38360957d082e41a80954238e511f2ae_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

38360957d082e41a80954238e511f2ae_JaffaCakes118
Size

864KB
MD5

38360957d082e41a80954238e511f2ae
SHA1

b708732bd162288da43ee0db28e0977d31d9b6c9
SHA256

9fee497eb15ed34b7b573ab180743e2c6f50e39bc26906838d3eeb1176104151
SHA512

a54935a13691fdde7bf518917e3de150cf77e85ade65e08ab0edd39c4f46df8942a157c63faec17d0586909ed680cb0622e146c4f43dbe6a8923f0e0425dd8f4
SSDEEP

24576:aTKQFZWNnOT+hPgtAcrccJ9amNDNOh5YFk0:aTKQF0hOYPglrccvaOD2n0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38360957d082e41a80954238e511f2ae_JaffaCakes118

Files

38360957d082e41a80954238e511f2ae_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3aba344dafdfce708691bc999acc35e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetImageCount
ImageList_GetBkColor
FlatSB_EnableScrollBar
CreateStatusWindow
ImageList_Merge
ImageList_SetBkColor
ImageList_EndDrag
ImageList_GetImageInfo
MakeDragList
ImageList_GetImageRect
FlatSB_GetScrollRange
ImageList_SetOverlayImage
ImageList_LoadImageA
DrawStatusTextW
CreatePropertySheetPage
ImageList_GetFlags
ImageList_SetDragCursorImage
ImageList_Draw
ShowHideMenuCtl
PropertySheetW
CreatePropertySheetPageW
CreatePropertySheetPageA
DllGetVersion
ImageList_SetImageCount
FlatSB_GetScrollProp
CreateUpDownControl
FlatSB_GetScrollPos
InitMUILanguage
ImageList_Create
InitCommonControlsEx
ImageList_DragLeave
ImageList_GetIconSize
ImageList_SetIconSize
FlatSB_SetScrollPos

mprapi

MprConfigInterfaceGetHandle
MprAdminConnectionGetInfo
MprConfigServerInstall
MprAdminPortReset
MprAdminServerDisconnect
MprAdminUserOpen
MprConfigTransportGetHandle
MprAdminConnectionEnum
MprAdminMIBEntrySet
MprInfoBlockFind
MprAdminInterfaceSetCredentials
MprAdminInterfaceDisconnect
MprDomainQueryRasServer
MprInfoBlockRemove
MprAdminInterfaceGetCredentials
MprConfigGetGuidName
MprAdminMIBEntryGet
MprAdminUserClose
MprAdminInterfaceCreate
MprAdminUserSetInfo
MprConfigInterfaceTransportGetInfo
MprAdminInterfaceConnect
MprConfigServerBackup
MprConfigGetFriendlyName
MprConfigServerRestore
MprInfoBlockAdd
MprAdminInterfaceGetCredentialsEx
MprAdminRegisterConnectionNotification
MprAdminPortDisconnect
MprAdminInterfaceGetHandle
MprAdminInterfaceTransportAdd
MprAdminSendUserMessage
MprConfigInterfaceTransportEnum
MprAdminServerGetInfo
MprAdminUserWrite

kernel32

QueryMemoryResourceNotification
DefineDosDeviceW
BackupWrite
AddVectoredExceptionHandler
GetEnvironmentStrings
SetConsoleWindowInfo
InitializeSListHead
DnsHostnameToComputerNameA
SetHandleInformation
WriteProfileStringW
SetLocalTime
GetConsoleAliasA
SetSystemTimeAdjustment
BeginUpdateResourceW
ReadProcessMemory
SetFilePointerEx
QueryPerformanceFrequency
GetSystemWow64DirectoryA
FormatMessageW
OpenProcess
ExitProcess
GetStartupInfoA
CreatePipe
CreateNamedPipeW
SetCommConfig
GetThreadLocale
SetMailslotInfo
TermsrvAppInstallMode
SetLastError
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FoldStringA
CreateActCtxW
VirtualAlloc
GetThreadContext
SetConsoleTextAttribute
OpenWaitableTimerA
WaitNamedPipeA
MapUserPhysicalPages
LoadLibraryA
BuildCommDCBW

