d0fca8b54a82177da8822419e7ba5e7f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d0fca8b54a82177da8822419e7ba5e7f_JaffaCakes118
Size

50KB
MD5

d0fca8b54a82177da8822419e7ba5e7f
SHA1

04ea4019213ba5a3f79352a7f9cf2bc3dac2e8d2
SHA256

1659603b5384b2d0d83f14a10147f30d5ca0ab5fb783d650a2d5ac300924d1c8
SHA512

80a457eff10d62e1f4d774ac1061ef8f3704a59565dee3522c9626e0ba1db220495a6c89ca770df9860fdf058fd339e309d0b3469615c29f01bbaedf8ac9de38
SSDEEP

1536:ShHtKxc0lu3xU0G8cczbZXTWtik4naQCvx9V:ikG0lupHzbZXIik2TCvx9V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0fca8b54a82177da8822419e7ba5e7f_JaffaCakes118

Files

d0fca8b54a82177da8822419e7ba5e7f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b6915264c61b340219db2e36324e21f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDoubleClickTime
SetDoubleClickTime
MBToWCSEx
ChangeClipboardChain
CallWindowProcA
GetCursorFrameInfo
GetScrollPos
SetMenuDefaultItem
TrackPopupMenuEx
SetDlgItemTextA
SetMenuInfo
LoadCursorFromFileW
DdeKeepStringHandle
GetClassNameW
CreateMDIWindowW
SwapMouseButton
GetWindowLongW
SetWindowLongW
RecordShutdownReason
CreateDialogParamW
ModifyMenuA
SetPropW
CloseClipboard
ShowWindow
SetFocus
IsRectEmpty
DeviceEventWorker
DdeConnect
UserLpkPSMTextOut
GetGuiResources
GetUserObjectSecurity
DdeSetUserHandle
IsClipboardFormatAvailable

kernel32

Process32NextW
SetLocalTime
GetNextVDMCommand
InitializeCriticalSection
LoadLibraryA
SetTapePosition
QueryDosDeviceA
GetProcessVersion
AddAtomW
GetConsoleInputExeNameA
GetCurrentDirectoryA
GetCommProperties
GetTimeZoneInformation
WritePrivateProfileStructA
FindResourceExA
CreateTapePartition
ReadFileScatter
OpenMutexA
GlobalUnlock
GetOEMCP
EscapeCommFunction
GetCurrentActCtx
LZOpenFileW
ReadConsoleOutputAttribute
IsProcessInJob
GetStringTypeExA
CreateDirectoryW
QueryPerformanceCounter
LocalFileTimeToFileTime
CreateDirectoryExA
VerifyVersionInfoA
SwitchToFiber
ClearCommError
SetVolumeLabelA
GetConsoleAliasesLengthA
Thread32Next
AddLocalAlternateComputerNameA
VirtualAlloc
FindNextFileW
SetTermsrvAppInstallMode

w32topl

ToplScheduleMerge
ToplScheduleCacheDestroy
ToplEdgeInit
ToplVertexGetOutEdge
ToplGraphFindEdgesForMST
ToplFree
ToplVertexNumberOfOutEdges
ToplSetAllocator
ToplPScheduleValid
ToplScheduleDuration
ToplScheduleCacheCreate
ToplVertexFree
ToplEdgeAssociate
ToplListCreate
ToplIterCreate
ToplEdgeGetWeight
ToplListSetIter
ToplDeleteSpanningTreeEdges
ToplGetAlwaysSchedule
ToplAddEdgeToGraph
ToplEdgeGetToVertex
ToplHeapIsElementOf
ToplEdgeSetWeight
ToplGraphAddVertex
ToplIsToplException
ToplIterFree
ToplEdgeCreate
ToplDeleteGraphState

