e12874c736a0fcfb524d44536c962b92_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e12874c736a0fcfb524d44536c962b92_JaffaCakes118
Size

864KB
MD5

e12874c736a0fcfb524d44536c962b92
SHA1

1211c3e26b231d67308858ee3798cb27937f4d5d
SHA256

b037f98f8ecbf732f380e7501c70c3d2c3a735c230e833f25f0df8aff4494fb6
SHA512

7590e0853784b9a1b53c2e6b16edc2a8ca335a44c4053cdf4e0d631788d7a73c2313d6801b8ee2b1c1871871b3ce0b11058756397020ff1e636a6c607b612c03
SSDEEP

24576:XTlkjlONpqoI4Z3QVM3NNmCd5B8xSI71poYsS+Q+xW+:DCjlONMoIsMMdkC3eMI7HoYspQ+x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e12874c736a0fcfb524d44536c962b92_JaffaCakes118

Files

e12874c736a0fcfb524d44536c962b92_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d6cfa7fb41ceb0f6947add8ceed20abf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemInt
CreateAcceleratorTableA
DefFrameProcW
MessageBoxA
KillTimer
IsCharLowerW
MessageBeep
GetMenuState
SetRectEmpty
GetPriorityClipboardFormat
CreateMDIWindowW
SystemParametersInfoA
UserRegisterWowHandlers
GetInputDesktop
CreateDialogIndirectParamW
MapDialogRect
SetCursorContents
PostQuitMessage
UserRealizePalette
CallMsgFilterA
GetMouseMovePointsEx
GetMessageTime
CreateIcon
ValidateRect
InternalGetWindowText
EnumDesktopWindows
GetCursorFrameInfo
GetClipboardFormatNameA
WaitForInputIdle
ReleaseCapture
GetShellWindow
MessageBoxTimeoutW
SetScrollPos
CloseWindowStation
CreateIconIndirect
CtxInitUser32
TabbedTextOutW
GetScrollPos
GetFocus
ChangeDisplaySettingsExA
DrawFrameControl
EnableWindow
TranslateMDISysAccel
AdjustWindowRect
LoadCursorFromFileW

setupapi

SetupDiBuildClassInfoList
SetupDiGetHwProfileList
SetupQueueDefaultCopyA
CM_Create_DevNodeW
SetupSetFileQueueAlternatePlatformA
CM_Get_Device_ID_ExW
SetupGetLineTextW
CM_Reenumerate_DevNode_Ex
SetupGetSourceFileLocationA
pSetupGetCurrentDriverSigningPolicy
SetupOpenAppendInfFileA
pSetupConcatenatePaths
CM_Get_Device_Interface_List_SizeW
CM_Get_Next_Res_Des
CM_Get_Device_Interface_List_Size_ExA
CM_Get_Hardware_Profile_InfoW
SetupOpenMasterInf
SetupDiInstallClassExA
SetupRemoveInstallSectionFromDiskSpaceListA
CM_Get_Device_ID_Size
SetupQueryInfFileInformationW
CM_Get_Class_Key_Name_ExW
CM_Request_Eject_PC_Ex
SetupQueueDeleteSectionW
SetupQueryInfVersionInformationA
SetupDiSelectDevice
SetupDiClassGuidsFromNameW
pSetupAddMiniIconToList
SetupQueueRenameSectionW
CM_Modify_Res_Des
SetupSetPlatformPathOverrideW
SetupGetStringFieldA
VerifyCatalogFile
SetupDiGetCustomDevicePropertyW
SetupDiGetActualSectionToInstallExA
CM_Enable_DevNode_Ex
CM_Get_Device_Interface_Alias_ExW
SetupGetTargetPathW
CM_Get_Device_ID_List_SizeW
SetupDiDestroyDriverInfoList
SetupGetNonInteractiveMode
SetupBackupErrorA
CM_Get_Sibling_Ex
SetupSetFileQueueFlags
InstallHinfSectionA
SetupDiOpenDeviceInterfaceRegKey
SetupBackupErrorW
SetupDiBuildClassInfoListExA
SetupGetInfInformationW
SetupDiGetDeviceInstanceIdW
CM_Disable_DevNode_Ex
SetupQueueDefaultCopyW
SetupInstallFilesFromInfSectionW
CM_Unregister_Device_Interface_ExA
SetupAddInstallSectionToDiskSpaceListA
SetupDiCancelDriverInfoSearch
CM_Get_Next_Log_Conf_Ex
SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevPropertySheetsW
CM_Locate_DevNodeW
SetupDeleteErrorW
pSetupCaptureAndConvertAnsiArg
SetupQuerySpaceRequiredOnDriveA
SetupDiCreateDeviceInfoListExA
SetupIterateCabinetA
SetupDiInstallClassW
CM_Disable_DevNode
CM_Enable_DevNode
CM_Delete_DevNode_Key_Ex
CM_Set_HW_Prof_FlagsW
SetupDiCreateDeviceInfoA
SetupGetLineCountA
SetupDiSetClassRegistryPropertyA
SetupDiGetSelectedDriverW
CM_Get_DevNode_Status
SetupDiClassNameFromGuidExW
pSetupQueryMultiSzValueToArray
CM_Get_HW_Prof_Flags_ExA
SetupAddInstallSectionToDiskSpaceListW
CM_Request_Device_EjectA

