62ecab3fc88715568c65a72d3bbc8ea4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

62ecab3fc88715568c65a72d3bbc8ea4_JaffaCakes118
Size

4.5MB
MD5

62ecab3fc88715568c65a72d3bbc8ea4
SHA1

aea0b890941f95ca50628fa21e87e15ecf084066
SHA256

79614eed556a891a3117201f9dcbd41921c2e99832d3e69859d17e38b2fde98d
SHA512

2f43f008d3c93b4c1ae34706b5cb4ebb391f330333c74f2741285cd742b93f31b0a893aaee1d6ab0d51a05484a590b93dd15fcaf3ec420d0c13a725d11daecec
SSDEEP

98304:yNQloCU4N0lprmspayIVnSmkI6bSTmb+t5l7WvRp:sQlDH0lpqj6b6vE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62ecab3fc88715568c65a72d3bbc8ea4_JaffaCakes118

Files

62ecab3fc88715568c65a72d3bbc8ea4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

80ca8a3d87e99aba8dd2626dd97006d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\dev\winmerge-stable\BuildTmp\Src\Build\MergeUnicodeRelease\WinMergeU.pdb

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shlwapi

PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
UrlUnescapeW
SHAutoComplete
PathIsDirectoryW
PathFindExtensionW
PathMatchSpecW
PathIsContentTypeW
StrCmpIW
SHStrDupW
PathCompactPathW
StrFormatByteSizeW
PathFileExistsW
PathFindFileNameW
PathRemoveExtensionW
StrTrimW
StrChrW
StrStrIW

imm32

ImmSetCompositionFontW
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

kernel32

SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
GetCurrentProcess
GetStringTypeExW
GetDiskFreeSpaceW
ReplaceFileW
GetUserDefaultLCID
LocalAlloc
VirtualProtect
GetCurrentThread
CompareStringA
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalReAlloc
GetAtomNameW
GlobalFlags
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
SetErrorMode
FindResourceExW
GetCurrentDirectoryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
SetCurrentDirectoryW
GetCommandLineA
LockFile
ExitThread
SetStdHandle
CreateProcessA
VirtualQuery
FlushFileBuffers
QueryPerformanceFrequency
ReadConsoleW
GetConsoleMode
GetModuleHandleExW
GetModuleFileNameA
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
WaitForMultipleObjects
CreatePipe
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
GetExitCodeProcess
GetFileSizeEx
GetProcessTimes
GetLogicalDriveStringsW
GetLongPathNameW
GetComputerNameW
SetEnvironmentVariableW
GetEnvironmentVariableW
CreateSemaphoreW
MoveFileExW
RemoveDirectoryW
InterlockedExchange
TryEnterCriticalSection
GetCPInfo
LCMapStringW
SwitchToThread
OutputDebugStringW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
FindNextFileA
FreeLibraryAndExitThread
GetVolumeInformationW
FindFirstFileExA
SetFilePointerEx
GetConsoleCP
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
SetConsoleCtrlHandler
ExitProcess
GetFullPathNameA
HeapQueryInformation
GetVersionExW
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
LocalFileTimeToFileTime
VirtualAlloc
LockResource
GetProcAddress
GlobalSize
GlobalLock
GlobalUnlock
LoadResource
SizeofResource
LoadLibraryW
FindResourceW
lstrlenW
GlobalAlloc
MulDiv
GetACP
GetStringTypeW
GetPrivateProfileStringW
DeleteFileW
SearchPathW
GetThreadLocale
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
FreeResource
MultiByteToWideChar
FreeLibrary
GetLastError
GetFileAttributesExW
GlobalGetAtomNameW
GetProfileIntW
GetTickCount
GetCurrentProcessId
SetThreadPriority
CreateEventW
SetEvent
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
EncodePointer
lstrcmpA
GetModuleHandleA
OutputDebugStringA
ExpandEnvironmentStringsA
PeekNamedPipe
GetFileType
GetFileInformationByHandle
GetCompressedFileSizeW
IsValidCodePage
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
MoveFileW
SetFileAttributesW
GetDriveTypeW
lstrcmpiW
GetExitCodeThread
CreateThread
WritePrivateProfileStringW
GetPrivateProfileIntW
GetSystemWow64DirectoryW
GetFullPathNameW
SetLastError
GetSystemDefaultLangID
GetFileTime
CreateDirectoryW
ExpandEnvironmentStringsW
GetUserDefaultLangID
ResumeThread
SuspendThread
TerminateThread
WriteConsoleW
AttachConsole
FreeConsole
CreateMutexW
GetStdHandle
WaitForSingleObject
ReleaseMutex
GetCurrentThreadId
lstrcpynW
lstrlenA
FormatMessageW
LocalFree
GetNumberFormatW
GetDateFormatW
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
SetThreadLocale
WideCharToMultiByte
IsDBCSLeadByteEx
ReadFile
GetFileSize
lstrcpyW
CopyFileW
GetWindowsDirectoryW
GetTempFileNameW
CreateProcessW
GetModuleFileNameW
LoadLibraryA
GetSystemDirectoryW
VerifyVersionInfoW
FindNextFileW
FindFirstFileW
FindFirstFileExW
FindClose
VerSetConditionMask
GetFileAttributesW
InitializeCriticalSectionAndSpinCount
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GlobalFree
GlobalReAlloc
DecodePointer
Sleep
ReleaseSemaphore
CreateFileW
GetTempPathW
CloseHandle
SetFileTime
WriteFile
GetShortPathNameW
GetLocaleInfoW
GetOEMCP
GetCommandLineW
GetModuleHandleW
GetSystemInfo
GlobalMemoryStatusEx
OpenProcess

