43ed0f7fd39d30324a543306093e0b5c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

43ed0f7fd39d30324a543306093e0b5c_JaffaCakes118
Size

989KB
MD5

43ed0f7fd39d30324a543306093e0b5c
SHA1

d7a8a77f1f4dcfef3c995baa58f058fff4d948f4
SHA256

e6244393ce6e9b3415e40023831737809a7a3e25c6e0ccd0d5d95c1c5e1bc281
SHA512

fbce3e86a1f5ba6dcceb8410e83891bbd2934bc78e3e67a5947b532cdf4f2466d6f21b8634b99a9f037615045067627b6db66483859f18b9856fe5803e149200
SSDEEP

24576:/D5KobIRq5Ik3E+Wkpqg2bZZ82NNzjLrcUZHSE5wHlXmA4WXe2NNS2VCpIx:FK4I+vFpUZZ/NNv5ye2NNS2CG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43ed0f7fd39d30324a543306093e0b5c_JaffaCakes118

Files

43ed0f7fd39d30324a543306093e0b5c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

65d670f559e5b904a4cb818441118d3d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GlobalGetAtomNameW
SetErrorMode
GetStartupInfoW
RtlUnwind
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
ExitThread
SetStdHandle
GetFileType
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapCreate
GlobalReAlloc
TlsAlloc
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetCurrentDirectoryA
GetDriveTypeA
GetProcessHeap
SetEnvironmentVariableA
TlsGetValue
LocalAlloc
InterlockedCompareExchange
VirtualFree
GlobalHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
VirtualProtect
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetFileTime
GetFileSizeEx
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
SuspendThread
ResumeThread
SetThreadPriority
FileTimeToLocalFileTime
FindNextFileW
lstrcmpA
GetCurrentProcessId
RaiseException
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GetModuleHandleA
GlobalFree
FormatMessageW
LocalFree
MulDiv
GetFileSize
FileTimeToSystemTime
SetFileTime
GetCurrentDirectoryW
GetFileAttributesW
LocalFileTimeToFileTime
SystemTimeToFileTime
ReadFile
SetFilePointer
SetPriorityClass
DeviceIoControl
GetTickCount
TerminateProcess
CopyFileW
GetCommandLineW
RemoveDirectoryW
CreateFileW
WriteFile
VirtualFreeEx
GetCurrentProcess
CreateEventW
GlobalAlloc
GlobalLock
GlobalUnlock
ExitProcess
OutputDebugStringW
lstrcpyW
InterlockedIncrement
WritePrivateProfileStringW
WaitForSingleObject
GetModuleFileNameW
GetTempPathW
SetFileAttributesW
WriteProcessMemory
GetWindowsDirectoryW
GetSystemDirectoryW
lstrlenW
lstrlenA
CreateDirectoryW
FindClose
FindFirstFileW
InterlockedDecrement
GetVersionExW
DeleteFileW
Sleep
MoveFileW
MultiByteToWideChar
OpenProcess
VirtualAllocEx
SetEvent
CreateThread
CloseHandle
GetPrivateProfileStringW
GetLastError
SetLastError
LoadLibraryW
FreeLibrary
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleHandleW
GetProcAddress

