5dc67ff3169916123d98b6a848ac768a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5dc67ff3169916123d98b6a848ac768a_JaffaCakes118
Size

524KB
MD5

5dc67ff3169916123d98b6a848ac768a
SHA1

2aacd65772a50d313856f9f0f8c32fd17feaf160
SHA256

65258b0f0edba23cfaa9e3305f950ce908f62095d9094a4b549023de0932e770
SHA512

28dfdd53eb3825bc2e664a83323098c244ad54097a6bd8390c67bfd4c9718a2cca8b118db7fb57b04d8c08c7ab2ba182be7a3d107a0b3999ad6503d464a8aa91
SSDEEP

12288:pdZN7lYBPWkuaYWdm7/PC4ox9XUQz804RmAwV:pEKZWdm7/4pKmA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
5dc67ff3169916123d98b6a848ac768a_JaffaCakes118

Files

5dc67ff3169916123d98b6a848ac768a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

59c9e75ee4eabfac7b59b8e95fe09e60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

odbc32

ord31
ord75
ord11
ord4
ord13
ord72
ord9
ord41
ord24
ord19
ord12
ord29
ord36
ord16

kernel32

GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
IsBadReadPtr
IsBadCodePtr
FreeEnvironmentStringsW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
FreeEnvironmentStringsA
GetProfileStringA
InterlockedExchange
CopyFileA
FreeConsole
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapSize
HeapReAlloc
TerminateProcess
GetACP
GetSystemTime
GetTimeZoneInformation
ExitProcess
GetCommandLineA
GetStartupInfoA
RaiseException
HeapFree
HeapAlloc
RtlUnwind
GetTickCount
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
GetOEMCP
GetCPInfo
SizeofResource
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFlags
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
GetFileAttributesA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalAlloc
GetCurrentThread
lstrcmpA
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpiA
GetModuleHandleA
lstrcatA
GlobalGetAtomNameA
lstrcpyA
GlobalLock
GlobalUnlock
GlobalFree
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetSystemDirectoryA
CreateFileA
GetFileSize
CloseHandle
MoveFileExA
LocalAlloc
LocalLock
LocalUnlock
GetModuleHandleW
GetLocalTime
GetProcAddress
LoadLibraryA
FreeLibrary
lstrcpynA
MultiByteToWideChar
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetCurrentThreadId
SetLastError
FindResourceA
LoadResource
LockResource
MulDiv
GetLastError
FormatMessageA
LocalFree
GetVersion
GetVersionExA
GetModuleFileNameA

user32

SendDlgItemMessageA
MapWindowPoints
DispatchMessageA
ScreenToClient
DeferWindowPos
ScrollWindow
GetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
RegisterClassA
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
GetClassLongA
GetMessageTime
GetWindowPlacement
IsIconic
GetFocus
InvalidateRect
UnpackDDElParam
ReuseDDElParam
WinHelpA
SetMenu
SetFocus
GetWindow
SetCursor
PeekMessageA
LoadAcceleratorsA
RegisterWindowMessageA
RedrawWindow
SetWindowPos
DefMDIChildProcA
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
CreateWindowExA
BringWindowToTop
AdjustWindowRectEx
InvertRect
ReleaseCapture
ClientToScreen
GetCapture
SetCapture
GetKeyState
PtInRect
GetForegroundWindow
GetLastActivePopup
LoadCursorA
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
BeginDeferWindowPos
EndDeferWindowPos
GetDlgCtrlID
DestroyCursor
IsWindowVisible
SetParent
SetRectEmpty
wsprintfA
GetCursorPos
PostThreadMessageA
PostMessageA
LoadMenuA
SetMenuDefaultItem
KillTimer
SetTimer
DestroyMenu
CallNextHookEx
GetClassNameA
SetPropA
GetDCEx
CallWindowProcA
GetPropA
RemovePropA
UnhookWindowsHookEx
SetWindowsHookExA
GetParent
GetWindowDC
ReleaseDC
IntersectRect
IsRectEmpty
DestroyIcon
DeleteMenu
DrawMenuBar
GetMenuState
SetScrollInfo
SendMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
IsWindow
GetSystemMenu
LoadIconA
GetMenuStringA
CreateMenu
CreatePopupMenu
GetDesktopWindow
LoadBitmapA
ModifyMenuA
InsertMenuA
AppendMenuA
DrawEdge
SetRect
FillRect
DrawFocusRect
GetMessagePos
DrawStateA
GetSystemMetrics
InflateRect
GetSysColor
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenuItemInfoA
IsMenu
GetDC
EqualRect
GetMenu
WindowFromDC
CopyRect
OffsetRect
SystemParametersInfoA
MessageBoxA
GetWindowRect
GetClassInfoA
RemoveMenu
UpdateWindow
ShowWindow
FindWindowA
SetForegroundWindow
GetWindowLongA
SetWindowLongA
GetClientRect
EnableWindow
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableA
CharNextA
CharUpperA
GetTabbedTextExtentA
LockWindowUpdate
GetSysColorBrush
WindowFromPoint
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
SetCursorPos
IsZoomed
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
ShowOwnedPopups
PostQuitMessage
LoadStringA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MoveWindow
SetWindowTextA
IsDialogMessageA
TrackPopupMenu
SetDlgItemTextA

gdi32

GetCharWidthA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
DeleteObject
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
RectVisible
TextOutA
Escape
GetMapMode
SetRectRgn
CombineRgn
LPtoDP
GetBkColor
GetNearestColor
GetTextColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
StretchDIBits
CreateRectRgnIndirect
CreateBitmap
DeleteDC
CreateDCA
SetAbortProc
StartDocA
StartPage
EndPage
EndDoc
AbortDoc
GetViewportOrgEx
CreatePen
DPtoLP
GetStockObject
PatBlt
GetDeviceCaps
SetBkColor
SetTextColor
GetClipBox
ExtTextOutA
SelectObject
GetTextMetricsA
BitBlt
GetPixel
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
SetPixel
Rectangle
CreateFontIndirectA
CreateSolidBrush
CreateFontA
RoundRect
CreateDIBitmap
GetTextExtentPointA
GetTextExtentPoint32A

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
PrintDlgA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

SetFileSecurityA
RegCloseKey
RegSetValueExA
RegCreateKeyA
RegQueryValueExA
RegOpenKeyExA
RegConnectRegistryA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
QueryServiceStatus
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegSetValueA
GetFileSecurityA
CryptAcquireContextA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
Shell_NotifyIconA
SHGetMalloc
ExtractIconA

comctl32

ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_Draw
ImageList_GetIconSize
ImageList_GetIcon
ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

oledlg

ord8

ole32

OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoUninitialize
CoInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
VariantTimeToSystemTime
SysStringLen

msimg32

GradientFill

Exports

Exports

SDASQFddefgshdSSSgfdtEghfIITFDSSSSS

Sections

.text
Size: 336KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59c9e75ee4eabfac7b59b8e95fe09e60

Headers

File Characteristics

Imports

odbc32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

msimg32

Exports

Exports

Sections

.text Size: 336KB - Virtual size: 332KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 16KB - Virtual size: 31KB

.rsrc Size: 92KB - Virtual size: 90KB

.text
Size: 336KB - Virtual size: 332KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 16KB - Virtual size: 31KB

.rsrc
Size: 92KB - Virtual size: 90KB