f0adf33acf80a16ef8e0729b60e328bd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f0adf33acf80a16ef8e0729b60e328bd_JaffaCakes118
Size

339KB
MD5

f0adf33acf80a16ef8e0729b60e328bd
SHA1

80c7405791ea0dc1b179446d87ccb0a9fd0b02af
SHA256

e93b1697c18dfaad64a02fdc17e673f8f2719e2481fa41bc3c8abc1a80282453
SHA512

87e44202c4911929fa3acfe49bb5254cf8212b3fbabd4e28d5cdb80bb0ff7b62310faf99f3bbf14aa251473716bd96b86f56d0512f0ac10fead19d1728a3c7e9
SSDEEP

6144:BcaDRNkgzVjIde6k8Z609d+vanZrDP0EfkSsQdBYrezzbPE0w7L/j:yCRzuI6HomHnJsWn0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0adf33acf80a16ef8e0729b60e328bd_JaffaCakes118

Files

f0adf33acf80a16ef8e0729b60e328bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a10ceee7a3dafec925e86122ca9fec0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrOleFree
NdrOleAllocate
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrClientCall2
NdrCStdStubBuffer_Release
IUnknown_QueryInterface_Proxy
IUnknown_AddRef_Proxy
CStdStubBuffer_QueryInterface
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Disconnect
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_Connect
IUnknown_Release_Proxy
CStdStubBuffer_AddRef

ole32

WriteClassStm
StringFromGUID2
StringFromCLSID
RevokeDragDrop
ReleaseStgMedium
RegisterDragDrop
ReadClassStm
PropVariantCopy
PropVariantClear
OleUninitialize
OleSetClipboard
OleSaveToStream
OleRun
OleRegGetUserType
OleRegGetMiscStatus
OleRegEnumVerbs
OleLoadFromStream
OleInitialize
HWND_UserUnmarshal
HWND_UserSize
HWND_UserMarshal
HWND_UserFree
DoDragDrop
CreateStreamOnHGlobal
CreateOleAdviseHolder
CreateDataAdviseHolder
CoWaitForMultipleHandles
CoUnmarshalInterface
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoSetProxyBlanket
CoRevokeClassObject
CoResumeClassObjects
CoReleaseServerProcess
CoReleaseMarshalData
CoRegisterClassObject
CoMarshalInterface
CoMarshalInterThreadInterfaceInStream
CoLockObjectExternal
CoInitializeEx
CoInitialize
CoGetMalloc
CoGetInterfaceAndReleaseStream
CoGetClassObject
CoFreeUnusedLibraries
CoCreateInstance
CoCreateGuid
CoAllowSetForegroundWindow
CoAddRefServerProcess
CLSIDFromString
GetHGlobalFromStream

shlwapi

PathFileExistsW
PathFindFileNameA
PathFindFileNameW
PathGetArgsA
PathIsContentTypeA
PathIsContentTypeW
PathIsDirectoryEmptyW
PathIsDirectoryW
PathIsFileSpecW
PathIsRelativeW
PathIsRootW
PathIsURLW
PathRelativePathToW
PathRemoveArgsA
PathRemoveBackslashW
PathRemoveExtensionW
PathRemoveFileSpecA
PathRemoveFileSpecW
PathRenameExtensionW
PathStripPathW
PathUnExpandEnvStringsW
PathUnquoteSpacesA
PathUnquoteSpacesW
SHAutoComplete
SHCopyKeyA
SHCreateShellPalette
ord16
SHDeleteKeyA
SHDeleteKeyW
SHDeleteValueA
SHDeleteValueW
SHEnumKeyExW
SHGetValueA
SHGetValueW
SHQueryInfoKeyW
SHQueryValueExA
SHQueryValueExW
SHRegGetBoolUSValueA
SHRegSetUSValueA
SHSetValueA
SHSetValueW
SHStrDupW
StrCSpnA
StrCSpnW
StrChrA
StrCmpIW
StrCmpNIA
StrCmpNIW
StrCmpNW
StrCmpW
StrDupA
StrDupW
StrFormatByteSizeW
StrRChrIW
StrRChrW
StrStrA
StrStrIA
StrStrIW
StrStrW
StrToIntA
StrToIntExA
StrToIntExW
StrToIntW
StrTrimA
UrlApplySchemeW
UrlCreateFromPathW
UrlUnescapeA
UrlUnescapeW
PathFileExistsA
PathCompactPathExW
PathCombineW
PathCanonicalizeW
PathAppendW
PathAppendA
PathAddExtensionW
PathAddBackslashW
HashData
PathFindExtensionW

