3f689e796d6d0d65b7a742880d21ac97_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3f689e796d6d0d65b7a742880d21ac97_JaffaCakes118
Size

3.4MB
MD5

3f689e796d6d0d65b7a742880d21ac97
SHA1

a296cd060f5331001251cd59c2b2730b3db43d97
SHA256

7322f70e06112dcdbd7f3fe6422ac477e5e5eb6dc027ad3f717c8dadc8706039
SHA512

aa506e45a69f4318be72a713db021b19a634f1287394a34fbe326a3dfd5511f085218913ecdfaa14a4e5bc2c3ff0affdca2749ba8247b3f04234e148a5a6ea36
SSDEEP

49152:U89nwonUXJK2qmngTTHQVOwkBc9ODyxN50bj2qYYTWttR:B9SWDPwO8PR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
3f689e796d6d0d65b7a742880d21ac97_JaffaCakes118

Files

3f689e796d6d0d65b7a742880d21ac97_JaffaCakes118
.exe windows:6 windows x86 arch:x86

bbdacf39f169430875a6d6bbcc463b1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\govern\Gray\Them\Laughyet.pdb

Imports

kernel32

GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
FindFirstFileExW
FindNextFileW
GetOEMCP
IsValidCodePage
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
GetStringTypeW
GetCPInfo
GetACP
ExitProcess
SetStdHandle
QueryPerformanceFrequency
WriteConsoleW
GetFileType
GetStdHandle
VirtualAlloc
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
HeapValidate
GetModuleHandleExW
GetModuleFileNameA
RtlUnwind
OutputDebugStringW
VirtualQuery
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
SearchPathW
ResetEvent
GetTempPathW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
lstrcpyW
lstrcmpiW
GetCurrentProcess
GetHandleInformation
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FindFirstFileW
FindClose
FindResourceExW
GetUserDefaultUILanguage
CompareStringW
GlobalFlags
WaitForSingleObject
SetEvent
FileTimeToSystemTime
GetProfileIntW
GetVersionExW
ResumeThread
SetThreadPriority
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
FreeLibrary
GetSystemDirectoryW
EncodePointer
LoadLibraryA
lstrcmpA
CopyFileW
FormatMessageW
MulDiv
GlobalSize
WideCharToMultiByte
GetCurrentProcessId
LocalReAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetAtomNameW
GlobalGetAtomNameW
MultiByteToWideChar
FindResourceW
SizeofResource
LockResource
LoadResource
GetProcAddress
GetModuleHandleW
GetModuleHandleA
OutputDebugStringA
VirtualProtect
FlushFileBuffers
GetTickCount
CreateProcessW
GetProcessHeap
DeleteCriticalSection
LocalFree
GetWindowsDirectoryW
DecodePointer
GetCurrentDirectoryW
GetLocalTime
HeapAlloc
LoadLibraryW
GetSystemInfo
RaiseException
CloseHandle
HeapReAlloc
GetLastError
Sleep
CreateEventW
HeapSize
GetCurrentThreadId
CreateFileW
LocalAlloc
GetEnvironmentVariableW
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
RemoveDirectoryW
GetCommandLineW
SetLastError
HeapFree
GetCommandLineA

user32

InvertRect
LoadBitmapW
GetDC
GetWindowDC
EndPaint
ClientToScreen
ScreenToClient
GetSysColor
CopyRect
GetFocus
GetMenuCheckMarkDimensions
RegisterWindowMessageW
DispatchMessageW
GetMessagePos
GetMessageTime
CallWindowProcW
RegisterClassW
GetClassInfoW
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
GetDlgCtrlID
SetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
TrackPopupMenu
SetActiveWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetWindowTextLengthW
GetClientRect
GetWindowRect
AdjustWindowRectEx
EqualRect
PtInRect
SetWindowLongW
GetClassLongW
GetClassNameW
GetTopWindow
GetWindow
SetWindowsHookExW
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
GetMonitorInfoW
PostThreadMessageW
ShowOwnedPopups
IsWindowVisible
IsIconic
BringWindowToTop
IsZoomed
GetNextDlgGroupItem
GetNextDlgTabItem
OpenClipboard
GetActiveWindow
SetCapture
SetTimer
KillTimer
DrawMenuBar
GetSystemMenu
UpdateWindow
GetForegroundWindow
GetUpdateRect
SetWindowRgn
GetWindowRgn
CheckMenuItem
RedrawWindow
LockWindowUpdate
ShowScrollBar
EnableScrollBar
HideCaret
WindowFromPoint
GetDesktopWindow
SetParent
LoadCursorW
FrameRect
NotifyWinEvent
ShowWindow
MoveWindow
CheckDlgButton
SetWindowTextW
IsDialogMessageW
CreateDialogIndirectParamW
EndDialog
GetCursorPos
SetRect
OffsetRect
SetRectEmpty
GetMessageW
ReleaseCapture
SetCursor
InflateRect
GetAsyncKeyState
LoadAcceleratorsW
TranslateAcceleratorW
IntersectRect
DestroyIcon
LoadImageW
UnpackDDElParam
ReuseDDElParam
GetKeyNameTextW
MapVirtualKeyW
SystemParametersInfoW
TranslateMessage
RealChildWindowFromPoint
CopyImage
SendDlgItemMessageA
GetClipboardFormatNameA
GetClipboardFormatNameW
IsRectEmpty
UnionRect
CharUpperW
TrackMouseEvent
DrawIconEx
GetIconInfo
MessageBeep
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongW
CloseClipboard
SetClipboardData
SetCursorPos
CopyIcon
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
GetDoubleClickTime
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
DestroyCursor
DestroyMenu
EnumWindows
ValidateRect
MapWindowPoints
EmptyClipboard
FillRect
DrawFocusRect
GetSysColorBrush
DrawStateW
GrayStringW
DrawTextExW
DrawTextW
DrawIcon
SetMenuDefaultItem
GetSystemMetrics
CallNextHookEx
CreateWindowExW
GetMenuDefaultItem
SetMenuItemInfoW
GetMenuItemInfoW
InsertMenuItemW
SetMenuItemBitmaps
DeleteMenu
ModifyMenuW
CreatePopupMenu
CreateMenu
LoadMenuW
DrawFrameControl
DrawEdge
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
IsMenu
GetLastActivePopup
GetWindowThreadProcessId
GetParent
MessageBoxW
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
MapDialogRect
TabbedTextOutW
IsWindow
SendMessageW
PostMessageW
PeekMessageW
DefWindowProcW
GetWindowLongW
GetClassInfoExW
UnhookWinEvent
SetForegroundWindow
EnableMenuItem
InvalidateRect
ReleaseDC
BeginPaint
PostQuitMessage

