6079f2d16be35cd6aa4d6225d6d61dd5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6079f2d16be35cd6aa4d6225d6d61dd5_JaffaCakes118
Size

1.8MB
MD5

6079f2d16be35cd6aa4d6225d6d61dd5
SHA1

c47b3d3936041acfb2069a883ea25a8d17b976ef
SHA256

f714d214cbc968eabb697e2a63427ae7cfa86a358c0e80da0e887bbaf33b0245
SHA512

c4c04947d45307b8d17c7eae8ff28da6e02de198791708767bb03c82a0207d529a7e34d97b01ab2ebc4678f1a32b212d17ee47f91a03ac1da47511e2b2296d50
SSDEEP

49152:rEOYCOyarEdD8YPujyuAJhqDI0quQql3DnxN:slyacIAuyJhqEEQql3t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6079f2d16be35cd6aa4d6225d6d61dd5_JaffaCakes118

Files

6079f2d16be35cd6aa4d6225d6d61dd5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ea18e51c79e6b4433b2fecde37e652b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCursorInfo
SetCurrentDirectoryA
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetTapePosition
SizeofResource
SuspendThread
TerminateProcess
TerminateThread
WaitForSingleObject
WriteFile
SetCommState
_lclose
_llseek
_lopen
lstrcatA
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcpyA
lstrcpynA
lstrcpynW
lstrlenA
Sleep
RtlUnwind
ResetEvent
RemoveDirectoryA
ReleaseMutex
ReadFile
RaiseException
QueryPerformanceCounter
PulseEvent
OpenProcess
MulDiv
LockResource
LocalFree
LocalFileTimeToFileTime
LocalAlloc
LoadResource
LoadLibraryExW
LoadLibraryExA
LoadLibraryA
IsDBCSLeadByte
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
GetTempPathA
GetTempFileNameA
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryA
GetStartupInfoA
GetShortPathNameA
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetFileAttributesA
GetExitCodeProcess
GetDriveTypeA
GetDiskFreeSpaceA
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentDirectoryA
GetConsoleWindow
GetCommandLineW
GetCommandLineA
GetCommModemStatus
GetAtomNameW
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FormatMessageA
FindResourceA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToSystemTime
ExpandEnvironmentStringsA
ExitProcess
EnumSystemLocalesA
EnumResourceLanguagesA
DosDateTimeToFileTime
DeleteFileA
CreateToolhelp32Snapshot
CreateThread
CreateRemoteThread
CreateProcessA
CreateMutexW
CreateMutexA
CreateFileA
CreateEventA
CreateDirectoryA
CloseHandle
WritePrivateProfileStringA
BindIoCompletionCallback