user32

IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
AdjustWindowRectEx
GetWindowTextLengthW
ShowScrollBar
GetScrollRange
SetScrollRange
SetScrollPos
ScrollWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
TrackPopupMenuEx
SetMenu
GetMenu
SetFocus
DeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
CreateWindowExW
GetClassInfoExW
DefWindowProcW
GetMessageTime
GetMessagePos
DispatchMessageW
RegisterWindowMessageW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
UnhookWindowsHookEx
UnregisterClassA
SetRectEmpty
SendDlgItemMessageA
GetClassNameW
GetMonitorInfoW
MonitorFromPoint
GetScrollPos
IsRectEmpty
ClientToScreen
GetDCEx
EndDeferWindowPos
BeginDeferWindowPos
DestroyMenu
IsChild
IsDialogMessageW
GetNextDlgTabItem
PostThreadMessageW
GetMessageW
MapDialogRect
GetIconInfo
GetLastActivePopup
FindWindowW
SetForegroundWindow
ShowWindow
GetUserObjectInformationW
FillRect
SetRect
IsWindowEnabled
ScrollWindowEx
CreateDialogIndirectParamW
GetThreadDesktop
DrawIconEx
GetTopWindow
GetClassLongW
EqualRect
GetSysColorBrush
TranslateMDISysAccel
GetSystemMenu
TrackMouseEvent
GetActiveWindow
FlashWindowEx
EndDialog
GetClassInfoW
RegisterClassW
ReplyMessage
InflateRect
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
DrawIcon
SetWindowRgn
CharUpperW
UnionRect
PostQuitMessage
ShowOwnedPopups
WaitMessage
RealChildWindowFromPoint
GetMenuItemInfoW
CopyImage
GetDialogBaseUnits
InSendMessage
WindowFromDC
CopyAcceleratorTableW
LockWindowUpdate
SendNotifyMessageW
TranslateMessage
GetCapture
GetWindow
GetWindowTextW
SetWindowTextW
GetMenuStringW
GetFocus
EnableMenuItem
TrackPopupMenu
CheckMenuItem
LoadMenuW
PeekMessageW
UnregisterClassW
SetParent
CopyRect
DestroyIcon
PostMessageW
CallWindowProcW
IsWindowVisible
DrawMenuBar
SetPropW
GetPropW
RemovePropW
GetWindowRect
SetWindowLongW
GetParent
EnumChildWindows
LoadIconW
GetWindowThreadProcessId
GetWindowDC
GetKeyNameTextW
MapVirtualKeyW
DestroyCursor
SetCursorPos
GetTabbedTextExtentW
BringWindowToTop
InsertMenuItemW
GetMenuBarInfo
SendDlgItemMessageW
CharNextW
CharPrevW
GetKeyState
GetAsyncKeyState
EnableWindow
UpdateWindow
GetClientRect
MessageBoxW
CreateCaret
HideCaret
ShowCaret
SetCaretPos
wsprintfW
SendMessageW
IsWindow
GetDlgItem
ReleaseCapture
KillTimer
LoadAcceleratorsW
TranslateAcceleratorW
GetDC
ReleaseDC
InvalidateRect
DrawFrameControl
RedrawWindow
EnableScrollBar
MessageBeep
SetCursor
GetCursorPos
GetCaretPos
ScreenToClient
GetSysColor
IntersectRect
OffsetRect
GetDesktopWindow
LoadBitmapW
LoadCursorW
SystemParametersInfoW
UnpackDDElParam
ReuseDDElParam
WindowFromPoint
DefFrameProcW
IsMenu
DefMDIChildProcW
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
RegisterClipboardFormatW
EmptyClipboard
DragDetect
IsClipboardFormatAvailable
SetCapture
SetTimer
GetWindowLongW
GetSystemMetrics
wsprintfA
DrawEdge
GetMenuState
CreateMenu
CreatePopupMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
ModifyMenuW
RemoveMenu
DeleteMenu
PtInRect
LoadImageW
MapWindowPoints
GetDlgCtrlID
IsZoomed
IsIconic
SetWindowPos

