2ff1895ada6a6127e6de5c095390e71d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ff1895ada6a6127e6de5c095390e71d_JaffaCakes118
Size

415KB
MD5

2ff1895ada6a6127e6de5c095390e71d
SHA1

b1403a9df15fff4a95fe1b352d8476ca99e1e1fe
SHA256

779cbb507c9241d8e27de369a9bbd19fba8dc6f93ff563f138bb5dc7ea60c97c
SHA512

a6266e44f5eb964d75baa2e15f46dd4bcf77062d09ed93329e5ea3f818cfcd2beab9f6b34ed6735936ff715d261343119708eb759bad5f0540b1bd4b6e2a91a3
SSDEEP

12288:BP702YkUwwCnahFrKnhnk/zUEUUzSMpzkQJEmVYTUCv:BP7hYkUwwCnahFrKwUKpztEiOv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ff1895ada6a6127e6de5c095390e71d_JaffaCakes118

Files

2ff1895ada6a6127e6de5c095390e71d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4dd597a53f398654d36dee9b318126a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetSecurityDescriptorDacl
ReadEventLogW
StartServiceCtrlDispatcherA
SetFileSecurityA
LsaRetrievePrivateData
StartServiceA
CloseServiceHandle
SetSecurityDescriptorOwner
DecryptFileW
SetSecurityDescriptorGroup
OpenSCManagerA
RegSetValueA
LookupAccountNameA
ReportEventA
RegNotifyChangeKeyValue
ReportEventW
FreeSid
QueryServiceStatus
QueryServiceLockStatusA
RegSetKeySecurity
QueryServiceLockStatusW
GetServiceKeyNameW
RegQueryValueA
CreateProcessAsUserW
SetServiceObjectSecurity
RegSetValueExA
RegReplaceKeyA
RegisterEventSourceA
StartServiceCtrlDispatcherW
OpenProcessToken
GetSidLengthRequired
RegConnectRegistryA
GetAce
LogonUserA
LsaFreeMemory
GetSidSubAuthorityCount
RegSetValueW
CopySid
RegCreateKeyExW
InitializeAcl
ChangeServiceConfig2A
QueryServiceConfigW
ChangeServiceConfigW
GetSidSubAuthority
RegDeleteValueW
GetEffectiveRightsFromAclW
ControlService
SetEntriesInAclA
OpenSCManagerW
SetSecurityDescriptorSacl
RegFlushKey
CreateServiceW
RegCloseKey
LookupPrivilegeValueW
SetEntriesInAclW
InitializeSid
GetLengthSid
RegCreateKeyExA
RegisterServiceCtrlHandlerW
ChangeServiceConfigA
GetAclInformation
OpenThreadToken
AddAce
RevertToSelf
GetKernelObjectSecurity
RegLoadKeyA
RegOverridePredefKey
GetSidIdentifierAuthority
EncryptFileW
ChangeServiceConfig2W
GetSecurityDescriptorSacl

msvcrt

_setmbcp
modf
__dllonexit
_onexit
clock
_sys_nerr
_jn
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
calloc
_controlfp
_mbsrev

kernel32

GetModuleHandleA
GetStartupInfoA

imm32

ImmGetConversionStatus
ImmGetContext
ImmUnregisterWordA
ImmGetCompositionStringA
ImmCreateContext
ImmSetStatusWindowPos
ImmGetGuideLineA
ImmGetCompositionWindow
ImmReleaseContext
ImmSetCompositionWindow

