f996e118602111fc413c7ad65664bb77_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f996e118602111fc413c7ad65664bb77_JaffaCakes118
Size

63KB
MD5

f996e118602111fc413c7ad65664bb77
SHA1

3dbbfe4aa55cc1a9a83ae591d6305913ab89f23e
SHA256

153f851316ed83723f2c39a116de2853f69179e4d2a172be5d8ddedc7f7b824f
SHA512

8bac01cc1527a11e83875ea994e9867985f5b0399b27038fd93915bf5c9628c1479ed7882b553825582f3754896083805c2f9c0086f6aa5093dbc71d0f7c750f
SSDEEP

1536:gbIobe8XG8YaFgm5Wn3isQLlB/UWbVGUePFsdL/t4QEfWcoprzdckhTPtLK0N:4SSYaH523isIBsWbbeaV4ZfWc0xcutxN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f996e118602111fc413c7ad65664bb77_JaffaCakes118

Files

f996e118602111fc413c7ad65664bb77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dac20191d1ae5ad495337ddbfeb40623

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleInputA
SetStdHandle
FormatMessageA
GetStringTypeA
GlobalCompact
GetConsoleAliasesA
FindNextFileW
MoveFileExA
IsBadHugeWritePtr
CreateMutexA
EnumSystemCodePagesW
CreateIoCompletionPort
LocalSize
HeapReAlloc
GetCPInfoExA
SetMessageWaitingIndicator
Module32FirstW
GetCPInfo
HeapCreate
WaitCommEvent
GetThreadPriorityBoost
CreateProcessA
SetThreadPriorityBoost
DeleteCriticalSection
VirtualQueryEx
ReadConsoleW
FlushConsoleInputBuffer
GetEnvironmentVariableA
MultiByteToWideChar
GetSystemDefaultUILanguage
GetConsoleCursorInfo
CreateDirectoryA
DebugBreak
MoveFileA
DeleteFileA
ClearCommBreak
GlobalMemoryStatusEx
GetSystemDirectoryA
GetTempPathA
UnmapViewOfFile
CreateFileMappingA
ReadFileEx
GetDriveTypeA
TryEnterCriticalSection
TlsGetValue
SetCommMask
SetDefaultCommConfigA
CreateDirectoryW
HeapFree
ExitProcess
FindNextFileA
GetShortPathNameW
MapUserPhysicalPages
SetConsoleCursorPosition
UnregisterWait
VirtualQuery
GetFileAttributesExA
IsDBCSLeadByteEx
RequestWakeupLatency
UnhandledExceptionFilter
MapViewOfFile
OpenWaitableTimerA
GetPrivateProfileSectionA
Module32NextW
GlobalFree
lstrcmpiA
SetVolumeLabelA
MulDiv
GetUserDefaultLCID
GetProcessHeap
GetDiskFreeSpaceA
SetVolumeLabelW
GetPrivateProfileSectionNamesA
Process32Next
IsBadStringPtrA
ExpandEnvironmentStringsW
CancelIo
WinExec
SetProcessPriorityBoost
GetCommandLineA
ResetWriteWatch
LockFileEx
BuildCommDCBW
ChangeTimerQueueTimer
EscapeCommFunction
SetFileAttributesA
EnumCalendarInfoExW
GetVolumePathNameA
GetCommState
SetTapePosition
FoldStringA
SetCurrentDirectoryA
OpenJobObjectA
GetVersionExW
WriteFileEx
CopyFileA
GetCommConfig
GetLocalTime
GetVolumeNameForVolumeMountPointA
_lread
GetConsoleAliasesLengthA
LeaveCriticalSection
QueueUserWorkItem
FlushInstructionCache
PeekConsoleInputA
GetExitCodeProcess
MapUserPhysicalPagesScatter
CallNamedPipeA
GetVersionExA
GetThreadSelectorEntry
EnumDateFormatsExA
AllocConsole
lstrcmpW
GetCurrentConsoleFont
SetCalendarInfoA
GetDriveTypeW
GetProfileSectionW
CreateTimerQueue
ReadConsoleOutputCharacterW
LocalFree
CreateTapePartition
GetFileSizeEx
IsValidLanguageGroup
DuplicateHandle
CommConfigDialogW
SetTapeParameters
GetEnvironmentStringsA
Thread32Next
GetHandleInformation
QueryInformationJobObject
SetFileAttributesW
TerminateProcess
_hread
ReadConsoleInputW
GetConsoleAliasExesW
WaitForMultipleObjectsEx
DisconnectNamedPipe
GetComputerNameA
GetVersion
OpenFile
GetModuleHandleW
FileTimeToLocalFileTime
PeekConsoleInputW
_llseek
FindNextVolumeA
DeleteAtom
PulseEvent
lstrcatW
VerLanguageNameW
UpdateResourceW
GlobalDeleteAtom
lstrcat
SetVolumeMountPointW
OpenSemaphoreA
PeekNamedPipe
InterlockedCompareExchange
SetTimeZoneInformation
WriteProfileSectionA
CreateTimerQueueTimer
BeginUpdateResourceA
SetComputerNameA
WaitNamedPipeA
GetNumberOfConsoleInputEvents
GetExitCodeThread
CreateConsoleScreenBuffer
_lclose
SetCurrentDirectoryW
GetStringTypeExW
GetFileAttributesA
VirtualAlloc
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress

user32

GetClientRect
CharUpperBuffA
MessageBoxExA
GetClipboardData
EnumPropsExW
CharToOemBuffW
DdeInitializeW
GetMenuInfo
UnregisterClassW
SetUserObjectSecurity
GetWindow
SetSysColors
ChildWindowFromPoint
VkKeyScanExW
ImpersonateDdeClientWindow
GetPropA
GetAltTabInfo
RegisterClipboardFormatW
GrayStringA
DdeFreeStringHandle
UnhookWindowsHook
GetMenuState
MapVirtualKeyExW
GetUserObjectSecurity
LoadAcceleratorsA
InvalidateRgn
IsCharAlphaW
MessageBoxExW
GetClipboardOwner
SendDlgItemMessageA
RegisterClassExW
PeekMessageA
DrawMenuBar
OpenWindowStationA
SetMenuItemInfoW
GetSysColorBrush
OemToCharA
CloseClipboard
ScrollDC
EnableWindow
IsWindowVisible
GetDlgItem
EnumPropsA
FlashWindow
DdeQueryNextServer
ExitWindowsEx
DestroyIcon
CallMsgFilter
GetSysColor
DrawFrame
RemoveMenu
ShowWindowAsync
GetMenuItemInfoW
GetCursorInfo
GetWindowModuleFileName
EditWndProc
DrawAnimatedRects
EnumDisplayDevicesA
OffsetRect
SendMessageW
MonitorFromPoint
GetClipboardFormatNameA
RegisterClipboardFormatA
GetMenu
GetParent
TileWindows
SetMessageExtraInfo
FindWindowExA
TranslateMessage
SetWinEventHook
UpdateWindow
ShowCursor
GetKBCodePage
CreateDialogParamA
DlgDirSelectExW
RegisterWindowMessageW
DefWindowProcW
CharLowerW
SetWindowsHookExA
WINNLSEnableIME
LoadCursorFromFileW
MapDialogRect
FrameRect
SetTimer
EnumPropsExA
GetKeyNameTextA
IsCharUpperW
GetWindowInfo
DdeConnectList
OpenClipboard
GetProcessDefaultLayout
OemKeyScan
GetCaretBlinkTime
wvsprintfA
SetPropW
UnionRect
HideCaret
BeginPaint
CheckRadioButton
RealGetWindowClassW
GetScrollBarInfo
DdeConnect
CharUpperBuffW
DdeReconnect
SetDlgItemInt
GetMenuItemRect
LoadBitmapW
SystemParametersInfoW
IsDialogMessage
InSendMessageEx
GetClipCursor
GetUserObjectInformationA
SetScrollRange
TranslateMDISysAccel
keybd_event
IsWindowEnabled
InSendMessage
EndTask
RegisterDeviceNotificationA
ChildWindowFromPointEx
SendNotifyMessageW
LockWorkStation
SetClassLongW
GetLastActivePopup
SetClipboardData
GetNextDlgGroupItem
MessageBoxIndirectW
ExcludeUpdateRgn
GetMenuItemID
GetClassLongA
GetQueueStatus
GetSubMenu
DrawFocusRect
IsDialogMessageW
GetThreadDesktop
DdeCreateStringHandleW
GetScrollPos
TrackMouseEvent
GetListBoxInfo
LoadStringW
DefFrameProcA
SetProcessDefaultLayout
DdeDisconnectList
LockWindowUpdate
GetWindowWord
mouse_event
DispatchMessageW
AnimateWindow
InternalGetWindowText
DragDetect
GetScrollRange
OpenIcon
IsDlgButtonChecked
SetLayeredWindowAttributes

msvcrt

memcpy

comdlg32

PrintDlgExA
GetOpenFileNameW
PrintDlgExW
PageSetupDlgW

advapi32

RegOpenKeyExA

shell32

SHGetPathFromIDList
SHGetFolderPathA
SHGetInstanceExplorer
ShellExecuteA
ShellExecuteExA
SHCreateProcessAsUserW
SHEmptyRecycleBinA
Shell_NotifyIconA
ExtractAssociatedIconA
DragQueryFile
SHGetDiskFreeSpaceExW
DragQueryFileW
SHGetIconOverlayIndexW
ExtractIconW
ExtractAssociatedIconW
SHGetSpecialFolderPathW
SHInvokePrinterCommandW
SHGetMalloc
ExtractIconEx
DragQueryPoint
ShellAboutW

shlwapi

StrCmpNIW
StrRChrA

comctl32

CreateStatusWindow
FlatSB_SetScrollProp
ImageList_GetImageCount
CreatePropertySheetPageA
ord2
CreateStatusWindowW
_TrackMouseEvent
CreatePropertySheetPage
ImageList_DragLeave
ImageList_Copy
FlatSB_GetScrollProp
ImageList_SetOverlayImage

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dac20191d1ae5ad495337ddbfeb40623

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

comdlg32

advapi32

shell32

shlwapi

comctl32

Sections

.text Size: 48KB - Virtual size: 48KB

.data Size: 10KB - Virtual size: 10KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 48KB

.data
Size: 10KB - Virtual size: 10KB

.reloc
Size: 2KB - Virtual size: 1KB