gdi32

DPtoLP
LPtoDP
Polygon
SetBkMode
SetTextColor
CreateDCW
EnumFontFamiliesW
CopyMetaFileW
CreateBitmap
SetBkColor
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePatternBrush
CreateRectRgn
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
TextOutW
ModifyWorldTransform
SetColorAdjustment
StartDocW
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
SetRectRgn
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetCharWidthW
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetWindowOrgEx
GetTextFaceW
CreateFontW
StretchDIBits
CreateEllipticRgn
UnrealizeObject
EnumFontFamiliesExW
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
Rectangle
RectVisible
GetWindowExtEx
PtVisible
GetViewportExtEx
GetMapMode
GetBkColor
Escape
CreateSolidBrush
GetTextMetricsW
CreateDIBSection
DeleteDC
ExtTextOutW
SetBitmapBits
GetBitmapBits
SetDIBits
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePen
DeleteObject
GetCharWidth32W
GetDeviceCaps
GetStockObject
GetTextColor
GetTextExtentPoint32W
GetViewportOrgEx
RoundRect
SelectObject
GetObjectW
Ellipse
GetBkMode
GetDIBits
GetPixel
SetWorldTransform
CreateRectRgnIndirect
PatBlt

msimg32

AlphaBlend

comdlg32

GetSaveFileNameW
GetOpenFileNameW
ChooseFontW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW
GetJobW

advapi32

GetFileSecurityW
RegConnectRegistryW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegOpenKeyW
RegQueryValueExA
RegEnumKeyExW
RegQueryValueW
SetFileSecurityW
RegCloseKey
RegSetValueW
RegOpenKeyExA

shell32

ExtractIconW
DragFinish
SHGetFileInfoW
SHGetDesktopFolder
SHGetMalloc
ShellExecuteExW
SHAddToRecentDocs
SHGetPathFromIDListW
SHGetFolderPathW
ord155
SHParseDisplayName
SHCreateShellItem
SHFileOperationW
DragQueryFileW
ShellExecuteW
SHBrowseForFolderW

comctl32

ImageList_Draw
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_DrawIndirect
ImageList_Remove
ImageList_GetIcon
ImageList_Copy
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_Add
ord17