user32

GetPropA
FillRect
ClipCursor
SetKeyboardState
OffsetRect
SetCapture
DefFrameProcW
ShowScrollBar
SetScrollRange
SetFocus
IsCharAlphaNumericA
DrawTextW
MessageBoxA
MapVirtualKeyW
AdjustWindowRect
TranslateMessage
KillTimer
IsMenu
CharUpperBuffW
CheckMenuItem
EnableMenuItem
EnableWindow
GetGUIThreadInfo
GetDlgItem
MapVirtualKeyExA
DialogBoxIndirectParamA
BlockInput
GetDlgCtrlID
SetPropA
CharUpperA
LoadMenuW
CallMsgFilterA
CallWindowProcA
MessageBeep
GetLastActivePopup
GetScrollRange
SetScrollPos
ShowCursor
GrayStringA
GetWindowTextA
EnumThreadWindows
CreateDialogIndirectParamW
PostThreadMessageA
CharLowerW
ModifyMenuA
GetClassInfoExW
MapVirtualKeyExW
GetSysColor
GetNextDlgTabItem
BringWindowToTop
PostThreadMessageW
ReleaseDC
IsWindowEnabled
TranslateMDISysAccel
CharPrevA
CreateDialogParamA
LoadImageA
ReuseDDElParam
SetActiveWindow
GetClassInfoA
GetMessagePos
SetWindowPos
WinHelpA
CreateDesktopW
ScrollWindow
GetWindowLongA
RemoveMenu
SetCaretBlinkTime
UnpackDDElParam
GetSystemMetrics
DestroyAcceleratorTable
GetKeyState
SetDlgItemTextW
InvalidateRect
IsChild
IsZoomed
EnumDisplaySettingsW
FlashWindow
keybd_event
WaitMessage
InsertMenuW
CreatePopupMenu
GetDC
SetWindowTextW
OpenClipboard
GetTabbedTextExtentA
DdeFreeStringHandle
GetDlgItemInt
ModifyMenuW
GetMessageExtraInfo
ScreenToClient
VkKeyScanExW
DrawAnimatedRects
SetClipboardData
ClientToScreen
DrawIcon
FindWindowA
wvsprintfA
IntersectRect
CreateDialogIndirectParamA
DdeDisconnect
ChangeDisplaySettingsA
InSendMessage
DestroyMenu
LockWindowUpdate
IsWindow
RegisterClipboardFormatW
FrameRect
CloseWindow
DialogBoxIndirectParamW
UnionRect
GetForegroundWindow
ChangeDisplaySettingsW
GetWindowLongW
CharUpperW
SetWindowLongW
GetParent
IsDialogMessageA
SetClassLongW
DialogBoxParamA
LoadBitmapA
CharNextW
OemToCharBuffA
GetClassNameW
PostMessageA
IsIconic
IsDlgButtonChecked
DragDetect
TranslateAcceleratorA
IsCharLowerA
DeferWindowPos
DispatchMessageA
GetKeyboardLayoutList
SetRect
LoadBitmapW
WindowFromDC
GetOpenClipboardWindow
RemovePropA
SendMessageA
GetClientRect
GetClassLongA
SetWinEventHook
BeginDeferWindowPos
CreateIconFromResource
CharPrevW
SetTimer
DrawStateA
PaintDesktop
GetWindowThreadProcessId
GetMenuState
GetWindowWord
LoadIconA
GetCaretPos
PtInRect
GetCapture
GetUserObjectInformationW
GetSysColorBrush
DefWindowProcA
VkKeyScanExA
GetScrollPos
DdeAccessData
MapWindowPoints
TranslateAcceleratorW
FindWindowW
DrawFrameControl
GetCursorPos
PackDDElParam
GetClipboardViewer
DrawIconEx
VkKeyScanW
GetMenuItemCount
GetWindowRect
CheckRadioButton
DispatchMessageW
RegisterHotKey
CloseClipboard
GetDlgItemTextW
GetMenuItemID
LoadKeyboardLayoutW
MapDialogRect
ToAsciiEx
SetForegroundWindow
SetMenu
GetKeyboardState
EnumClipboardFormats
EmptyClipboard
GetKeyboardLayoutNameW
GetKeyNameTextW
LoadStringW
SendNotifyMessageW
DdeClientTransaction
LoadCursorFromFileW
ChildWindowFromPointEx
WindowFromPoint
SendDlgItemMessageA
EnumWindows
LoadCursorA
PeekMessageW
RegisterClassExW
CharToOemBuffA
SetParent
PostQuitMessage
BeginPaint
CharLowerA
AttachThreadInput
ChangeClipboardChain
EnableScrollBar
LoadCursorFromFileA
InsertMenuA
IsCharUpperA
MapVirtualKeyA
WinHelpW
DrawCaption
SystemParametersInfoW
EnumDisplaySettingsA
GetClassInfoW
DestroyCursor
TrackPopupMenuEx
CharNextA
CopyImage
SetWindowPlacement
MessageBoxIndirectA

mfc42

ord1020
ord1727
ord5065
ord1098
ord4425
ord1081
ord4627
ord1079
ord324
ord4234
ord4710
ord1168
ord1098
ord755
ord470
ord1012
ord5261
ord3749
ord6376
ord2055
ord1037
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord1075
ord4407
ord1775
ord4078
ord6052
ord4998
ord4853
ord4376
ord5265
ord641
ord2514
ord815
ord561
ord3738
ord4424
ord1001
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord1003
ord4465
ord3259
ord1015
ord2982
ord5714
ord1074
ord5307
ord4698
ord1096
ord2725
ord5302
ord1093
ord3346
ord2396
ord1096
ord1089
ord3922
ord5731
ord1046
ord2554
ord4486
ord6375
ord4274
ord1089
ord1576

Sections

.text
Size: 356KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4dd597a53f398654d36dee9b318126a3

Headers

File Characteristics

Imports

advapi32

msvcrt

kernel32

imm32

user32

mfc42

Sections

.text Size: 356KB - Virtual size: 354KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 4KB - Virtual size: 1.0MB

.rsrc Size: 204KB - Virtual size: 201KB

.text
Size: 356KB - Virtual size: 354KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 4KB - Virtual size: 1.0MB

.rsrc
Size: 204KB - Virtual size: 201KB