123db43b394922b885d56e701e96279e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

123db43b394922b885d56e701e96279e_JaffaCakes118
Size

100KB
MD5

123db43b394922b885d56e701e96279e
SHA1

8fba2b33c08912d72b73a6b78d6c492a4f519147
SHA256

f20a69198f01f5beba6ff9826843a1a7d2d12c80d15ef0fdf86c1e8528c4e633
SHA512

d9321da75f27855d2dfa86b7bffc774dae459eee8a474cfefe746675dfd5c8a095c915fb6a03a8e2465cd6d82b893c0403b326de75f7156293fb2af647b010e3
SSDEEP

1536:tVenhgxRXAamIAKJtnABJ+WMkJ+Ey+n6z5mFtzIQszNS5UDWSPTk:tVeuxZXAstnUJ+WfJsQcEtzwNSNSL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
123db43b394922b885d56e701e96279e_JaffaCakes118

Files

123db43b394922b885d56e701e96279e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

524b3589a6935c5c932aa74b4b769a1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SetEntriesInAclW
RegSetValueExW
StartServiceA
RegOpenKeyExA
ReportEventA
AllocateAndInitializeSid
LookupAccountNameW
InitiateSystemShutdownA
OpenSCManagerA
RegQueryInfoKeyW
CopySid
RegisterServiceCtrlHandlerA
AdjustTokenPrivileges
SetSecurityDescriptorOwner
QueryServiceConfigW
RegOpenKeyExW
InitializeSecurityDescriptor
ChangeServiceConfigW
RegCreateKeyA
GetAce
StartServiceCtrlDispatcherW
RegSetValueA
RevertToSelf
AddAce
CloseServiceHandle
GetSidSubAuthorityCount
RegisterEventSourceA
SetSecurityDescriptorGroup
OpenSCManagerW
RegCreateKeyW
QueryServiceStatus
RegDeleteKeyA
RegUnLoadKeyW

wininet

InternetQueryDataAvailable
FtpGetCurrentDirectoryA
FtpCreateDirectoryA
FtpRemoveDirectoryA
CommitUrlCacheEntryA
InternetConfirmZoneCrossing
InternetGetCookieA
InternetGetCookieW
HttpQueryInfoA
InternetSetFilePointer
InternetReadFileExW
GopherGetAttributeA
RetrieveUrlCacheEntryStreamW
DeleteUrlCacheGroup
InternetConnectW
UnlockUrlCacheEntryFile
HttpQueryInfoW
FtpDeleteFileW
FindFirstUrlCacheEntryExW
FindCloseUrlCache
InternetWriteFile
InternetSetStatusCallback
HttpSendRequestExW
DeleteUrlCacheEntry
GopherGetAttributeW

shlwapi

PathIsRelativeA
PathRemoveFileSpecW
PathIsUNCW
StrCmpIW
PathIsUNCServerShareW
PathCommonPrefixA
PathQuoteSpacesA
PathMakePrettyW
PathUnquoteSpacesA
PathSkipRootA
StrTrimA
SHSetValueA
PathIsSameRootA
PathStripToRootW
PathIsContentTypeW
SHRegDeleteEmptyUSKeyW
StrCatW
PathAddBackslashW
StrPBrkA
PathIsUNCServerW
PathStripPathA
StrToIntExA
PathGetDriveNumberW
PathIsRootW
PathIsSameRootW
SHDeleteKeyA
PathAddBackslashA
PathFileExistsA
SHEnumKeyExW
StrNCatA
SHRegGetBoolUSValueA
PathParseIconLocationW
SHRegWriteUSValueW
PathCompactPathExW
SHDeleteValueW
PathFindOnPathA
StrCSpnA
PathFindNextComponentA
PathFindExtensionW
PathBuildRootA
StrDupA
PathGetDriveNumberA
PathCompactPathExA
PathRemoveExtensionA
PathGetCharTypeW
SHRegGetBoolUSValueW
PathAppendA
SHRegSetUSValueW
SHSetValueW
PathFindOnPathW
PathMatchSpecA
PathSetDlgItemPathW
PathCommonPrefixW
PathUnquoteSpacesW
PathFindFileNameA
PathIsFileSpecA
StrDupW
StrToIntA
StrCpyW
PathMakeSystemFolderW
PathRelativePathToW
StrTrimW
PathIsPrefixW
PathRemoveBackslashA
SHDeleteEmptyKeyA
SHQueryValueExA
PathRemoveArgsW
PathCombineA
SHEnumKeyExA
StrCSpnW
PathRemoveFileSpecA
StrSpnA
PathIsSystemFolderW
SHDeleteKeyW
PathIsUNCA
PathAppendW
PathIsUNCServerShareA
SHRegCloseUSKey
PathFindExtensionA
StrCmpW
PathGetArgsA
StrSpnW
PathAddExtensionA
PathStripToRootA
StrFromTimeIntervalW
SHDeleteEmptyKeyW
PathCompactPathW
StrFormatByteSizeW
PathIsDirectoryA
SHEnumValueW
PathParseIconLocationA
SHRegOpenUSKeyW