uxtheme

OpenThemeData
DrawThemeText
DrawThemeParentBackground
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeFont
GetThemeColor
CloseThemeData
IsThemeActive
GetThemeMargins
GetThemeInt
GetThemePartSize
DrawThemeBackground

ole32

CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
GetHGlobalFromILockBytes
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
CoFreeUnusedLibraries
OleSave
OleSetContainedObject
OleLockRunning
OleGetIconOfClass
OleSetMenuDescriptor
OleQueryLinkFromData
OleQueryCreateFromData
CreateItemMoniker
StgCreateDocfileOnILockBytes
CreateFileMoniker
CreateILockBytesOnHGlobal
StgIsStorageFile
StgOpenStorageOnILockBytes
StgOpenStorage
StgCreateDocfile
CoRevokeClassObject
CreateGenericComposite
CoGetClassObject
OleSaveToStream
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleRegEnumVerbs
OleRegGetMiscStatus
CLSIDFromString
CoDisconnectObject
StringFromGUID2
CoRegisterMessageFilter
CoCreateGuid
PropVariantCopy
CoInitializeEx
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoLockObjectExternal
OleGetClipboard
SetConvertStg
OleRegGetUserType
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemAlloc
StringFromCLSID
OleUninitialize
OleInitialize
CoUninitialize
CoInitialize
CoGetObject
CLSIDFromProgID
PropVariantClear
CreateStreamOnHGlobal
RevokeDragDrop
RegisterDragDrop
ReleaseStgMedium
OleRun
CoTaskMemFree
CoCreateInstance
IsAccelerator
CreateDataAdviseHolder
CoRegisterClassObject
WriteClassStm

oleaut32

SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
VariantCopyInd
VariantChangeType
LoadTypeLi
VarBstrFromDate
SysStringLen
SafeArrayCreate
SafeArrayRedim
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
OleLoadPicture
SysReAllocStringLen
VariantCopy
LoadRegTypeLi
VariantClear
SysFreeString
SafeArrayAllocData
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayLock
SafeArrayUnlock
SafeArrayGetElement
SafeArrayPutElement
CreateErrorInfo
SafeArrayCopy
SafeArrayPtrOfIndex
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
RegisterTypeLi
SysAllocString
GetErrorInfo
SetErrorInfo
SafeArrayAllocDescriptor

oledlg

OleUIBusyW

iphlpapi

GetAdaptersInfo

gdiplus

GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipSaveImageToStream
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipGetImageEncodersSize
GdipGetImageEncoders

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

wininet

InternetErrorDlg
InternetGetCookieW
InternetSetCookieW
HttpQueryInfoW
HttpEndRequestW
HttpSendRequestExW
HttpSendRequestW
HttpOpenRequestW
GopherGetAttributeW
GopherOpenFileW
GopherFindFirstFileW
GopherCreateLocatorW
FtpCommandW
FtpGetCurrentDirectoryW
FtpSetCurrentDirectoryW
FtpRemoveDirectoryW
FtpCreateDirectoryW
FtpOpenFileW
FtpRenameFileW
FtpDeleteFileW
FtpPutFileW
FtpGetFileW
FtpFindFirstFileW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetSetOptionW
InternetQueryOptionW
InternetFindNextFileW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlW
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW
HttpAddRequestHeadersW

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 922KB - Virtual size: 921KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 918KB - Virtual size: 917KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80ca8a3d87e99aba8dd2626dd97006d5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

shlwapi

imm32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

uxtheme

ole32

oleaut32

oledlg

iphlpapi

gdiplus

oleacc

wininet

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 922KB - Virtual size: 921KB

.data Size: 109KB - Virtual size: 136KB

.rsrc Size: 918KB - Virtual size: 917KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 922KB - Virtual size: 921KB

.data
Size: 109KB - Virtual size: 136KB

.rsrc
Size: 918KB - Virtual size: 917KB