msvcrt40

?cerr@@3Vostream_withassign@@A
??_Eiostream@@UAEPAXI@Z
_onexit
_mbbtype
_wgetenv
_mbsnextc
_strerror
??1ostrstream@@UAE@XZ
_wfdopen
isprint
iswgraph
clock
??_7streambuf@@6B@
??0bad_cast@@QAE@ABV0@@Z
_CIsin
??6ostream@@QAEAAV0@E@Z
iswalnum
??_7stdiobuf@@6B@
?eatwhite@istream@@QAEXXZ
?ebuf@streambuf@@IBEPADXZ
_getdcwd
_wfreopen
_wfindfirsti64
__p__tzname
_except_handler2
??5istream@@QAEAAV0@AAK@Z
__p__osver
_ismbchira
??_Estreambuf@@UAEPAXI@Z
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
?getline@istream@@QAEAAV1@PAEHD@Z
_mbslwr
log10

query

?Set@CPidRemapper@@QAEXAAV?$XArray@K@@@Z
?IsWaitingForDocument@CFilterDaemon@@QAEHXZ
??0CRequestQueue@@QAE@IIIHIIABU_GUID@@@Z
??0CLocalGlobalPropertyList@@QAE@K@Z
?NewWordBreaker@CCiOle@@SGPAUIWordBreaker@@ABU_GUID@@@Z
?BuildRegistryPropertiesKey@@YGXAAV?$XArray@G@@PBG@Z
??1CPropertyRestriction@@QAE@XZ
??0CDbSortSet@@QAE@I@Z
??0CSizeSerStream@@QAE@XZ
?ReadProperty@CPropStoreManager@@QAEHKKAAUtagPROPVARIANT@@PAEPAI@Z
?QueryScopeList@CiStorage@@QAEPAVPRcovStorageObj@@K@Z
??0CSynRestriction@@QAE@ABVCKey@@KKKH@Z
?SetProperty@CFullPropSpec@@QAEHPBG@Z
?GetChar@CMemDeSerStream@@UAEXPADK@Z
??0CQueryScanner@@QAE@PBGHKH@Z
?GetR8@CAllocStorageVariant@@QBENI@Z
?_FindOrAddValueNode@CDbPropertyRestriction@@AAEPAVCDbScalarValue@@XZ
?Value@CDbScalarValue@@QAEXAAVCStorageVariant@@@Z
?RequiresFlush@CPhysStorage@@QAEHK@Z
SetCatalogState
?MakeISearch@@YGJPAPAUISearchQueryHits@@PAVCDbRestriction@@PBG@Z
??1CDFA@@QAE@XZ
??0CColumnSet@@QAE@I@Z
?ClearList@CPropertyList@@QAEXXZ
?AppendChild@CDbCmdTreeNode@@IAEXPAV1@@Z
??0CPerfMon@@QAE@PBG@Z
?OpenRecordForWrites@CPropStoreManager@@QAEPAVCCompositePropRecordForWrites@@KPAE@Z
?Next@CEnumString@@UAGJKPAPAGPAK@Z
?Pause@CCatalogAdmin@@QAEHXZ
?SetPhrase@CNatLanguageRestriction@@QAEXPBG@Z
?GetDWORDParam@CCatalogAdmin@@QAEHPBGAAK@Z
?SetI4@CStorageVariant@@QAEXJI@Z
??1CDbColumns@@QAE@XZ

kbdblr

KbdLayerDescriptor

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 290KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 494KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3aba344dafdfce708691bc999acc35e0

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

mprapi

kernel32

msvcrt40

query

kbdblr

Sections

.text Size: 75KB - Virtual size: 75KB

.rdata Size: 290KB - Virtual size: 290KB

.data Size: 494KB - Virtual size: 1.9MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 924B

.text
Size: 75KB - Virtual size: 75KB

.rdata
Size: 290KB - Virtual size: 290KB

.data
Size: 494KB - Virtual size: 1.9MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 924B