022903a9c588c7d5694aeecb15d2ff4e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

022903a9c588c7d5694aeecb15d2ff4e_JaffaCakes118
Size

4.6MB
MD5

022903a9c588c7d5694aeecb15d2ff4e
SHA1

e8e6109859daf9d6ac23fbfbe063d3bbd98eb0fe
SHA256

ff3b11e3e928376ec6aa24f4bd8a9dd3ee668b7c081195050601991d66324e7d
SHA512

13956acf783a2a83bd7d584c16b6bd2c6477d8ca89b744438c61b3bb0bd70f70aa51f297744727c1893b0f8e3ef41b0a8a936808a26decf7b358c98078975b37
SSDEEP

98304:497noQ6g5M9KrJZd3YK2sSgrdu60BRxI5du7qluQDdeTf69yRJ:07oVg5MOJZd3YK2CRu60BRxqd0fd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
022903a9c588c7d5694aeecb15d2ff4e_JaffaCakes118

Files

022903a9c588c7d5694aeecb15d2ff4e_JaffaCakes118
.exe windows:6 windows x86 arch:x86

53f866e717611aefb2fb7036a8a63ba9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
InitializeCriticalSectionAndSpinCount
FreeConsole
AttachConsole
WriteConsoleA
WriteConsoleW
FillConsoleOutputCharacterW
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
ReadConsoleOutputCharacterA
ExitProcess
MulDiv
GetCommandLineW
HeapSize
GetProcessHeap
GlobalAlloc
GlobalSize
GlobalFree
SetErrorMode
CreateMutexW
SetThreadPriority
TerminateThread
GetExitCodeThread
ResumeThread
SetCurrentDirectoryW
GetFileType
CopyFileW
WriteFile
SetHandleInformation
CreatePipe
SetNamedPipeHandleState
PeekNamedPipe
SetEvent
WaitForMultipleObjects
CreateProcessW
GetLongPathNameW
GetTempFileNameW
GetEnvironmentVariableW
IsDebuggerPresent
GetModuleFileNameW
LoadResource
LockResource
SizeofResource
FindResourceW
GetComputerNameW
IsValidCodePage
GetACP
IsValidLocale
GetUserDefaultLCID
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
IsBadReadPtr
IsBadStringPtrA
GetDiskFreeSpaceExA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
GetStartupInfoW
InitializeSListHead
RtlUnwind
LoadLibraryExW
GetFileInformationByHandle
SystemTimeToTzSpecificLocalTime
GetFullPathNameW
GetModuleHandleExW
ExitThread
FreeLibraryAndExitThread
MoveFileExW
SetStdHandle
FlushFileBuffers
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
GetTimeZoneInformation
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
EnumSystemLocalesW
GetFileSizeEx
GetCurrentDirectoryW
HeapReAlloc
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetEndOfFile
FindFirstFileExW
GetCommandLineA
GetStringTypeW
FormatMessageW
CreateEventW
K32GetProcessImageFileNameW
K32GetProcessMemoryInfo
K32GetModuleFileNameExW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetSystemDefaultUILanguage
WideCharToMultiByte
MultiByteToWideChar
FileTimeToSystemTime
SetVolumeLabelW
MoveFileW
LocalFree
LocalAlloc
GlobalLock
GlobalUnlock
LoadLibraryW
GetProcAddress
FreeLibrary
GetVersionExW
GetSystemDirectoryW
GetTickCount
GetSystemTime
OpenProcess
GetProcessId
GetCurrentThreadId
GetCurrentThread
CreateThread
GetExitCodeProcess
TerminateProcess
GetCurrentProcessId
GetCurrentProcess
Sleep
WaitForSingleObject
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeviceIoControl
SetLastError
GetLastError
CloseHandle
OutputDebugStringW
GetTempPathW
SetFileAttributesW
ReadFile
QueryDosDeviceW
GetVolumeInformationW
GetLogicalDriveStringsW
GetFileTime
GetFileAttributesExW
GetFileAttributesW
GetDriveTypeW
GetDriveTypeA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
DeleteFileW
CreateFileW
CreateDirectoryW
GetStdHandle
ExpandEnvironmentStringsW

