2efe6c8ac85502b679fb4f7464fbfe8a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2efe6c8ac85502b679fb4f7464fbfe8a_JaffaCakes118
Size

1.8MB
MD5

2efe6c8ac85502b679fb4f7464fbfe8a
SHA1

2cb6cdafc22ada6dbb0416ce49e4cd5e3b9606b4
SHA256

d491754a64bc042dc07085ed81cd604ef2ab0b1d2707b7683ada06d8851b97af
SHA512

b103eae2c6630e91f2379e898a36e1d6ffe4cf5e1f5fc40c7d1953ee0576836ec42c97d18bf49d0ebf94a5d9d68559ab8a6359d82d282ce061a4d47b5375d8d1
SSDEEP

49152:9f7kQXbXFeKv/Kzik+V0Al+MUt9Mbel7Eim/2PHda9:5kypeKv/c+6Al+MUTR02PHd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2efe6c8ac85502b679fb4f7464fbfe8a_JaffaCakes118

Files

2efe6c8ac85502b679fb4f7464fbfe8a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

15478decef36a89a6b19f5d6ee95fbaf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCursorInfo
SetCurrentDirectoryA
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetTapePosition
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TerminateProcess
TerminateThread
UnhandledExceptionFilter
SetCommState
WriteFile
WritePrivateProfileStringA
_lclose
_llseek
_lopen
lstrcatA
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcpyA
lstrcpynA
lstrcpynW
lstrlenA
lstrlenW
RtlUnwind
ResetEvent
RemoveDirectoryA
ReleaseMutex
ReadFile
RaiseException
QueryPerformanceCounter
PulseEvent
OpenProcess
MulDiv
LockResource
LocalFree
LocalFileTimeToFileTime
LocalAlloc
LoadResource
LoadLibraryExW
LoadLibraryExA
LoadLibraryA
IsDBCSLeadByte
HeapSetInformation
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
GetTickCount
GetTempPathA
GetTempFileNameA
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryA
GetStartupInfoW
GetStartupInfoA
GetShortPathNameA
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameA
GetLongPathNameW
GetLastError
GetFileAttributesA
GetExitCodeProcess
GetDriveTypeA
GetDiskFreeSpaceA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentDirectoryA
GetConsoleWindow
GetCommandLineW
GetCommandLineA
GetCommModemStatus
GetAtomNameW
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FormatMessageA
FindResourceA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToSystemTime
ExpandEnvironmentStringsA
ExitProcess
EnumSystemLocalesA
EnumResourceLanguagesA
DosDateTimeToFileTime
DeleteFileA
CreateToolhelp32Snapshot
CreateThread
CreateRemoteThread
CreateProcessA
CreateMutexW
CreateMutexA
CreateFileA
CreateEventA
CreateDirectoryA
CompareStringW
CloseHandle
WaitForSingleObject
BindIoCompletionCallback

