2c9cac2ce694aa04dc4e8b0e39ea7458_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c9cac2ce694aa04dc4e8b0e39ea7458_JaffaCakes118
Size

752KB
MD5

2c9cac2ce694aa04dc4e8b0e39ea7458
SHA1

12380854706b17823406b32a6ef7d1d84ec86da7
SHA256

1ed28b91b19eea1b0f05cd6e3ea9fcf7db1ec2337987486485110abcf8634e65
SHA512

4a94d83c6eab069b2650b0b3f0f801b59da2e73ccbacc384a509ff10cfdcc33cc65e1d3d18bbe42b49a9cabe28daca9ad5d21f9d4c487621b47b547910913d89
SSDEEP

12288:3WGsS8hhGv455182Jt7ybchZPuCBNgptIMEFZ2KLVW3a448T8pvx:3CvGva3Z5RN2ibhWx4C8z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c9cac2ce694aa04dc4e8b0e39ea7458_JaffaCakes118

Files

2c9cac2ce694aa04dc4e8b0e39ea7458_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8d1e6c4117a5fc0706f8fe94831e8bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\qau

Imports

oleaut32

LoadTypeLi

advapi32

RegOpenKeyA
CloseServiceHandle
OpenSCManagerA
RegQueryValueExA
OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegEnumValueA
RegCreateKeyA
RegEnumKeyA
ControlService
RegDeleteKeyA
GetUserNameA
AllocateAndInitializeSid
QueryServiceStatus
SetSecurityDescriptorDacl
RegSetValueExA
LookupPrivilegeValueA
RegEnumKeyExA
InitializeSecurityDescriptor
RegDeleteValueA
CreateServiceA
GetTokenInformation
OpenThreadToken
DeleteService

comctl32

ImageList_GetIcon
ImageList_Draw
ImageList_LoadImageA
ImageList_SetOverlayImage
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_Add
ImageList_GetDragImage
ord17
CreatePropertySheetPageA
ImageList_Create
ImageList_SetDragCursorImage
ImageList_BeginDrag
ImageList_DragShowNolock
ImageList_Remove
ImageList_Merge

user32

LoadBitmapA
CreateMenu
LoadStringA
wsprintfA
MessageBoxA
ScreenToClient
ShowWindow
BringWindowToTop
ShowCaret
SystemParametersInfoA
GetKeyState
BeginPaint
SetCapture
DestroyWindow
GetUpdateRect
GetSubMenu
CharNextA
GetWindowRect
IsChild
DialogBoxParamA
SetClipboardData
RegisterClipboardFormatA
IsWindowVisible
GetScrollInfo
EndPaint
RegisterClassA
InflateRect
DrawFocusRect
TrackPopupMenuEx
RegisterClassExA
DefWindowProcA
DdeDisconnect
DispatchMessageA
TranslateMessage
ModifyMenuA
DdeClientTransaction
GetParent
TrackPopupMenu
SetDlgItemTextA
DestroyMenu
HideCaret
IsZoomed
EnableWindow
GetMenu
GetDC
IsWindowEnabled
ExitWindowsEx
InvalidateRect
GetClipboardData
FillRect
EndDialog
PtInRect
GetSysColor
TranslateAcceleratorA
SendDlgItemMessageA
GetWindowLongA
CreateWindowExA
SendMessageA
UpdateWindow
ClientToScreen
SetWindowTextA
DdeUninitialize
GetSystemMetrics
LoadIconA
DdeConnect
AdjustWindowRectEx
SetForegroundWindow

