90ba5b34874fd690ca6425ae38f51d70_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

90ba5b34874fd690ca6425ae38f51d70_JaffaCakes118
Size

4.1MB
MD5

90ba5b34874fd690ca6425ae38f51d70
SHA1

dbb8b757a3ff1cff0122147624e280049dcab440
SHA256

15bf106fb27348e3a36123185249bc880101f0e44131b18e1fbd9c012cb32ac4
SHA512

ae699b164df0a384b0842c2b99862537a385e7e0339ca4cfd075893f654919f7f8582718d46547681f94ac858841c57073656bc2ac9d94e1321d8d7c5fe469e6
SSDEEP

98304:N+GUNUjjs2E2xgHG2H1NiFeq7vBbWDQvOqhg2Ylc6U6gJmr:N+5Sj42E2H2udV6DQmoZYoRJm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
90ba5b34874fd690ca6425ae38f51d70_JaffaCakes118

Files

90ba5b34874fd690ca6425ae38f51d70_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2efa60ec96efc7b90a3c31e61b277e62

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Development\MyCode\VStudio\2005\WeKnows\Release\Installer.pdb

Imports

ole32

OleFlushClipboard
CoRevokeClassObject
OleIsCurrentClipboard
CoRegisterMessageFilter
CoGetClassObject
OleGetClipboard
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoCreateGuid
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
CoInitializeSecurity

user32

IsDialogMessageW
SetWindowTextW
MoveWindow
WinHelpW
LoadIconW
UnhookWindowsHookEx
GetTopWindow
GetClassNameW
GetClassLongW
EqualRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetScrollRange
GetScrollPos
SetScrollPos
EndPaint
BeginPaint
SetActiveWindow
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
DestroyWindow
IsChild
IsMenu
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetLastActivePopup
IsWindowEnabled
CallNextHookEx
SetWindowsHookExW
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
GetFocus
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
PostQuitMessage
SetRectEmpty
SendDlgItemMessageA
CharUpperW
DestroyMenu
IsRectEmpty
IntersectRect
GetMonitorInfoW
GetWindowThreadProcessId
WindowFromPoint
MonitorFromWindow
MonitorFromRect
SetRect
EnumDisplayMonitors
CopyRect
GetSystemMetrics
GetParent
GetMenuInfo
RegisterClassExW
GetForegroundWindow
GetSysColorBrush
MessageBeep
GetNextDlgGroupItem
CreateCursor
TabbedTextOutW
CreateWindowExW
DrawTextW
DrawTextExW
GrayStringW
PostThreadMessageW
UpdateWindow
UnregisterHotKey
RegisterHotKey
SetWindowLongW
PostMessageW
InvalidateRgn
IsZoomed
IsIconic
SetWindowRgn
PtInRect
GetWindowLongW
LoadCursorW
SetCursor
GetCursorPos
GetAsyncKeyState
OffsetRect
SetTimer
KillTimer
ReleaseDC
GetDC
CopyAcceleratorTableW
CharNextW
ReleaseCapture
GetCapture
SystemParametersInfoW
DefWindowProcW
RedrawWindow
ClientToScreen
RegisterClipboardFormatW
GetWindowRect
RealChildWindowFromPoint
DrawIconEx
GetIconInfo
GetDesktopWindow
wsprintfW
MessageBoxW
DrawMenuBar
GetClientRect
SetCapture
DestroyIcon
SetClipboardViewer
ChangeClipboardChain
InvalidateRect
GetNextDlgTabItem
CreateIconFromResource
CreateIconFromResourceEx
EndDialog
CreateDialogIndirectParamW
InflateRect
GetWindowDC
SendMessageW
SetFocus
SetForegroundWindow
ShowWindow
IsWindow
CheckMenuItem
GetSysColor
EnableWindow
UnregisterClassW
GetMessageW

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
SysAllocStringLen
VariantChangeType
SysStringLen
OleCreateFontIndirect
SafeArrayDestroy
VariantClear
VariantInit
SysFreeString
SysAllocString

shell32

ord162
SHGetDesktopFolder
ord155
ord716
ord190
SHChangeNotify
DragAcceptFiles
SHFileOperationW
SHGetFileInfoW
SHGetSpecialFolderLocation
ShellExecuteW
SHGetPathFromIDListW
SHGetMalloc
DragQueryFileW
DragFinish
Shell_NotifyIconW
SHBrowseForFolderW
ShellExecuteExW

advapi32

RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
GetUserNameW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
GetTokenInformation
OpenProcessToken
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid

kernel32

GetLastError
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetOEMCP
CloseHandle
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
SetProcessWorkingSetSize
GetCurrentProcess
SetPriorityClass
CreateFileW
WriteFile
WaitForSingleObject
EnumResourceTypesW
EnumResourceNamesW
FindResourceExW
SizeofResource
EnumResourceLanguagesW
FreeLibrary
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
LoadLibraryW
LoadResource
LockResource
FreeResource
GetSystemTimeAsFileTime
FindResourceW
GetProcAddress
FormatMessageW
GetEnvironmentStringsW
SetLastError
lstrlenW
ExpandEnvironmentStringsW
SuspendThread
CreateThread
TerminateThread
ResumeThread
GetThreadPriority
SetThreadPriority
GetVolumeInformationW
GetFileAttributesExW
GetFileInformationByHandle
GetFileAttributesW
SetFileAttributesW
FindFirstFileW
FindNextFileW
FindClose
GetDiskFreeSpaceW
SetFileTime
MoveFileExW
VirtualAlloc
VirtualFree
DeleteFileW
RemoveDirectoryW
CopyFileW
GetTempPathW
GetTempFileNameW
EnumSystemCodePagesW
GetCPInfoExW
GetUserDefaultUILanguage
GetSystemDefaultLangID
GetTimeZoneInformation
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LocalFileTimeToFileTime
GetModuleHandleW
GetVersionExW
lstrcpyW
GlobalAddAtomW
ReadFile
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
Process32NextW
SetFilePointerEx
FlushFileBuffers
SetEndOfFile
GlobalLock
GlobalUnlock
GetCurrentThreadId
TerminateProcess
GetFileSize
SetFilePointer
GetStdHandle
CreateDirectoryW
GetSystemDirectoryW
HeapSize
GetFullPathNameW
GetCurrentDirectoryW
GetSystemInfo
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjects
GetACP
OutputDebugStringA
GetModuleHandleA
GetCurrentThread
LoadLibraryExW
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpW
CompareStringA
GetTickCount
GlobalFree
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
EncodePointer
LoadLibraryA
GlobalFindAtomW
MulDiv
GetProfileIntW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GlobalFlags
GetThreadLocale
LockFile
UnlockFile
DuplicateHandle
VirtualProtect
SetErrorMode
GetFileSizeEx
GetFileTime
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetCPInfo
IsValidCodePage
FindFirstFileExW
FreeEnvironmentStringsW
ReadConsoleW
GetConsoleMode
GetConsoleCP
SetStdHandle
GetStringTypeW
LCMapStringW
ExitProcess
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
PeekNamedPipe
GetFileType
GetDriveTypeW
QueryPerformanceFrequency
VirtualQuery
RtlUnwind
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
HeapFree
Sleep
InitializeCriticalSection
SetEnvironmentVariableA
LocalFree
WriteConsoleW

gdi32

EndDoc
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetBkColor
CreateDCW
SetViewportOrgEx
SetViewportExtEx
StartDocW
GetDeviceCaps
SetBkMode
GetStockObject
RestoreDC
SaveDC
ExtSelectClipRgn
CreateBitmap
SetBkColor
EndPage
SetMapMode
SetStretchBltMode
CreateSolidBrush
StretchBlt
GetStretchBltMode
GetTextExtentPoint32W
GetViewportExtEx
SetTextColor
CreateFontIndirectW
BitBlt
SetWindowExtEx
OffsetViewportOrgEx
StartPage
GetPaletteEntries
GetCurrentObject
DeleteDC
SetDIBColorTable
GetDIBColorTable
SelectObject
CreateCompatibleDC
CreateDIBSection
GetObjectW
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetMapMode
ExcludeClipRect
GetClipBox
GetRgnBox
GetWindowExtEx
GetTextColor
DeleteObject
DPtoLP

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

comctl32

InitCommonControlsEx

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
StrFormatByteSizeW

oledlg

OleUIBusyW

urlmon

URLDownloadToFileW
URLDownloadToCacheFileW

wininet

InternetGetConnectedState
InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
HttpQueryInfoW
InternetReadFile
InternetCloseHandle

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2efa60ec96efc7b90a3c31e61b277e62

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ole32

user32

oleaut32

shell32

advapi32

kernel32

gdi32

winspool.drv

comctl32

shlwapi

oledlg

urlmon

wininet

oleacc

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 348KB - Virtual size: 348KB

.data Size: 28KB - Virtual size: 165KB

.gfids Size: 8KB - Virtual size: 8KB

.giats Size: 512B - Virtual size: 4B

.tls Size: 512B - Virtual size: 9B

_RDATA Size: 4KB - Virtual size: 3KB

.rsrc Size: 2.5MB - Virtual size: 2.5MB

.reloc Size: 83KB - Virtual size: 82KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 348KB - Virtual size: 348KB

.data
Size: 28KB - Virtual size: 165KB

.gfids
Size: 8KB - Virtual size: 8KB

.giats
Size: 512B - Virtual size: 4B

.tls
Size: 512B - Virtual size: 9B

_RDATA
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

.reloc
Size: 83KB - Virtual size: 82KB