odbc32

ord171

user32

SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextA
SetWindowTextW
SetWindowsHookExA
ShowWindow
SystemParametersInfoA
TrackMouseEvent
TrackPopupMenu
TrackPopupMenuEx
TranslateAcceleratorA
TranslateAcceleratorW
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UnregisterClassW
UpdateWindow
ValidateRect
WindowFromPoint
InsertMenuA
InflateRect
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowTextLengthA
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowLongA
GetWindowInfo
GetWindowDC
GetWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollBarInfo
GetPropW
GetPropA
GetParent
GetNextDlgGroupItem
GetMonitorInfoA
GetMessageW
GetMessagePos
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardLayoutList
GetKeyState
GetGUIThreadInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItemTextW
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
SetWindowLongA
GetCursorPos
GetClientRect
GetClassNameW
GetClassNameA
GetClassInfoW
GetClassInfoExW
GetClassInfoExA
GetClassInfoA
GetCapture
GetActiveWindow
FindWindowExW
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EnumChildWindows
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextExW
DrawTextA
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DialogBoxParamW
DialogBoxParamA
DialogBoxIndirectParamA
DestroyWindow
DestroyMenu
DestroyIcon
DeleteMenu
DeferWindowPos
DefWindowProcW
DefWindowProcA
SetTimer
SetRectEmpty
SetRect
SetPropW
SetPropA
SetParent
SetMenuItemInfoW
SetMenuItemInfoA
SetMenuDefaultItem
CreateWindowExW
CreateWindowExA
CreatePopupMenu
CreateDialogParamW
CopyRect
CloseClipboard
ClientToScreen
CheckRadioButton
CheckMenuRadioItem
CheckMenuItem
CheckDlgButton
CharUpperW
CharUpperA
CharPrevW
CharPrevA
CharNextW
CharNextExA
CharNextA
CharLowerW
CharLowerA
CallWindowProcW
CallWindowProcA
CallNextHookEx
BeginPaint
BeginDeferWindowPos
AppendMenuW
AppendMenuA
AdjustWindowRectEx
ActivateKeyboardLayout
SetForegroundWindow
SetFocus
SetDlgItemTextW
SetDlgItemTextA
SetDlgItemInt
SetCursor
SetClipboardData
SetCapture
SetActiveWindow
SendMessageW
SendMessageTimeoutA
SendMessageCallbackW
SendMessageA
SendDlgItemMessageW
SendDlgItemMessageA
ScrollDC
ScreenToClient
RemovePropW
RemovePropA
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
InsertMenuItemA
RegisterClassW
RegisterClassExW
RegisterClassExA
RegisterClassA
PtInRect
PostThreadMessageA
PostQuitMessage
PostMessageW
PostMessageA
PeekMessageW
PeekMessageA
OpenClipboard
OffsetRect
MoveWindow
MonitorFromPoint
ModifyMenuW
MessageBoxW
MessageBoxA
MessageBeep
MapWindowPoints
LoadStringW
LoadStringA
LoadMenuW
LoadMenuA
LoadImageW
LoadImageA
LoadIconA
LoadCursorA
LoadAcceleratorsW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsMenu
IsIconic
IsDlgButtonChecked
IsDialogMessageW
IsDialogMessageA
IsChild
InvalidateRect
IntersectRect
InsertMenuW
GetDC
InsertMenuItemW
RegisterClipboardFormatA

