4382dcce0ca6e04cd622e13fb41529bd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4382dcce0ca6e04cd622e13fb41529bd_JaffaCakes118
Size

263KB
MD5

4382dcce0ca6e04cd622e13fb41529bd
SHA1

0e3aff01e20c70ef85156c46fe97b8d354a55329
SHA256

06793a0350f4c12269b13d6ce1fd4baa5bf7398a9f639bfcb29bf7a90f073c7c
SHA512

96a23231f0e2039e5360dd62baeb3c9f22e389c582793f72e3153cf696bb572227c3aae5c494a5dee8b6649980642d55c1debd5ea163f670a762571028372e85
SSDEEP

6144:T4vV0kO3DWyR/GXK66jPe4VCJ7FGe2MyRfgFW2j1s:yV0D7BGXKcOCJxBIYFWL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4382dcce0ca6e04cd622e13fb41529bd_JaffaCakes118

Files

4382dcce0ca6e04cd622e13fb41529bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f36f20e7049015e7196655351c0e2f2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorA
CommDlgExtendedError

mpr

WNetConnectionDialog
WNetGetNetworkInformationA
WNetEnumResourceW
WNetOpenEnumW
WNetGetLastErrorW
WNetGetProviderNameA
WNetAddConnection3W
WNetAddConnectionW
WNetDisconnectDialog
WNetUseConnectionA
WNetConnectionDialog1A
WNetAddConnection2W
MultinetGetConnectionPerformanceA
WNetGetUniversalNameA
WNetGetUniversalNameW
WNetCancelConnection2A
WNetCancelConnectionA
WNetCancelConnectionW
WNetOpenEnumA
WNetConnectionDialog1W
WNetEnumResourceA

advapi32

GetSecurityDescriptorGroup
ObjectCloseAuditAlarmW
LsaEnumerateAccountRights
GetServiceKeyNameA
EnumDependentServicesW
BuildImpersonateExplicitAccessWithNameA
LsaSetInformationPolicy
LsaLookupNames
RegDeleteValueA
RegOpenKeyA
GetExplicitEntriesFromAclA
CreatePrivateObjectSecurity
GetTrusteeFormW
RegisterEventSourceW
AddAce
AddAuditAccessAce
BuildTrusteeWithSidA
LookupPrivilegeNameA
RegConnectRegistryW
GetSecurityDescriptorSacl
GetExplicitEntriesFromAclW
SetSecurityDescriptorOwner
ObjectDeleteAuditAlarmW
SetSecurityDescriptorSacl
LookupPrivilegeValueW
QueryServiceObjectSecurity
LookupPrivilegeDisplayNameA
IsTextUnicode
GetSidSubAuthority
LsaSetDomainInformationPolicy
RegSetKeySecurity
GetAuditedPermissionsFromAclW
RegQueryValueW
RegQueryValueA
LsaQueryInformationPolicy
LookupPrivilegeNameW
GetAuditedPermissionsFromAclA
BuildExplicitAccessWithNameW
GetLengthSid
AdjustTokenPrivileges
LookupPrivilegeValueA
BuildTrusteeWithNameA
QueryServiceConfig2W
RegCloseKey
AccessCheckAndAuditAlarmA
ObjectPrivilegeAuditAlarmA
FreeSid
IsValidAcl
LsaEnumerateAccountsWithUserRight
LsaFreeMemory
GetServiceDisplayNameW
ImpersonateLoggedOnUser
GetTokenInformation
RegCreateKeyW
IsTokenRestricted
ReadEventLogA
StartServiceCtrlDispatcherW

kernel32

EraseTape
GetStartupInfoA
GlobalMemoryStatus
CallNamedPipeA
ExitThread
GetVolumeInformationW
Thread32First
CreateIoCompletionPort
FreeLibrary
GetModuleHandleA
EnumResourceTypesW

version

GetFileVersionInfoA
VerFindFileA
GetFileVersionInfoSizeW
VerInstallFileA
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoW

winmm

waveInMessage
midiStreamPosition
midiStreamClose
mixerMessage
waveOutGetNumDevs
mmioInstallIOProcA
midiInGetDevCapsA
mciGetDeviceIDFromElementIDA
auxGetDevCapsA
mmioSendMessage
midiOutSetVolume
midiOutOpen
mixerGetNumDevs
joyReleaseCapture
mciSendStringW
PlaySoundA
midiOutPrepareHeader
timeKillEvent
waveInGetDevCapsA
joyGetDevCapsA
waveInGetErrorTextA
DrvGetModuleHandle
waveInStop
mixerSetControlDetails
midiOutCacheDrumPatches
mmioRenameW
joyGetThreshold
mixerGetLineControlsW
sndPlaySoundA
waveInGetDevCapsW
midiInReset
mmioOpenA
waveInGetErrorTextW
midiInClose
mmioAdvance
waveOutOpen
mmioClose
mixerGetLineInfoA
midiOutClose
midiOutShortMsg
sndPlaySoundW
midiOutGetErrorTextA
waveInClose
midiInStop
CloseDriver
midiInStart
mmioCreateChunk
mmioRenameA
waveOutSetPitch
midiOutGetErrorTextW
mmioFlush
mixerClose
waveOutSetPlaybackRate
midiStreamStop
mmioDescend
midiInGetErrorTextW
mmioOpenW
joyGetDevCapsW
timeGetTime
waveOutClose
mixerGetDevCapsW
midiOutGetDevCapsW
waveOutGetID
midiDisconnect
midiStreamOut
mciSetYieldProc
waveInGetID
midiInPrepareHeader
waveOutRestart
mixerGetID
waveInPrepareHeader
waveInOpen
mmioSetInfo
mixerGetDevCapsA
mixerGetControlDetailsW
waveInStart
GetDriverModuleHandle
midiOutLongMsg
joyGetPosEx
midiOutCachePatches
midiInUnprepareHeader
mciGetErrorStringW
midiOutGetID
auxGetVolume
auxOutMessage
waveOutPause
mixerGetLineInfoW
midiInGetDevCapsW
DefDriverProc
midiOutReset
timeBeginPeriod
mciGetErrorStringA

shlwapi

SHRegEnumUSValueW
PathStripToRootW
SHOpenRegStreamA
PathMakeSystemFolderW
PathIsDirectoryA
PathIsUNCW
PathSetDlgItemPathA
StrNCatW
StrCmpIW
StrFromTimeIntervalW
PathCompactPathW
PathIsURLA
PathCommonPrefixW
PathAddExtensionA
PathIsURLW
PathAppendA
PathRemoveFileSpecW
PathSearchAndQualifyA
PathRemoveBackslashA
SHRegOpenUSKeyA
StrToIntW
StrSpnW
PathMatchSpecA
PathStripToRootA
PathQuoteSpacesW
PathAddExtensionW
PathAddBackslashA
StrDupA
PathRenameExtensionA
SHRegWriteUSValueW
StrDupW
PathAddBackslashW
PathIsUNCServerA
PathIsRootA
SHEnumValueW
PathIsSystemFolderW
PathIsRootW
PathGetDriveNumberW
SHRegEnumUSKeyW
PathCanonicalizeW
PathIsDirectoryW
StrTrimA
SHRegQueryUSValueA
SHRegWriteUSValueA
SHGetValueA

user32

SetThreadDesktop
SendMessageTimeoutA
GetLastActivePopup
GetKeyboardLayoutNameW
DefWindowProcA
CreateMenu

imm32

ImmSetCompositionStringW
ImmEnumRegisterWordA
ImmEscapeW
ImmGetCompositionFontW
ImmUnregisterWordA
ImmGetCompositionStringW
ImmCreateContext