kernel32

CreateSocketHandle
UnregisterWaitEx
CreateConsoleScreenBuffer
ReadConsoleInputW
InitializeCriticalSectionAndSpinCount
QueryPerformanceFrequency
VirtualAllocEx
ReadConsoleOutputA
GetVersionExA
GetSystemTimeAsFileTime
TransmitCommChar
GetNumaAvailableMemoryNode
UpdateResourceA
OpenJobObjectA
VirtualAlloc
GetComputerNameA
ReleaseSemaphore
LoadLibraryA
BuildCommDCBA
MapUserPhysicalPages
FreeConsole
HeapCreate
GlobalFindAtomA
GetConsoleTitleA
CopyFileExW
GetTempPathA
LCMapStringA
AddConsoleAliasW
DeleteFileA

d3d8thk

OsThunkDdGetBltStatus
OsThunkDdAlphaBlt
OsThunkDdUnlockD3D
OsThunkDdGetMoCompBuffInfo
OsThunkDdSetOverlayPosition
OsThunkDdGetInternalMoCompInfo
OsThunkDdUpdateOverlay
OsThunkDdGetDC
OsThunkDdGetMoCompFormats
OsThunkDdColorControl
OsThunkDdQueryMoCompStatus
OsThunkDdCreateSurfaceEx
OsThunkDdLockD3D
OsThunkDdDeleteDirectDrawObject
OsThunkDdEndMoCompFrame
OsThunkDdCreateMoComp
OsThunkDdCreateDirectDrawObject
OsThunkDdSetGammaRamp
OsThunkD3dDrawPrimitives2
OsThunkDdBeginMoCompFrame
OsThunkD3dValidateTextureStageState
OsThunkDdGetMoCompGuids
OsThunkDdGetScanLine
OsThunkDdResetVisrgn
OsThunkDdDestroyMoComp
OsThunkDdRenderMoComp
OsThunkDdGetAvailDriverMemory

msvcirt

?sputc@streambuf@@QAEHH@Z
?sync@istream@@QAEHXZ
??_Eostrstream@@UAEPAXI@Z
??0filebuf@@QAE@ABV0@@Z
?tellp@ostream@@QAEJXZ
?lock@streambuf@@QAEXXZ
??0filebuf@@QAE@XZ
?pcount@strstream@@QBEHXZ
??_Eostream_withassign@@UAEPAXI@Z
??1strstreambuf@@UAE@XZ
??_Gstdiostream@@UAEPAXI@Z
?delbuf@ios@@QBEHXZ
??0filebuf@@QAE@H@Z
??_Eistream_withassign@@UAEPAXI@Z
?x_lockc@ios@@0U_CRT_CRITICAL_SECTION@@A
?attach@filebuf@@QAEPAV1@H@Z
??_Estrstream@@UAEPAXI@Z
?setmode@ifstream@@QAEHH@Z
??0istrstream@@QAE@PAD@Z
??_7stdiostream@@6B@
?getdouble@istream@@AAEHPADH@Z
?seekpos@streambuf@@UAEJJH@Z
??1ostrstream@@UAE@XZ
??_8ostream@@7B@
??0istream@@QAE@PAVstreambuf@@@Z
?xsgetn@streambuf@@UAEHPADH@Z
?rdbuf@stdiostream@@QBEPAVstdiobuf@@XZ
??1iostream@@UAE@XZ

Sections

.text
Size: 377KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 376KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6cfa7fb41ceb0f6947add8ceed20abf

Headers

DLL Characteristics

File Characteristics

Imports

user32

setupapi

kernel32

d3d8thk

msvcirt

Sections

.text Size: 377KB - Virtual size: 377KB

.rdata Size: 376KB - Virtual size: 376KB

.data Size: 107KB - Virtual size: 1.5MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 377KB - Virtual size: 377KB

.rdata
Size: 376KB - Virtual size: 376KB

.data
Size: 107KB - Virtual size: 1.5MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B