45a987abf1a51f412b843a26eb943c42_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45a987abf1a51f412b843a26eb943c42_JaffaCakes118
Size

566KB
MD5

45a987abf1a51f412b843a26eb943c42
SHA1

e9ca05cc54415a994bd9a9bf42fe449f535ed16b
SHA256

1ba149f9742e9ee4564c4bb2a89ebcec1678042047fb0491347562fd885e03ca
SHA512

46ca4811bafc6a43c2a087e1eac6ead518aee6c5ce2589802eddb3f84d633a0c35e0d670bb0ca2f6a738828da9ccb13861cae427a210ae94c5cc5611f417b327
SSDEEP

6144:huJkz5byiN3ckxMeSLSGXRnXQ+YIr/UkovEq7p4yBNJzqwYCXw5m:huJkzUiNp3SLScXXT8h7I4w5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45a987abf1a51f412b843a26eb943c42_JaffaCakes118

Files

45a987abf1a51f412b843a26eb943c42_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a207c19388791a0dcfc6199a8ff92f78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetSystemDirectoryA
GetTempPathA
GetTickCount
GetUserDefaultLangID
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
LoadLibraryA
LocalFileTimeToFileTime
LocalFree
MapViewOfFile
MoveFileExA
MultiByteToWideChar
GetPrivateProfileStringA
ReleaseMutex
RemoveDirectoryA
SetEndOfFile
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
Sleep
UnmapViewOfFile
WaitForSingleObject
WinExec
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpiA
GetModuleHandleW
VirtualAlloc
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetFileSize
GetFileAttributesA
GetCurrentThreadId
GetCurrentProcess
FreeLibrary
FormatMessageA
DosDateTimeToFileTime
DeleteFileA
CreateProcessA
CreateMutexA
CreateFileMappingA
CreateFileA
CreateEventA
CreateDirectoryA
CopyFileA
CompareStringA
ReadFile
CloseHandle

user32

FindWindowExA
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetCaretPos
GetClientRect
GetComboBoxInfo
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDialogBaseUnits
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyState
GetKeyboardLayout
GetKeyboardState
GetLastActivePopup
GetMenu
GetMenuBarInfo
GetMenuCheckMarkDimensions
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMessagePos
GetMessageTime
GetNextDlgGroupItem
GetNextDlgTabItem
GetParent
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTitleBarInfo
GetTopWindow
GetUpdateRect
GetWindow
GetWindowDC
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowTextA
GetWindowThreadProcessId
HideCaret
InSendMessage
InflateRect
InsertMenuA
IntersectRect
InvalidateRect
InvalidateRgn
InvertRect
IsChild
IsDlgButtonChecked
IsIconic
IsMenu
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapA
LoadIconA
LoadImageA
LockWindowUpdate
MapDialogRect
MapWindowPoints
MessageBeep
MessageBoxA
MonitorFromPoint
MonitorFromWindow
MoveWindow
MsgWaitForMultipleObjectsEx
NotifyWinEvent
OffsetRect
OpenClipboard
PostMessageA
FindWindowA
PostThreadMessageA
PtInRect
RealChildWindowFromPoint
RedrawWindow
ReleaseCapture
ReleaseDC
RemoveMenu
ReuseDDElParam
ScreenToClient
ScrollWindow
ScrollWindowEx
SendDlgItemMessageA
SendInput
SendMessageA
SetActiveWindow
SetCapture
SetClipboardData
SetCursor
SetCursorPos
SetDlgItemInt
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetMenu
DestroyIcon
SetMenuItemBitmaps
SetParent
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowContextHelpId
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowRgn
ShowOwnedPopups
ShowScrollBar
ShowWindow
SubtractRect
ToAsciiEx
ToUnicodeEx
TrackPopupMenu
TrackPopupMenuEx
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnpackDDElParam
UpdateLayeredWindow
UpdateWindow
ValidateRect
WaitForInputIdle
WaitMessage
WindowFromDC
WindowFromPoint
wsprintfA
GetClipboardData
GetThreadDesktop
GetKeyboardType
GetQueueStatus
GetWindowContextHelpId
GetListBoxInfo
GetMenuContextHelpId
EnumClipboardFormats
LoadIconW
DestroyCursor
DestroyAcceleratorTable
DeleteMenu
DeferWindowPos
CreatePopupMenu
CreateMenu
CopyRect
CopyImage
CopyIcon
CloseWindow
CloseClipboard
ClientToScreen
CheckRadioButton
CheckMenuItem
CheckDlgButton
CallNextHookEx
BringWindowToTop
FillRect
ExitWindowsEx
EqualRect
EnumWindows
EnumDisplayMonitors
EnumChildWindows
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
AdjustWindowRectEx
BeginDeferWindowPos
BeginPaint
EmptyClipboard
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DestroyWindow
PostQuitMessage
DestroyMenu
SetMenuDefaultItem

