f98242212297947c4dffdac46e01ca4e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f98242212297947c4dffdac46e01ca4e_JaffaCakes118
Size

74KB
MD5

f98242212297947c4dffdac46e01ca4e
SHA1

0ff8ecd32ed99ead94a9a6350ce6f2a6272dbc83
SHA256

a0864c262586202f2a63101a85d7000d7c49ef51453beacf5e84a2c4cc872dad
SHA512

dada9475e8231dc8958f07c21e2200069baac7632c01bc16545b4bd2c7df30e463ac71f1996db85c5fd77726edc9c19478ceb1bda06a0dad910b11615f6cdb2b
SSDEEP

1536:xFEYPlwtGOk2rOO8LYUCc8LEbuY8Yl3YRVAGZAppBCYLcA5:xSWlyxcOHUCcsKuYp5Y3fZApvCYLF5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f98242212297947c4dffdac46e01ca4e_JaffaCakes118

Files

f98242212297947c4dffdac46e01ca4e_JaffaCakes118
.exe windows:1 windows x86 arch:x86

17e2eb5607cf0dfcce0d9b5fe0340755

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LsaSetInformationPolicy
GetInformationCodeAuthzPolicyW
SystemFunction002
ClearEventLogA
RegSaveKeyA
WmiSetSingleInstanceA
LookupPrivilegeValueA
DuplicateEncryptionInfoFile
RegSaveKeyExA
ConvertSDToStringSDRootDomainA
GetTrusteeTypeW
CredUnmarshalCredentialA
ElfBackupEventLogFileW
StartTraceW
LsaSetForestTrustInformation
GetAuditedPermissionsFromAclA
WmiQuerySingleInstanceA
LsaDelete
GetLengthSid
QueryServiceStatusEx
QueryTraceW
ImpersonateNamedPipeClient
SystemFunction031
BackupEventLogW
SetEntriesInAccessListW
SetNamedSecurityInfoA
ObjectPrivilegeAuditAlarmW
EncryptionDisable
ImpersonateLoggedOnUser
EqualDomainSid
OpenThreadToken
LsaLookupSids
CloseCodeAuthzLevel
DestroyPrivateObjectSecurity
GetInformationCodeAuthzLevelW
CreatePrivateObjectSecurityWithMultipleInheritance
StartTraceA
AccessCheckAndAuditAlarmA
LsaAddAccountRights
ObjectCloseAuditAlarmA
LsaEnumeratePrivilegesOfAccount
SetTraceCallback
UninstallApplication

msacm32

acmFormatTagDetailsA
acmFormatChooseW
acmFilterTagDetailsW
acmDriverDetailsW
acmStreamClose
XRegThunkEntry
acmStreamPrepareHeader
acmDriverRemove
acmFormatTagEnumW
acmDriverClose
acmStreamOpen
acmFormatTagEnumA
acmDriverMessage
acmDriverAddA
acmFilterChooseA
acmFormatSuggest
acmDriverEnum
acmFormatEnumA
acmFilterDetailsW
acmGetVersion
acmDriverID
acmFormatTagDetailsW
acmFilterTagEnumA
acmStreamReset
acmFormatDetailsW
acmFilterTagDetailsA
acmDriverPriority
acmDriverAddW
acmFormatChooseA
acmFormatEnumW
acmFilterChooseW
acmMessage32
acmDriverDetailsA
acmDriverOpen
acmStreamMessage
acmMetrics
acmFilterEnumA
acmStreamUnprepareHeader
acmFormatDetailsA
acmFilterTagEnumW
acmFilterDetailsA
acmStreamConvert