user32

GetSysColorBrush
IsRectEmpty
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
CharNextW
CharUpperW
GetMessageW
ValidateRect
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
GetActiveWindow
CreateDialogIndirectParamW
IsWindowEnabled
GetNextDlgTabItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
CopyAcceleratorTableW
MessageBeep
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
ClientToScreen
GrayStringW
DrawTextExW
TabbedTextOutW
GetMenuState
SetWindowRgn
GetWindowRect
EnableWindow
PostMessageW
wsprintfW
DrawTextW
GetDlgItem
GetParent
ShowWindow
GetClassInfoW
GetMenuItemID
GetMenuItemCount
CheckMenuItem
AppendMenuW
CreatePopupMenu
InflateRect
LoadIconW
UpdateWindow
DrawIcon
SetRect
InvalidateRgn
UnregisterClassW
SetRectEmpty
PostThreadMessageW
RegisterClipboardFormatW
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
MapWindowPoints
TranslateAcceleratorW
TranslateMessage
GetClientRect
GetNextDlgGroupItem
ScrollWindow
InvalidateRect
SetWindowLongW
GetWindowLongW
IsWindow
LoadImageW
ScreenToClient
SendMessageW
GetMessagePos
CopyRect
PtInRect
OffsetRect
LoadBitmapW
FillRect
IsWindowVisible
SetTimer
SetCapture
LoadCursorW
ReleaseCapture
GetCursorPos
GetDC
GetWindow
GetDesktopWindow
GetWindowThreadProcessId
SetPropW
GetPropW
MessageBoxW
SendMessageTimeoutW
GetClassNameW
GetSubMenu
LoadMenuW
KillTimer
FindWindowW
SetForegroundWindow
GetForegroundWindow
IsIconic
SetCursor
EnumWindows
FindWindowExW
MessageBoxExW
EndDialog
SetWindowPos
GetSystemMetrics
CloseWindow

gdi32

ExtSelectClipRgn
CreatePatternBrush
CreateBitmap
CreateSolidBrush
GetBkColor
GetTextColor
GetMapMode
CreateEllipticRgn
Ellipse
GetRgnBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
CreateRectRgnIndirect
CreateRoundRectRgn
MoveToEx
LineTo
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
LPtoDP
CreateFontIndirectW
DeleteDC
GetStockObject
GetPixel
GetTextExtentPoint32W
Rectangle
CreateCompatibleBitmap
SelectObject
GetObjectW
DeleteObject
BitBlt
CreateCompatibleDC
GetViewportExtEx

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

shell32

DragFinish
ShellExecuteExW
Shell_NotifyIconW
ShellExecuteW
SHGetFolderPathW
DragQueryFileW
SHGetSpecialFolderPathW

shlwapi

PathIsUNCW
PathFindExtensionW
PathFindFileNameW
UrlUnescapeW
PathStripToRootW

oledlg

OleUIBusyW

ole32

CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleUninitialize
OleFlushClipboard
CoRegisterMessageFilter
CoUninitialize
CoCreateInstance
OleRun
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromString
CoTaskMemAlloc
CoSetProxyBlanket
CoInitializeSecurity
CoTaskMemFree
CLSIDFromProgID
CoInitializeEx
OleIsCurrentClipboard
CoInitialize

oleaut32

VariantInit
VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysStringLen
VariantChangeType
SysAllocStringLen
SafeArrayDestroy
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
DispCallFunc
LoadRegTypeLi
OleCreateFontIndirect
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayCreate
SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
GetErrorInfo

wininet

HttpOpenRequestW
InternetConnectW
HttpSendRequestW
InternetWriteFile
InternetSetFilePointer
InternetGetLastResponseInfoW
HttpAddRequestHeadersW
InternetQueryDataAvailable
InternetSetOptionExW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetCheckConnectionW
InternetGetConnectedState
InternetCloseHandle
InternetReadFile
InternetOpenUrlW
InternetOpenW
InternetSetStatusCallbackW
InternetSetOptionW
HttpQueryInfoW

psapi

EnumProcesses
GetModuleFileNameExW
EnumProcessModules

wsock32

WSAStartup
WSACleanup
WSASetLastError

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 577KB - Virtual size: 576KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65d670f559e5b904a4cb818441118d3d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

wininet

psapi

wsock32

iphlpapi

Sections

.text Size: 577KB - Virtual size: 576KB

.rdata Size: 133KB - Virtual size: 133KB

.data Size: 14KB - Virtual size: 31KB

.rsrc Size: 263KB - Virtual size: 263KB

.text
Size: 577KB - Virtual size: 576KB

.rdata
Size: 133KB - Virtual size: 133KB

.data
Size: 14KB - Virtual size: 31KB

.rsrc
Size: 263KB - Virtual size: 263KB