521085351dc8ce6b7f6f9cac6ebb406e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

521085351dc8ce6b7f6f9cac6ebb406e_JaffaCakes118
Size

847KB
MD5

521085351dc8ce6b7f6f9cac6ebb406e
SHA1

ad315dcca7748f2cd7aadad81da16cf40c79871e
SHA256

b708971205200174c62a33d5984f55ec473cf79bb94b9298b2511a75b2680c85
SHA512

dd18e6a4498ecaff724b0346cd219f920d7d635a45fe7ceac38200eead41d6e6382c0867de6d30dda8ca64d010612558bc1c58a9c6e2898f5ce9d3da1fc1f32e
SSDEEP

24576:Brx64hZzAgVRDaTFO+j7bTUUwhDyDdFb4:B0UMgVG73UUwVydB4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
521085351dc8ce6b7f6f9cac6ebb406e_JaffaCakes118

Files

521085351dc8ce6b7f6f9cac6ebb406e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

613081dbaf0fa81f77a1731351445594

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

XLATEOBJ_hGetColorTransform
GetCurrentPositionEx
DdEntry23
STROBJ_bEnum
AbortPath
PATHOBJ_vGetBounds
ArcTo
GetTextExtentPointW
SetBkMode
CreatePatternBrush
DdEntry26
StartPage
DdEntry11
Polyline
PathToRegion
EudcUnloadLinkW
EngQueryEMFInfo
StartFormPage
GdiEntry12
GdiTransparentBlt
GdiStartPageEMF
GetTextExtentExPointA
GdiGetCharDimensions

msvcrt

atoi
_wcstoi64
_adj_fdiv_m32
_putch
puts
_setmbcp
_strdup
_mktime64
__p__timezone
??1exception@@UAE@XZ
iscntrl
_ismbbprint
??_Gbad_cast@@UAEPAXI@Z
_execlp
_mbsnbcoll
_chkesp
_telli64
vsprintf

msi

MsiDatabaseIsTablePersistentA
MsiRecordGetFieldCount
MsiDeleteUserDataW
MsiLocateComponentA
MsiGetSummaryInformationA
MsiRecordSetStringA
MsiCollectUserInfoW
MsiInstallMissingFileA
MsiLoadStringA
MsiCloseHandle
MsiDatabaseImportA
MsiLocateComponentW
MsiGetFeatureUsageW
MsiProcessAdvertiseScriptW
MsiSetPropertyA
MsiSetTargetPathA
MsiSourceListClearAllA

scecli

SceSetupConfigureServices
SceDcPromoteSecurityEx
SceWriteSecurityProfileInfo
SceSvcConvertTextToSD
InitializeChangeNotify
SceSetupMoveSecurityFile
SceSetDatabaseSetting
SceCompareNameList
SceSetupGenerateTemplate
SceRollbackTransaction
SceSetupUnwindSecurityFile
SceSvcGetInformationTemplate
SceFreeProfileMemory
SceDcPromoCreateGPOsInSysvolEx
SceConfigureConvertedFileSecurity
SceStartTransaction
SceGetDbTime
SceCreateDirectory
SceGetAnalysisAreaSummary
SceGetTimeStamp
SceGetSecurityProfileInfo
SceOpenPolicy

kernel32

OpenProcess
FindFirstVolumeMountPointA
GetEnvironmentStringsW
GlobalAddAtomW
DeleteVolumeMountPointW
VirtualFreeEx
QueryMemoryResourceNotification
GetDriveTypeW
GetNumaAvailableMemoryNode
GetNumberOfConsoleInputEvents
GlobalHandle
FindFirstFileExW
SetHandleContext
RtlMoveMemory
VirtualAlloc
OpenFileMappingA
LoadLibraryA
GetFullPathNameW
FindNextVolumeW
GetConsoleInputExeNameA
DeleteFileA

dsound

DirectSoundCaptureEnumerateA
DirectSoundCreate8
DirectSoundCaptureCreate
DirectSoundCreate
DirectSoundEnumerateW
DirectSoundCaptureEnumerateW
DirectSoundCaptureCreate8
DirectSoundFullDuplexCreate
GetDeviceID
DirectSoundEnumerateA

user32

DefWindowProcA
PostQuitMessage
RegisterClassA

Sections

.text
Size: 748KB - Virtual size: 747KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

613081dbaf0fa81f77a1731351445594

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

msvcrt

msi

scecli

kernel32

dsound

user32

Sections

.text Size: 748KB - Virtual size: 747KB

.rdata Size: 91KB - Virtual size: 90KB

.data Size: 4KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 992B

.text
Size: 748KB - Virtual size: 747KB

.rdata
Size: 91KB - Virtual size: 90KB

.data
Size: 4KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 992B