msvcirt

?setmode@fstream@@QAEHH@Z
?read@istream@@QAEAAV1@PACH@Z
??4streambuf@@QAEAAV0@ABV0@@Z
??_7ifstream@@6B@
??0strstream@@QAE@ABV0@@Z
?sunk_with_stdio@ios@@0HA
?fLockcInit@ios@@0HA
??4ostream@@IAEAAV0@ABV0@@Z
??0istream_withassign@@QAE@XZ
?tie@ios@@QAEPAVostream@@PAV2@@Z
?rdbuf@ostrstream@@QBEPAVstrstreambuf@@XZ
?is_open@fstream@@QBEHXZ
??_Efilebuf@@UAEPAXI@Z
??1filebuf@@UAE@XZ
?peek@istream@@QAEHXZ
??0Iostream_init@@QAE@AAVios@@H@Z
?underflow@filebuf@@UAEHXZ
??6ostream@@QAEAAV0@PAVstreambuf@@@Z
?lock@streambuf@@QAEXXZ
??4filebuf@@QAEAAV0@ABV0@@Z
??1streambuf@@UAE@XZ
??4logic_error@@QAEAAV0@ABV0@@Z
?rdbuf@strstream@@QBEPAVstrstreambuf@@XZ
?openprot@filebuf@@2HB
??0istream_withassign@@QAE@ABV0@@Z
?getline@istream@@QAEAAV1@PACHD@Z
??_Dostream@@QAEXXZ
?close@ofstream@@QAEXXZ
??0istream@@IAE@XZ
??_8strstream@@7Bostream@@@
??0fstream@@QAE@PBDHH@Z
??_7streambuf@@6B@
__dummy_export
??6ostream@@QAEAAV0@M@Z
??_Dostrstream@@QAEXXZ
??0exception@@QAE@ABQBD@Z
??0strstreambuf@@QAE@PAEH0@Z
?seekg@istream@@QAEAAV1@JW4seek_dir@ios@@@Z
??1ofstream@@UAE@XZ
?eof@ios@@QBEHXZ

shlwapi

SHSetValueA
UrlCombineA
UrlGetLocationW
PathIsContentTypeA
PathUndecorateA
PathSkipRootW
SHGetValueW
PathIsUNCA
StrFromTimeIntervalW
UrlCanonicalizeW
SHDeleteValueW
StrCatBuffW
PathGetDriveNumberW
PathCanonicalizeW
PathUnquoteSpacesA
ColorAdjustLuma
SHEnumValueW
StrStrNIW
SHCopyKeyA
SHRegisterValidateTemplate
UrlUnescapeA
UrlCreateFromPathW
PathBuildRootW
PathIsUNCServerShareW
PathCommonPrefixW
ColorRGBToHLS
UrlIsNoHistoryA
UrlGetPartW
PathGetCharTypeW
PathIsUNCW
StrCmpIW
PathRemoveBackslashW
SHQueryInfoKeyA
PathUnmakeSystemFolderA
SHDeleteKeyW
PathMakeSystemFolderA
PathStripToRootW
SHRegEnumUSKeyA
SHDeleteEmptyKeyW

mapi32

FBadProp@4
FPropCompareProp@12
MAPIUninitialize
MAPIResolveName
__CPPValidateParameters@8
HrAllocAdviseSink@12
UNKOBJ_ScAllocateMore@16
MAPIOpenFormMgr
BMAPIReadMail
EnableIdleRoutine@8
HexFromBin@12
cmc_list
FBadPropTag@4
MNLS_lstrcmpW@8
FtDivFtBogus@20
MAPIOpenLocalFormContainer@4
FDecodeID@12
MAPIAddress
FPropExists@8
FGetComponentPath@20
HrIStorageFromStream@16
OpenIMsgOnIStg@44
UNKOBJ_Free@8
cmc_send
MAPILogon
LAUNCHWIZARD
PropCopyMore@16
ScGenerateMuid@4
FBadColumnSet@4
MNLS_lstrcpyW@8
GetTnefStreamCodepage
GetTnefStreamCodepage@12
DeinitMapiUtil@0
SetAttribIMsgOnIStg@16
HrComposeEID@28
IsBadBoundedStringPtr@8
ScLocalPathFromUNC@12
HrSetOneProp@8
MNLS_IsBadStringPtrW@8
HrComposeMsgID@24
OpenTnefStream

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6915264c61b340219db2e36324e21f0

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

w32topl

msvcirt

shlwapi

mapi32

Sections

.text Size: 37KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 19KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 19KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1KB - Virtual size: 1KB