gdi32

GetBkColor
GetObjectW
CreateDIBSection
ScaleViewportExtEx
IntersectClipRect
SetBkMode
ExtFloodFill
GetEnhMetaFileBits
OffsetClipRgn
SetDIBColorTable
CloseEnhMetaFile
GetDeviceCaps
StartDocW
GetObjectType
GetTextAlign
GetDIBColorTable
CreateFontA
SetWorldTransform
SetStretchBltMode
CreateBitmap
CopyEnhMetaFileW
Polyline
SetPolyFillMode
GetEnhMetaFileHeader
GetBitmapBits
GetCharWidthA
SetWindowExtEx
PolyBezierTo
EndPage
PlayEnhMetaFile
CreateEllipticRgn
ResizePalette
Rectangle
EndPath
GetStockObject
Ellipse
GetBrushOrgEx
DeleteEnhMetaFile
CreateDIBPatternBrushPt
ExtCreateRegion
CreateRoundRectRgn
LPtoDP
SetViewportExtEx
EndDoc
GetNearestPaletteIndex
SetTextCharacterExtra
FillRgn
OffsetRgn
GetClipRgn
ScaleWindowExtEx

kernel32

Module32NextW
ConvertDefaultLocale
GetPrivateProfileSectionA
GetFileAttributesA
FindNextChangeNotification
GetStringTypeExW
CreateDirectoryA
GetFileAttributesExW
VirtualQueryEx
GetCurrentThreadId

user32

LoadImageA
GetKeyState
GetClassNameA
RegisterClassExW
FindWindowW
CloseDesktop
MoveWindow
GetClipboardFormatNameW
MessageBoxA
SetScrollPos
DrawTextA
GetDlgCtrlID
FindWindowExA
InvalidateRect
SetCapture
DispatchMessageA
ShowOwnedPopups
GetDC
LoadBitmapW
RegisterWindowMessageA
RegisterClipboardFormatA
OemToCharBuffA
GetCursorPos
DestroyMenu
TranslateAcceleratorW
SetWindowLongW
EnableWindow
WindowFromDC
RemoveMenu
wvsprintfA
CloseClipboard
WinHelpA
CharPrevW
BringWindowToTop
ClientToScreen
SetWindowLongA
DefWindowProcA
FindWindowA
DrawFrameControl
SetCursor
CharUpperA
TrackPopupMenu
GetSysColor
ShowScrollBar
LoadMenuW
SetMenu
CreateMenu
BeginDeferWindowPos
GetMenuState
MessageBeep
GetCaretPos
GetKeyNameTextW
SetKeyboardState
GetDlgItemTextW
LoadMenuA
GetMenuItemCount
GetClipboardData
WindowFromPoint
IntersectRect
CheckMenuItem
DispatchMessageW
CharPrevA
SendDlgItemMessageA
GetLastActivePopup
SetForegroundWindow
SetWindowPos
ReuseDDElParam
PostQuitMessage
CharToOemA
PostMessageW
GetDlgItemTextA
ValidateRect
PeekMessageW
DrawIcon
CharLowerA
MapVirtualKeyExW
InsertMenuA
ReleaseDC
CreateDialogIndirectParamW
CopyImage
GetWindow
CharUpperBuffW
WaitMessage
CreateWindowExW
UnpackDDElParam
TranslateMessage
SetClipboardData
GetScrollRange
SetActiveWindow
SetClassLongW
AdjustWindowRect
PostMessageA
GetProcessWindowStation
ScreenToClient
IsChild
SetPropA
DialogBoxIndirectParamW
SystemParametersInfoA
SetFocus
SetClassLongA
KillTimer
EmptyClipboard
VkKeyScanW
DefFrameProcW
IsWindowVisible
PostThreadMessageA
EnumDisplaySettingsW
GetForegroundWindow
DrawTextW
IsDlgButtonChecked
CharNextW
SetRectEmpty
MapWindowPoints
IsClipboardFormatAvailable
OffsetRect
LoadStringW
GetClassInfoExW
GetWindowLongA
ScrollWindow
CharLowerBuffA
AppendMenuW
SetRect
GetMenuItemID
CheckRadioButton
DestroyAcceleratorTable
IsCharAlphaW
CharNextA
CopyAcceleratorTableW
SetDlgItemInt

urlmon

HlinkNavigateMoniker
CopyBindInfo
HlinkSimpleNavigateToString
SetSoftwareUpdateAdvertisementState
HlinkSimpleNavigateToMoniker
CreateURLMoniker
ObtainUserAgentString
CreateFormatEnumerator
HlinkGoForward
RegisterFormatEnumerator
URLOpenPullStreamW
URLDownloadToCacheFileA
CopyStgMedium
GetClassURL
RegisterMediaTypes

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

524b3589a6935c5c932aa74b4b769a1e

Headers

File Characteristics

Imports

advapi32

wininet

shlwapi

gdi32

kernel32

user32

urlmon

Sections

.text Size: 64KB - Virtual size: 62KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 34KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 34KB

.rsrc
Size: 16KB - Virtual size: 14KB