispatchMessageW
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
MessageBoxW
GetClassInfoExW
RegisterClassW
PtInRect
DefWindowProcW
CallWindowProcW
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
RegisterWindowMessageW
DestroyMenu
GetClassNameW
GetSysColor
WinHelpW
SetFocus
GetWindowThreadProcessId
IsWindowEnabled
GetFocus
GetDlgItem
GetKeyState
GetDlgCtrlID
LoadIconW
SetCursor
PeekMessageW
GetCapture
SetActiveWindow
IsWindowVisible
IsIconic
GetClassInfoW
EnableMenuItem
CopyRect
GetLastActivePopup
PostMessageW
GetDesktopWindow
GetWindow
ShowWindow
AdjustWindowRectEx
SetWindowPos
GetClientRect
GetWindowLongW
SetWindowLongW
IsWindow
GetActiveWindow
CreateWindowExW
GetParent
GetMenuItemCount
GetSubMenu
GetMenuItemID
SendMessageW
GetMenu
EnableWindow
UpdateWindow
SetWindowsHookExW
UnregisterClassA

gdi32

PtVisible
RectVisible
TextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
RestoreDC
SaveDC
ExtTextOutW
SetMapMode
GetStockObject
GetDeviceCaps
DeleteDC
DeleteObject
SelectObject
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumKeyW
RegQueryValueW
RegOpenKeyW
RegCloseKey
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathFindExtensionW

oleaut32

VariantInit
VariantClear
VariantChangeType

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c76809b688f20af5f9fd18a5321acf1

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

Sections

.text Size: 144KB - Virtual size: 141KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 52KB - Virtual size: 64KB

.rsrc Size: 48KB - Virtual size: 44KB

.text
Size: 144KB - Virtual size: 141KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 52KB - Virtual size: 64KB

.rsrc
Size: 48KB - Virtual size: 44KB