msvcrt

_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit

gdi32

GetPath
CreateDIBSection
GetCharWidth32W
RemoveFontResourceA
SetICMProfileW
GetObjectA
EnumFontsW
GdiComment
CreateScalableFontResourceA
GetMetaRgn
RealizePalette
PolyBezierTo
CreatePolygonRgn
GetKerningPairsA
GetTextExtentPoint32W
GetSystemPaletteEntries
SetArcDirection
DeleteMetaFile
Chord
GetEnhMetaFileBits
ArcTo
GetCharWidthFloatA
GetTextColor
DeleteDC
GetCharWidthW
GetTextExtentPoint32A
PolylineTo
OffsetViewportOrgEx
SetBrushOrgEx
CopyEnhMetaFileW
GetEnhMetaFileDescriptionA
EndDoc
SetPolyFillMode
StartDocA
GdiFlush
CreatePatternBrush
SetPixel
ScaleViewportExtEx
CreateBitmapIndirect
PlayMetaFile
DrawEscape
GetWindowExtEx
CreateDCA
GetBoundsRect
GetBrushOrgEx
GetColorAdjustment
GetRasterizerCaps
UpdateColors
DeleteEnhMetaFile
SetTextColor
DeleteObject
CreateEnhMetaFileA
MoveToEx
ExcludeClipRect
CloseEnhMetaFile
PolyBezier
DPtoLP
CreateFontIndirectA
GetPixelFormat
CreateScalableFontResourceW
GetTextExtentPointA
GetWinMetaFileBits
EndPage
RoundRect
CombineTransform
CreateMetaFileA
GetDCOrgEx
AddFontResourceW
GetCharacterPlacementW
CancelDC
TextOutW
SetColorSpace
InvertRgn
CreateRectRgn
UpdateICMRegKeyA
AngleArc
GetCharWidthA
StartDocW
ChoosePixelFormat
GetTextFaceW
GetOutlineTextMetricsA
GetCurrentObject
GetDeviceCaps
GetTextCharset
CreateRoundRectRgn
EnumFontsA
CopyMetaFileA
RectVisible
EnumICMProfilesW
ExtTextOutA
CreateDIBitmap
UnrealizeObject
SetBoundsRect
EnumEnhMetaFile
DescribePixelFormat
GetCharWidth32A
CreateICW
ResizePalette
GetCharABCWidthsFloatW
SetMapMode
TextOutA
GetEnhMetaFileHeader
CreateFontW
EnumMetaFile
SetStretchBltMode
SetBkColor
GetTextCharsetInfo
CreateDIBPatternBrush
SetICMMode
GetEnhMetaFilePaletteEntries
SetBitmapBits
GetBitmapBits
GetNearestPaletteIndex
CreateMetaFileW
StretchDIBits
EnumObjects
GetGlyphOutlineA
CreateHalftonePalette
CombineRgn
SelectClipRgn
CloseMetaFile
ResetDCW
GetColorSpace
FrameRgn
GetGraphicsMode
GetTextMetricsA
CreateCompatibleDC
GetStretchBltMode
PlgBlt
GetTextFaceA
GetMetaFileA
GetViewportExtEx
GetRegionData
RectInRegion
SelectObject
GetROP2
CreateColorSpaceW
GetRgnBox
GetAspectRatioFilterEx
SwapBuffers
GetBitmapDimensionEx
MaskBlt
GetPolyFillMode
CreateICA
GetOutlineTextMetricsW
CreatePen
PolyTextOutA
GetCurrentPositionEx
SetDIBitsToDevice
StrokeAndFillPath
CreateRectRgnIndirect
SetMetaFileBitsEx
GetPixel
GetFontLanguageInfo
SaveDC
Pie
PathToRegion
UpdateICMRegKeyW
SetGraphicsMode
GetTextAlign
CreateDCW
CreateFontA
SetWinMetaFileBits
GetEnhMetaFileDescriptionW
GetTextMetricsW
GdiGetBatchLimit
FillPath
GetDIBits
BitBlt
PtInRegion
GetCharABCWidthsA
GetPaletteEntries
CreateDIBPatternBrushPt
EnumFontFamiliesA
GetCharABCWidthsW
CreateHatchBrush
PolyPolyline
RestoreDC
EnumFontFamiliesExA
SetMetaRgn
FlattenPath
PaintRgn
SetEnhMetaFileBits
GetTextExtentPointW
PlayMetaFileRecord
CreateBitmap
CreateBrushIndirect
GetClipBox
SetPaletteEntries
GetObjectType
PatBlt
ExtTextOutW
SetColorAdjustment
PolyTextOutW
GetFontData
SetDeviceGammaRamp
TranslateCharsetInfo
SetROP2
CreateColorSpaceA
GetArcDirection
GetEnhMetaFileA
AbortPath
SetAbortProc
GetViewportOrgEx
GetLogColorSpaceW
Ellipse
CreatePenIndirect
GetMapMode
Escape
StartPage
SetViewportOrgEx
AddFontResourceA
GetMiterLimit
SetDIBColorTable
SetICMProfileA
Polyline
GetSystemPaletteUse
FloodFill
GetDeviceGammaRamp
FillRgn
ExtCreatePen
LineTo
GetMetaFileBitsEx
CopyEnhMetaFileA

winspool.drv

EnumJobsA

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f36f20e7049015e7196655351c0e2f2f

Headers

File Characteristics

Imports

comdlg32

mpr

advapi32

kernel32

version

winmm

shlwapi

user32

imm32

msvcrt

gdi32

winspool.drv

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 1.8MB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 1.8MB

.rsrc
Size: 20KB - Virtual size: 17KB