user32

IsCharAlphaA
GetMenu
GetMessagePos
VkKeyScanA
IsCharAlphaW
CopyIcon
GetKeyboardLayout
GetMenuCheckMarkDimensions
VkKeyScanW
GetClipboardSequenceNumber
IsWindow
GetWindowTextLengthA
LoadCursorFromFileA
GetListBoxInfo
GetMenuContextHelpId
IsClipboardFormatAvailable
CharLowerA
GetDoubleClickTime
IsCharUpperA
CountClipboardFormats
GetForegroundWindow
PaintDesktop
IsGUIThread
EnumClipboardFormats
CloseWindow
GetWindowTextLengthW
CloseClipboard
GetAsyncKeyState
GetCaretBlinkTime
DestroyIcon
DestroyCursor
GetClipboardData
IsWindowUnicode
EndMenu
CreatePopupMenu
WindowFromDC
AnyPopup
GetFocus
GetMessageTime
IsWindowEnabled
OemKeyScan
CharNextW
IsMenu
LoadIconA
wsprintfW
wsprintfA
WinHelpW
UnpackDDElParam
UnhookWinEvent
TranslateMessage
TranslateAccelerator
ToUnicode
TabbedTextOutA
SystemParametersInfoW
SubtractRect
ShowWindow
SetWindowsHookExA
SetWindowTextA
SetWindowRgn
SetWindowPos
SetWindowLongA
SetTimer
SetThreadDesktop
SetRect
SetProcessWindowStation
SetMenuItemBitmaps
SetMenuDefaultItem
SetForegroundWindow
SetDlgItemTextA
SendMessageW
SendMessageTimeoutW
SendMessageA
SendDlgItemMessageA
ReleaseDC
RegisterWindowMessageW
RealGetWindowClassW
PostMessageW
PeekMessageA
OpenWindowStationW
OpenInputDesktop
OpenDesktopW
MsgWaitForMultipleObjects
MessageBoxW
MessageBoxA
MessageBeep
LoadStringW
LoadStringA
LoadImageW
LoadImageA
KillTimer
IsWindowVisible
IsIconic
IsDlgButtonChecked
IsDialogMessageW
IsDialogMessage
IsCharLowerW
IsCharAlphaNumericW
GetWindowRect
GetWindowModuleFileNameA
GetWindowModuleFileName
GetWindowLongA
GetUserObjectSecurity
GetUserObjectInformationW
GetThreadDesktop
GetSystemMetrics
GetSystemMenu
GetSysColor
GetScrollPos
GetPropA
GetProcessWindowStation
GetMonitorInfoA
GetMessageW
GetDlgItemTextA
GetDlgItem
GetDesktopWindow
GetDC
GetCursor
GetClipboardFormatNameW
ExitWindowsEx
EndDialog
EnableWindow
DrawFrame
DrawCaption
DlgDirListA
DispatchMessageW
DispatchMessageA
DialogBoxParamW
DialogBoxIndirectParamA
DestroyWindow
DdeImpersonateClient
CreateDialogParamW
CreateDialogIndirectParamA
CloseWindowStation
CloseDesktop
CheckDlgButton
CharUpperA
CharToOemBuffW
CharPrevA
CharNextA
ChangeDisplaySettingsW
CallWindowProcA
CallMsgFilterW
AttachThreadInput
AppendMenuW
ActivateKeyboardLayout
PostQuitMessage

gdi32

CloseMetaFile
GetSystemPaletteUse
GdiGetBatchLimit
AddFontResourceW
GetTextCharacterExtra
CreateMetaFileA
GetStretchBltMode
SaveDC
SwapBuffers
GetDCBrushColor
BeginPath
CreateMetaFileW
CancelDC
AbortDoc
DeleteColorSpace
DeleteEnhMetaFile
GetTextColor
GetPolyFillMode
StartDocA
SetTextCharacterExtra
SetMetaFileBitsEx
GetMetaFileW
SetColorAdjustment
SetBkColor
SetArcDirection
STROBJ_dwGetCodePage
RealizePalette
NamedEscape
HT_Get8BPPFormatPalette
GetTextCharset
GetStockObject
GetRgnBox
GetROP2
GetPixelFormat
GetPixel
GetObjectType
DeleteDC
ChoosePixelFormat
GetLogColorSpaceA
GetGraphicsMode
GetEUDCTimeStampExW
GetDeviceCaps
GetDCPenColor
GdiStartDocEMF
GdiSetLastError
GdiReleaseLocalDC
GdiReleaseDC
GdiProcessSetup
GdiPlayDCScript
GdiGetDC
GdiEntry3
FONTOBJ_vGetInfo
FONTOBJ_cGetGlyphs
EngUnicodeToMultiByteN
EngStrokeAndFillPath
EngDeletePath
EngDeletePalette
CreateFontA
GetNearestColor

advapi32

RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
IsWellKnownSid
GetTokenInformation
GetSecurityDescriptorDacl
GetAclInformation
GetAce
FreeSid
EqualSid
DuplicateTokenEx
CheckTokenMembership
AllocateAndInitializeSid
AdjustTokenPrivileges
RegOpenKeyA

shell32

ShellHookProc
ShellExecuteW
ShellExecuteEx
ShellAboutA
SHIsFileAvailableOffline
SHGetMalloc
SHGetFolderPathA
SHGetDiskFreeSpaceA
SHGetDesktopFolder
SHGetDataFromIDListW
SHFileOperationW
SHEmptyRecycleBinW
SHCreateProcessAsUserW
ExtractIconEx
ExtractAssociatedIconExW
DragQueryFileW
DoEnvironmentSubstW

ole32

CoInitialize
CoTaskMemFree
CoCreateInstance

shlwapi

StrStrIW
StrChrA

msvcrt

_c_exit
wcscpy
wcscmp
wcschr
_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_cexit
_controlfp
_except_handler3
_exit
_initterm
_wcsicmp
exit
iswalpha

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15478decef36a89a6b19f5d6ee95fbaf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 33KB - Virtual size: 32KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 2KB - Virtual size: 2KB