kernel32

GetThreadPriority
EnumResourceTypesA
BuildCommDCBW
IsBadStringPtrA
GetStartupInfoW
LocalAlloc
SetEvent
IsDBCSLeadByte
GetStdHandle
BaseDumpAppcompatCache
LZCloseFile
FindActCtxSectionStringW
RemoveLocalAlternateComputerNameW
GetProcessHeap
GetFileType
DeleteFileA
ReadConsoleInputW
GetVolumePathNamesForVolumeNameA
TlsFree
WritePrivateProfileSectionW
LockResource
GetTickCount
GetBinaryTypeW
GetGeoInfoW
SetLocalTime
LoadLibraryA
ExpungeConsoleCommandHistoryA
FreeLibraryAndExitThread
VirtualAlloc
FreeLibrary
LocalHandle
FlushConsoleInputBuffer
WriteConsoleA
BuildCommDCBAndTimeoutsW
GetFirmwareEnvironmentVariableW
HeapReAlloc
LocalCompact
WriteConsoleInputVDMA
UTRegister
IsBadReadPtr
GetProcessShutdownParameters
Process32NextW
GetConsoleDisplayMode
ResetWriteWatch
GetConsoleAliasA
GetLocaleInfoW
lstrcpyW

crtdll

_CIsqrt
_lfind
rename
qsort
sin
__GetMainArgs
isprint
wscanf
_chsize
_spawnl
_spawnle
_fputwchar
_flsbuf
_eof
tanh
_initterm
frexp
_mbsnbcmp
_getdcwd
_isctype
_lrotl
_findclose
_heapwalk
longjmp
ldexp
strncpy
iswupper
fmod
_mbslen
_ismbbkalnum
_cscanf
_mbsdup

user32

BroadcastSystemMessageA
CreateIconFromResource
DrawCaption
DdeUnaccessData
GetAltTabInfoA
PrivateExtractIconExA
FillRect
DlgDirListW
MessageBeep
SetActiveWindow
GetMessageA
GetCursorFrameInfo
SetWindowPlacement
GetSubMenu
DispatchMessageW
CreateAcceleratorTableW
CallWindowProcW
GetWindowTextA
IsClipboardFormatAvailable
IsCharAlphaA
CreateDesktopW
MessageBoxExA
IsServerSideWindow
SetDebugErrorLevel
CharUpperBuffA
GetClipCursor
DialogBoxParamW
DestroyCursor
LoadIconA
DialogBoxIndirectParamW
BroadcastSystemMessageExW
IsIconic
GetScrollInfo
EnumClipboardFormats
SendMessageTimeoutW
OemKeyScan
RegisterLogonProcess
ShowWindowAsync
WINNLSGetIMEHotkey
VkKeyScanW

avifil32

AVIStreamReadData
AVIFileGetStream
AVISaveOptionsFree
AVIStreamAddRef
AVIStreamStart
AVIFileOpenW
AVIStreamSetFormat
AVIFileInfoW
EditStreamPaste
AVISaveW
AVIBuildFilterW
AVIFileOpenA
EditStreamSetInfoA
AVIStreamTimeToSample
AVIStreamOpenFromFileW
IID_IAVIStream
AVIMakeCompressedStream
AVIFileAddRef
AVIStreamBeginStreaming
AVISaveVW
AVIFileCreateStreamA
EditStreamSetNameW
AVIFileWriteData
AVIStreamInfoA
AVIStreamGetFrame
AVIStreamGetFrameClose
AVIFileExit
EditStreamSetNameA
AVIFileEndRecord

opengl32

glGetMapfv
glPopName
glFlush
glTexCoord3f
glRects
glVertex3i
glPopClientAttrib
glTexCoord3i
glVertex2iv
wglCreateContext
glNormal3fv
glIndexd
glClearIndex
glClipPlane
wglDescribePixelFormat
glTexCoord3d
glGetLightiv
glPixelMapusv
glGetIntegerv
glColor4d
glGetMaterialiv
wglCopyContext
glLightModelf
glGetTexEnvfv
glRotated
glTexCoord2f
glCopyTexSubImage1D
glEdgeFlag
glTexCoord3sv
glMap2d
glTexCoord4f
glRasterPos4d
glIndexMask
glMapGrid2d
glBindTexture
wglDeleteContext
glCallList
glTexEnviv
glCullFace

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17e2eb5607cf0dfcce0d9b5fe0340755

Headers

File Characteristics

Imports

advapi32

msacm32

kernel32

crtdll

user32

avifil32

opengl32

Sections

.text Size: 49KB - Virtual size: 49KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 9KB - Virtual size: 183KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 49KB - Virtual size: 49KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 9KB - Virtual size: 183KB

.rsrc
Size: 2KB - Virtual size: 1KB