user32

FindWindowExW
UnionRect
GetWindowTextW
MessageBeep
GetClassNameW
GetMessageW
PostThreadMessageW
ValidateRect
CreateAcceleratorTableW
DestroyAcceleratorTable
TranslateAcceleratorW
GetDoubleClickTime
GetWindowDC
BeginPaint
EndPaint
ValidateRgn
IsRectEmpty
IsClipboardFormatAvailable
wsprintfW
ChangeDisplaySettingsExW
EnumDisplaySettingsW
MonitorFromPoint
MonitorFromWindow
GetMonitorInfoW
EnumDisplayMonitors
GetDesktopWindow
WaitForInputIdle
MsgWaitForMultipleObjects
SetTimer
KillTimer
DdeInitializeW
DdeUninitialize
DdeConnect
DdeDisconnect
DdePostAdvise
DdeNameService
DdeClientTransaction
DdeCreateDataHandle
DdeGetData
DdeFreeDataHandle
DdeGetLastError
DdeCreateStringHandleW
DdeQueryStringW
DdeFreeStringHandle
GetDialogBaseUnits
CreateDialogIndirectParamW
IsZoomed
IsIconic
FlashWindowEx
SetLayeredWindowAttributes
GetWindowPlacement
SetWindowRgn
GetDlgItem
CreateDialogParamW
DestroyIcon
CreateIconIndirect
DestroyCursor
GetIconInfo
LoadIconW
LoadBitmapW
SetMenu
PostMessageW
RegisterWindowMessageW
HideCaret
GetWindowTextLengthW
keybd_event
IsMenu
GetScrollInfo
SetScrollInfo
IsDialogMessageW
CallNextHookEx
UnhookWindowsHookEx
GetComboBoxInfo
DrawStateW
GetParent
SetMenuInfo
InflateRect
FillRect
GetSysColor
ChildWindowFromPointEx
WindowFromPoint
MapWindowPoints
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
GetWindowRect
GetClientRect
SetWindowTextW
EnableScrollBar
ScrollWindow
RedrawWindow
InvalidateRect
GetUpdateRgn
GetMenuItemInfoW
TrackPopupMenu
GetMenuItemCount
GetSystemMetrics
IsWindowEnabled
ReleaseCapture
SetCapture
GetCapture
MapVirtualKeyW
VkKeyScanW
GetAsyncKeyState
GetFocus
GetActiveWindow
SetFocus
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
MoveWindow
AnimateWindow
DestroyWindow
IsWindow
CreateWindowExW
CallWindowProcW
PostQuitMessage
DefWindowProcW
GetMessageTime
GetMessagePos
UnregisterHotKey
RegisterHotKey
PeekMessageW
DispatchMessageW
TranslateMessage
LoadCursorW
GetProcessDefaultLayout
UnregisterClassW
RegisterClassW
SendMessageW
AttachThreadInput
ShowWindow
SetWindowPos
IsWindowVisible
BringWindowToTop
OpenClipboard
CloseClipboard
GetClipboardData
EmptyClipboard
GetKeyState
SetActiveWindow
EnableWindow
GetSystemMenu
AppendMenuW
UpdateWindow
GetForegroundWindow
SetForegroundWindow
GetDC
ReleaseDC
MessageBoxW
GetWindowLongW
SetWindowLongW
GetWindowThreadProcessId
ChildWindowFromPoint
GetClipboardFormatNameW
RegisterClipboardFormatW
GetWindow
InsertMenuItemW
RemoveMenu
ModifyMenuW
InsertMenuW
DestroyMenu
CreatePopupMenu
CreateMenu
CheckMenuRadioItem
SetRect
GetSysColorBrush
SetMenuItemInfoW
GetMenuItemID
GetSubMenu
LoadImageW
SystemParametersInfoW
CheckMenuItem
GetMenuState
DrawEdge
DrawIconEx
DrawFrameControl
DrawFocusRect
OffsetRect
CopyRect
PtInRect
DrawTextW
SetRectEmpty
EnableMenuItem
SetParent
DrawMenuBar
SetWindowsHookExW

gdi32

CreateICW
GetSystemPaletteEntries
EnumFontFamiliesExW
ExcludeClipRect
RealizePalette
SelectObject
SelectPalette
GetTextMetricsW
SetBrushOrgEx
GdiFlush
DeleteObject
GetObjectW
CreateCompatibleDC
DeleteDC
StretchBlt
GetDIBColorTable
CreateDIBSection
GetDIBits
CreateDIBitmap
ExtCreatePen
GetTextExtentExPointW
GetCharABCWidthsW
CreateRectRgnIndirect
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
RectInRegion
PtInRegion
GetRgnBox
GetDeviceCaps
SetAbortProc
EqualRgn
CombineRgn
MoveToEx
LineTo
GetTextExtentPoint32W
CreatePen
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolyBezier
Polyline
Polygon
ExtTextOutW
ModifyWorldTransform
SetWorldTransform
GetWorldTransform
SetStretchBltMode
SetROP2
StretchDIBits
SetPolyFillMode
SetPixel
GetLayout
SetLayout
SetMapMode
CreateFontIndirectW
GetOutlineTextMetricsW
ExtCreateRegion
GetRegionData
OffsetRgn
SetBkColor
SetBkMode
SetTextColor
BitBlt
CreateBitmap
SetGraphicsMode
ExtSelectClipRgn
SelectClipRgn
RoundRect
Rectangle
PolyPolygon
Pie
MaskBlt
GetPixel
GetObjectType
GetClipBox
GetBkColor
PlayEnhMetaFile
GetEnhMetaFileHeader
GetEnhMetaFileW
DeleteEnhMetaFile
CreateEnhMetaFileW
CloseEnhMetaFile
ExtFloodFill
Ellipse
Arc
GetStockObject
CreateSolidBrush
CreatePatternBrush
CreateHatchBrush
CreateRectRgn
EndPage
StartPage
EndDoc
CreateDCW
StartDocW
CreateCompatibleBitmap