kernel32

WinExec
CompareStringA
SetUnhandledExceptionFilter
InterlockedDecrement
LeaveCriticalSection
ReleaseMutex
UnmapViewOfFile
GetTempPathA
EnumSystemLocalesA
GetStringTypeW
GetFileTime
GetCurrentDirectoryA
LoadResource
GetStringTypeExA
GetLogicalDriveStringsA
GetVersion
InterlockedCompareExchange
HeapDestroy
TlsSetValue
GetCommandLineA
GetFileAttributesW
DeleteFileA
LocalFileTimeToFileTime
IsValidCodePage
GlobalDeleteAtom
GetStartupInfoA
SetFilePointer
ExitProcess
SetFileAttributesA
SetStdHandle
LCMapStringW
GetTempFileNameA
HeapFree
SetEvent
GetEnvironmentStrings
GetFileType
CreateDirectoryA
ResumeThread
GetFullPathNameA
VirtualFree
ReadFile
FreeEnvironmentStringsW
InitializeCriticalSection
GetFileSize
MultiByteToWideChar
FreeEnvironmentStringsA
LocalFree
QueryPerformanceCounter
lstrlenA
CreateEventA
LoadLibraryA
FlushFileBuffers
InterlockedIncrement
DuplicateHandle
HeapSize
GetDateFormatA
GetCurrentProcess
LockFile
WriteConsoleA
SetLastError
CreateFileA
FindNextFileA
GetTimeZoneInformation
GetConsoleOutputCP
GetConsoleCP
TlsAlloc
TlsFree
FileTimeToLocalFileTime
InterlockedExchange
GetTickCount
VirtualAlloc
WideCharToMultiByte
GetEnvironmentStringsW
DeleteCriticalSection
LocalAlloc
GetFileInformationByHandle
GetSystemTimeAsFileTime
HeapCreate
GetVersionExA
GetUserDefaultLCID
TerminateThread
TlsGetValue
SetHandleCount
LCMapStringA
GetModuleHandleA
EnterCriticalSection
SetEndOfFile
CloseHandle
HeapReAlloc
FileTimeToSystemTime
FindClose
GetPrivateProfileIntA
GetACP
CompareStringW
SetThreadPriority
OpenMutexA
UnlockFile
RaiseException
GetCPInfo
WaitForMultipleObjects
GetTimeFormatA
FormatMessageA
GlobalAlloc
SetEnvironmentVariableA
SetFileTime
TerminateProcess
GetStdHandle
GetFileAttributesA
MoveFileA
WriteFile
IsDebuggerPresent
Sleep
GetCurrentProcessId
GetStringTypeA
WriteConsoleW
FindFirstFileA
HeapAlloc
GlobalFree
GetThreadLocale
IsValidLocale
GetProcAddress
CreateMutexA
GetConsoleMode
GetModuleFileNameA
WaitForSingleObject
GetProcessHeap
VirtualQuery
GetLocaleInfoA
GetCurrentThreadId
FindFirstFileW
RtlUnwind
GlobalUnlock
CreateProcessA
GetOEMCP
UnhandledExceptionFilter
GetLastError

shlwapi

PathIsRootA
PathIsURLA
PathIsUNCServerA
PathFindFileNameA
PathRemoveBackslashA
PathRemoveFileSpecA
PathSkipRootA
PathGetDriveNumberA
PathIsUNCServerShareA
PathBuildRootA
PathIsUNCA

shell32

SHGetPathFromIDListA
DragAcceptFiles
SHBrowseForFolderA
ExtractIconA

winspool.drv

OpenPrinterA
ClosePrinter
GetJobA
DocumentPropertiesA
ord204

gdi32

CreateDCA
DeleteDC
GetDeviceCaps
CreateFontIndirectA
SetBrushOrgEx
CreateSolidBrush
GetObjectA
TranslateCharsetInfo
SetViewportOrgEx
SetTextColor
GetTextColor
CreateCompatibleBitmap
SelectObject
CreateDIBitmap
Polygon
SelectPalette
StartDocA
CreateRectRgnIndirect
GetTextMetricsA
GetPixel
SetWindowExtEx
SetMapMode
CombineRgn
SetTextAlign
GetSystemPaletteEntries
TextOutA
SetBkMode
MoveToEx
GetDIBits
CreateCompatibleDC
GetTextExtentPoint32W
TextOutW
LineTo
SelectClipRgn
BitBlt
DeleteObject
RoundRect
SetBkColor

mfc42

ord1576

Sections

.text
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 476KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8d1e6c4117a5fc0706f8fe94831e8bb

Headers

File Characteristics

PDB Paths

Imports

oleaut32

advapi32

comctl32

user32

kernel32

shlwapi

shell32

winspool.drv

gdi32

mfc42

Sections

.text Size: 120KB - Virtual size: 116KB

.rdata Size: 476KB - Virtual size: 472KB

.data Size: 92KB - Virtual size: 105KB

.rsrc Size: 60KB - Virtual size: 58KB

.text
Size: 120KB - Virtual size: 116KB

.rdata
Size: 476KB - Virtual size: 472KB

.data
Size: 92KB - Virtual size: 105KB

.rsrc
Size: 60KB - Virtual size: 58KB