gdi32

RestoreDC
SaveDC
Polygon
SetBkColor
SetBkMode
SetMapMode
SetTextColor
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StretchBlt
TextOutW
Rectangle
PatBlt
MoveToEx
LineTo
LPtoDP
GetTextMetricsA
GetTextExtentPointW
GetTextExtentPointA
GetTextExtentPoint32W
GetObjectW
GetObjectA
GetDeviceCaps
GetClipBox
Polyline
ExtTextOutW
ExtTextOutA
EnumFontFamiliesExA
Ellipse
DeleteObject
DeleteMetaFile
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreatePen
CreateMetaFileA
CreateFontIndirectW
CreateFontIndirectA
CreateFontA
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CloseMetaFile
SelectObject
BitBlt

oleaut32

VarDecCmp

advapi32

RegQueryValueExW
RegQueryValueExA
RegQueryValueA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegOpenKeyA
RegEnumValueW
RegEnumKeyExW
RegEnumKeyExA
RegEnumKeyA
RegDeleteValueW
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
UnregisterTraceGuids
TraceEvent
RevertToSelf
RegisterTraceGuidsA
RegSetValueExW
OpenThreadToken
OpenSCManagerA
OpenProcessToken
ImpersonateLoggedOnUser
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
GetTokenInformation
FreeSid
EqualSid
EnumServicesStatusA
CreateProcessWithLogonW
CloseServiceHandle
AllocateAndInitializeSid
RegSetValueExA

ws2_32

ntohs
listen
WSAEnumNameSpaceProvidersA
WSADuplicateSocketA
WSACloseEvent
WSACancelAsyncRequest
WSAAsyncGetProtoByNumber
WSAAsyncGetProtoByName

kernel32

HeapAlloc
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalLock
GlobalFree
GlobalAlloc
GetVersionExA
GetVersion
GetUserDefaultUILanguage
GetUserDefaultLCID
GetTimeFormatW
GetTickCount
GetTempPathW
GetTempPathA
GetTempFileNameW
GetTempFileNameA
GetSystemWindowsDirectoryA
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetSystemDirectoryW
GetSystemDirectoryA
GetStringTypeExA
GetStdHandle
GetShortPathNameW
GetProfileIntA
GetProcessHeap
GetProcAddress
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetLocaleInfoA
GetLocalTime
GetLastError
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetExitCodeThread
HeapFree
GetEnvironmentVariableW
GetDriveTypeW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetACP
FreeResource
FreeLibraryAndExitThread
FreeLibrary
FormatMessageW
FormatMessageA
FlushInstructionCache
FlushFileBuffers
FindResourceA
lstrlenW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
ExitProcess
EnterCriticalSection
DuplicateHandle
DeviceIoControl
DeleteTimerQueueTimer
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateTimerQueueTimer
CreateThread
CreateProcessW
CreateMutexW
CreateMutexA
CreateFileW
CreateEventW
CreateEventA
CreateDirectoryW
CopyFileW
CompareStringW
CompareStringA
CompareFileTime
CloseHandle
HeapReAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByte
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LockResource
MoveFileExW
MoveFileW
MulDiv
MultiByteToWideChar
OpenFile
OpenMutexA
OpenThread
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
RemoveDirectoryA
RemoveDirectoryW
ResumeThread
RtlMoveMemory
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetFileTime
lstrlenA
lstrcmpiW
SetHandleInformation
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpA
lstrcmpW
lstrcmpiA
GetExitCodeProcess

crypt32

CryptFreeOIDFunctionAddress

imm32

ImmDestroySoftKeyboard
ImmEnumRegisterWordW
ImmGenerateMessage
ImmDestroyContext
ImmCreateIMCC

Sections

.text
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 237KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a10ceee7a3dafec925e86122ca9fec0

Headers

File Characteristics

Imports

rpcrt4

ole32

shlwapi

odbc32

user32

gdi32

oleaut32

advapi32

ws2_32

kernel32

crypt32

imm32

Sections

.text Size: 54KB - Virtual size: 56KB

.rdata Size: 237KB - Virtual size: 240KB

.data Size: 18KB - Virtual size: 19KB

.idata Size: 16KB - Virtual size: 19KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 54KB - Virtual size: 56KB

.rdata
Size: 237KB - Virtual size: 240KB

.data
Size: 18KB - Virtual size: 19KB

.idata
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 12KB - Virtual size: 11KB