comctl32

ImageList_LoadImageW
ImageList_Draw
CreateStatusWindowW
CreateToolbarEx
DestroyPropertySheetPage
ord17
ImageList_SetOverlayImage

comdlg32

GetSaveFileNameW
ReplaceTextW
GetOpenFileNameW

ole32

CoDisconnectObject
CoInitializeEx
CreateStreamOnHGlobal
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleUninitialize
CoInitialize
OleCreate
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoUninitialize
CoCreateInstance
OleInitialize

oleaut32

SysFreeString
VariantInit
SysAllocStringLen
VariantChangeType
VariantClear
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
VarBstrFromDate
SysAllocString

shlwapi

PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
StrFormatKBSizeW
PathUnquoteSpacesW

advapi32

RegEnumKeyExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
SystemFunction036

winmm

timeEndPeriod
waveOutOpen
waveOutClose
timeBeginPeriod
PlaySoundW

oleacc

AccessibleObjectFromPoint
GetOleaccVersionInfo
AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdi32

LineTo
IntersectClipRect
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetClipBox
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
SetDIBColorTable
CreateDIBSection
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetSystemPaletteEntries
EnumFontFamiliesExW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
MoveToEx
ExcludeClipRect
DeleteObject
DeleteDC
GetTextFaceW
Polyline
Polygon
LPtoDP
DPtoLP
CreatePolygonRgn
TextOutW
GetObjectW
GetTextMetricsW
SetRectRgn
StretchBlt
SetPixelV
SetPixel
SetPaletteEntries
SelectObject
RoundRect
RealizePalette
Rectangle
RectVisible
PtVisible
PtInRegion
PatBlt
OffsetRgn
GetWindowOrgEx
GetWindowExtEx
GetViewportOrgEx
GetViewportExtEx
GetTextExtentPoint32W
GetTextColor
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectType
GetNearestPaletteIndex
GetBoundsRect
GetBkColor
FrameRgn
FillRgn
ExtFloodFill
Escape
Ellipse
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgnIndirect
CreateRectRgn
CreatePatternBrush
CreatePen
CreatePalette
CreateHatchBrush
ExtTextOutW
CreateFontIndirectW
CreateEllipticRgn
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CombineRgn
BitBlt
GetDeviceCaps
CreateDCW
CopyMetaFileW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

shell32

SHBrowseForFolderW
DragQueryFileW
DragFinish
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHAppBarMessage
ShellExecuteW
SHGetDesktopFolder

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

uxtheme

OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeParentBackground
IsAppThemed

msimg32

AlphaBlend
TransparentBlt

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 465KB - Virtual size: 465KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 997KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbdacf39f169430875a6d6bbcc463b1e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

comdlg32

ole32

oleaut32

shlwapi

advapi32

winmm

oleacc

gdi32

winspool.drv

shell32

gdiplus

uxtheme

msimg32

imm32

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 465KB - Virtual size: 465KB

.data Size: 19KB - Virtual size: 997KB

.tls Size: 512B - Virtual size: 9B

.gfids Size: 512B - Virtual size: 248B

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 465KB - Virtual size: 465KB

.data
Size: 19KB - Virtual size: 997KB

.tls
Size: 512B - Virtual size: 9B

.gfids
Size: 512B - Virtual size: 248B

.rsrc
Size: 1KB - Virtual size: 1KB