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegQueryValueExW
RegOpenKeyW

shell32

DragFinish
SHGetSpecialFolderLocation
SHGetMalloc
SHGetFolderPathW
SHGetFolderPathA
SHGetDesktopFolder
SHCreateDirectoryExW
SHAppBarMessage
SHAddToRecentDocs
ShellExecuteA
FindExecutableA

ole32

ReadClassStg
ReadFmtUserTypeStg
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
SetConvertStg
StgCreateDocfile
StgCreateDocfileOnILockBytes
StgIsStorageFile
StgOpenStorage
StgOpenStorageOnILockBytes
StringFromCLSID
StringFromGUID2
PropVariantCopy
WriteClassStm
WriteFmtUserTypeStg
CoRegisterMessageFilter
CoRegisterClassObject
CoLockObjectExternal
CoInitializeEx
CoInitialize
CoGetMalloc
CoGetClassObject
CoFreeUnusedLibraries
CoDisconnectObject
CoCreateInstance
OleUninitialize
OleTranslateAccelerator
OleSetMenuDescriptor
OleSetContainedObject
OleSetClipboard
OleSaveToStream
OleSave
OleRun
OleRegGetUserType
OleRegGetMiscStatus
OleRegEnumVerbs
OleQueryLinkFromData
OleQueryCreateFromData
OleLockRunning
OleLoad
OleIsRunning
OleIsCurrentClipboard
OleInitialize
OleGetIconOfClass
OleGetClipboard
OleFlushClipboard
OleDuplicateData
OleDestroyMenuDescriptor
OleCreateStaticFromData
OleCreateMenuDescriptor
OleCreateLinkToFile
OleCreateLinkFromData
OleCreateFromFile
OleCreateFromData
OleCreate
IsAccelerator
GetRunningObjectTable
GetHGlobalFromILockBytes
DoDragDrop
CreateStreamOnHGlobal
CreateOleAdviseHolder
CreateItemMoniker
CreateILockBytesOnHGlobal
CreateGenericComposite
CreateFileMoniker
CreateDataAdviseHolder
CreateBindCtx
CoUninitialize
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
WriteClassStg
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject

shlwapi

StrStrIW
SHDeleteKeyW
PathStripToRootW
PathRemoveFileSpecW
PathRemoveExtensionW
PathIsUNCW
PathIsNetworkPathW
PathFindExtensionW
PathFindFileNameW

msvcrt

vsprintf
time
strrchr
strncpy
sscanf
sprintf
scanf
memmove
malloc
isxdigit
free
exit
atoi
_write
_strdup
_setmbcp
_read
_open
_onexit
_mbsstr
_mbsnbcpy
_mbsnbcmp
_mbsnbcat
_mbsicmp
_mbscmp
_mbschr
_lseek
_ismbcupper
_ismbcspace
_ismbcdigit
_ismbcalnum
_initterm
_exit
_except_handler3
_controlfp
_close
_adjust_fdiv
_acmdln
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__getmainargs
__dllonexit
__CxxFrameHandler
_XcptFilter

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Sections

.text
Size: 466KB - Virtual size: 466KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a207c19388791a0dcfc6199a8ff92f78

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

msvcrt

imm32

Sections

.text Size: 466KB - Virtual size: 466KB

.rdata Size: 91KB - Virtual size: 91KB

.data Size: 512B - Virtual size: 272B

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 466KB - Virtual size: 466KB

.rdata
Size: 91KB - Virtual size: 91KB

.data
Size: 512B - Virtual size: 272B

.rsrc
Size: 6KB - Virtual size: 6KB