user32

wsprintfA
wsprintfW
GetWindowTextLengthW
GetDialogBaseUnits
GetActiveWindow
CharNextW
GetQueueStatus
GetClipboardOwner
ShowCaret
IsCharUpperW
DestroyMenu
DestroyIcon
IsWindow
IsWindowUnicode
GetWindowTextLengthA
LoadCursorFromFileA
WindowFromDC
GetListBoxInfo
CreatePopupMenu
CloseWindow
GetMenuContextHelpId
IsClipboardFormatAvailable
CharLowerA
GetDoubleClickTime
IsCharUpperA
CountClipboardFormats
GetForegroundWindow
PaintDesktop
IsGUIThread
EnumClipboardFormats
LoadIconA
WinHelpW
UnpackDDElParam
UnhookWinEvent
TranslateMessage
TranslateAccelerator
ToUnicode
TabbedTextOutA
SystemParametersInfoW
SubtractRect
ShowWindow
SetWindowsHookExA
SetWindowTextA
SetWindowRgn
SetWindowPos
SetWindowLongA
SetTimer
SetThreadDesktop
SetRect
SetProcessWindowStation
SetMenuItemBitmaps
SetMenuDefaultItem
SetForegroundWindow
SetDlgItemTextA
SendMessageW
SendMessageTimeoutW
SendMessageA
SendDlgItemMessageA
ReleaseDC
RegisterWindowMessageW
RealGetWindowClassW
PostQuitMessage
PostMessageW
PeekMessageA
OpenWindowStationW
OpenInputDesktop
OpenDesktopW
MessageBoxW
MessageBoxA
MessageBeep
LoadStringW
LoadStringA
LoadImageW
LoadImageA
KillTimer
IsWindowVisible
IsIconic
IsDlgButtonChecked
IsDialogMessageW
IsDialogMessage
IsCharLowerW
IsCharAlphaNumericW
GetWindowRect
GetWindowModuleFileNameA
GetWindowModuleFileName
GetWindowLongA
GetUserObjectSecurity
GetUserObjectInformationW
GetThreadDesktop
GetSystemMetrics
GetSystemMenu
GetSysColor
GetScrollPos
GetPropA
GetProcessWindowStation
GetMonitorInfoA
GetMessageW
GetDlgItemTextA
GetDlgItem
GetDesktopWindow
GetDC
GetCursor
GetClipboardFormatNameW
ExitWindowsEx
EndDialog
EnableWindow
DrawFrame
DrawCaption
DlgDirListA
DispatchMessageW
DispatchMessageA
DialogBoxParamW
DialogBoxIndirectParamA
DestroyWindow
DdeImpersonateClient
CreateDialogParamW
CreateDialogIndirectParamA
CloseWindowStation
CloseDesktop
CheckDlgButton
CharUpperA
CharToOemBuffW
CharPrevA
CharNextA
ChangeDisplaySettingsW
CallWindowProcA
CallMsgFilterW
AttachThreadInput
AppendMenuW
ActivateKeyboardLayout
MsgWaitForMultipleObjects

gdi32

GdiGetBatchLimit
AddFontResourceW
GetSystemPaletteUse
GetTextCharacterExtra
CreateMetaFileA
CreateMetaFileW
CloseMetaFile
GetTextAlign
GetDCBrushColor
DeleteDC
GetLayout
StartDocA
SetTextCharacterExtra
SetMetaFileBitsEx
SetColorAdjustment
GetMetaFileW
SetBkColor
SetArcDirection
STROBJ_dwGetCodePage
RealizePalette
NamedEscape
HT_Get8BPPFormatPalette
GetTextCharset
GetStockObject
GetRgnBox
GetROP2
GetPixelFormat
GetPixel
GetObjectType
SaveDC
ChoosePixelFormat
GetLogColorSpaceA
GetGraphicsMode
GetEUDCTimeStampExW
GetDeviceCaps
GetDCPenColor
GdiStartDocEMF
GdiSetLastError
GdiReleaseLocalDC
GdiReleaseDC
GdiProcessSetup
GdiPlayDCScript
GdiGetDC
GdiEntry3
FONTOBJ_vGetInfo
FONTOBJ_cGetGlyphs
EngUnicodeToMultiByteN
EngStrokeAndFillPath
EngDeletePath
EngDeletePalette
CreateFontA
GetNearestColor

advapi32

RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
IsWellKnownSid
GetTokenInformation
GetSecurityDescriptorDacl
GetAclInformation
GetAce
FreeSid
EqualSid
DuplicateTokenEx
CheckTokenMembership
AllocateAndInitializeSid
AdjustTokenPrivileges
RegOpenKeyA

shell32

ShellHookProc
ShellExecuteW
ShellExecuteEx
ShellAboutA
SHIsFileAvailableOffline
SHGetMalloc
SHGetFolderPathA
SHGetDiskFreeSpaceA
SHGetDesktopFolder
SHGetDataFromIDListW
SHFileOperationW
SHEmptyRecycleBinW
SHCreateProcessAsUserW
ExtractIconEx
ExtractAssociatedIconExW
DragQueryFileW
DoEnvironmentSubstW

ole32

CoInitialize
CoTaskMemFree
CoCreateInstance

shlwapi

StrStrIW
StrChrA

msvcrt

_c_exit
wcscpy
wcscmp
wcschr
_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_cexit
_controlfp
_except_handler3
_exit
_initterm
_wcsicmp
exit
iswalpha

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea18e51c79e6b4433b2fecde37e652b9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 2KB - Virtual size: 2KB