advapi32

RegCreateKeyExW
AddAccessAllowedAce
AllocateAndInitializeSid
DuplicateToken
FreeSid
GetLengthSid
InitializeAcl
InitializeSecurityDescriptor
IsValidSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
RegCloseKey
RegDeleteKeyW
OpenProcessToken
OpenThreadToken
GetUserNameW
RegEnumKeyW
RegDeleteValueW
AccessCheck
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW

shell32

SHGetSpecialFolderLocation
SHCreateDirectoryExW
SHGetPathFromIDListW
ShellExecuteExW
ShellExecuteW
SHChangeNotify
ord6
SHGetFileInfoW
CommandLineToArgvW
ExtractIconExW
ExtractIconW
DragAcceptFiles
DragFinish
DragQueryPoint
DragQueryFileW
SHGetFolderPathW

ole32

RegisterDragDrop
CoLockObjectExternal
CoTaskMemAlloc
CoCreateInstance
ReleaseStgMedium
OleSetContainedObject
OleRun
OleLockRunning
CoTaskMemFree
OleSetClipboard
OleGetClipboard
OleFlushClipboard
RevokeDragDrop
OleUninitialize
OleInitialize
CoCreateGuid
CoUninitialize
OleIsCurrentClipboard
CoInitialize

rpcrt4

RpcStringFreeA
UuidToStringA
RpcStringFreeW
UuidToStringW
UuidCreate

shlwapi

StrToIntW
SHAutoComplete
UrlCanonicalizeW

wininet

HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestW
InternetSetOptionW
InternetOpenUrlW
InternetConnectW
InternetQueryOptionW
InternetOpenW
InternetCloseHandle
InternetQueryDataAvailable
HttpQueryInfoW
InternetReadFile

ws2_32

WSAStartup
WSACleanup
inet_addr
ioctlsocket
closesocket
WSAGetLastError
getservbyname
gethostbyname
__WSAFDIsSet
accept
bind
connect
getsockname
getsockopt
listen
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket
htonl
htons
gethostbyaddr
ntohl
ntohs

crypt32

CertOpenStore
CertFindCertificateInStore
CertVerifySubjectCertificateContext
CertFreeCertificateContext
CertCloseStore
CertGetCertificateContextProperty
CertGetNameStringW
CryptVerifyDetachedMessageSignature

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

comdlg32

PrintDlgW
ChooseFontW
CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW
PageSetupDlgW

oleaut32

SafeArrayPtrOfIndex
SafeArrayDestroy
SafeArrayCreate
SysFreeString
VariantInit
SysAllocString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayGetVartype
VarBstrFromCy
SafeArrayLock
VariantClear
SafeArrayUnlock

msimg32

GradientFill
AlphaBlend

oleacc

LresultFromObject

uxtheme

IsThemePartDefined
GetCurrentThemeName
GetThemeBackgroundExtent
GetThemeFont
IsAppThemed
IsThemeActive
SetWindowTheme
GetThemeSysFont
GetThemeSysColor
GetThemeInt
GetThemePartSize
GetThemeMargins
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeBackgroundContentRect
IsThemeBackgroundPartiallyTransparent
GetThemeColor

comctl32

ImageList_Create
ImageList_Destroy
ImageList_GetImageCount
ImageList_Add
ImageList_SetBkColor
ImageList_Draw
ImageList_Replace
ImageList_AddMasked
ImageList_GetIconSize
ImageList_GetImageInfo
ord16
ord17

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53f866e717611aefb2fb7036a8a63ba9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

rpcrt4

shlwapi

wininet

ws2_32

crypt32

winspool.drv

comdlg32

oleaut32

msimg32

oleacc

uxtheme

comctl32

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.data Size: 73KB - Virtual size: 263KB

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 73KB - Virtual size: 263KB

.rsrc
Size: 40KB - Virtual size: 40KB