070a00b9742f478aec8b15300c42c1e9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

070a00b9742f478aec8b15300c42c1e9_JaffaCakes118
Size

840KB
MD5

070a00b9742f478aec8b15300c42c1e9
SHA1

4f3433cb96c5772d979c5630152413c2371376cf
SHA256

8cd101fba560b96e8eade4eb386a13b3b80c0c4516e07cf3bf6ca6ea89259cb2
SHA512

44c6c3da04e1063a3db5405e2594a4eb0203775dc0adc1a48d70d062dda6c46467600c3c3d5f8727b99ac791972540813c2e1581ab3ca572fd9207425a8314c2
SSDEEP

24576:SFcHmxkfzb1LweRYrzFQjubmGzuzaCtBSAX2:SFc4+t0eRYqjuCeC3S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
070a00b9742f478aec8b15300c42c1e9_JaffaCakes118

Files

070a00b9742f478aec8b15300c42c1e9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0d02db791f9f4ba8651ac8a51d7a1332

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
IsDebuggerPresent
CreateThread
GlobalFindAtomW
GetCPInfo
RaiseException
CopyFileW
InterlockedDecrement
WideCharToMultiByte
lstrcmpiW
VirtualProtectEx
LocalAlloc
IsValidCodePage
CloseHandle
GlobalDeleteAtom
CreateEventW
FlushFileBuffers
CreateFileW
SetFilePointer
LocalFree
FreeEnvironmentStringsW
FormatMessageW
Sleep
LocalReAlloc
WaitForMultipleObjects
SetEnvironmentVariableA
CompareStringW
LoadLibraryExW
GetStartupInfoW
GetOEMCP
CreateMutexW
SetUnhandledExceptionFilter
GetTempPathW
FindResourceExW
GetVersionExW
SetHandleCount
QueryPerformanceCounter
GetFileAttributesExW
FileTimeToLocalFileTime
TerminateThread
HeapDestroy
GetUserDefaultUILanguage
SetLastError
EnterCriticalSection
HeapCreate
LoadLibraryW
SetStdHandle
GlobalAddAtomW
TlsGetValue
HeapFree
GetTimeZoneInformation
GetStdHandle
GetLocaleInfoW
lstrlenA
GetCurrentThreadId
IsProcessorFeaturePresent
MultiByteToWideChar
lstrcmpA
GetCurrentThread
GetFileSizeEx
GetTempFileNameW
FindClose
lstrlenW
UnhandledExceptionFilter
VirtualAlloc
TlsAlloc
GetCurrentDirectoryW
HeapAlloc
FindFirstFileW
GetNumberFormatW
GetSystemTimeAsFileTime
GetSystemDirectoryW
InitializeCriticalSection
LeaveCriticalSection
VirtualQuery
lstrcpyW
GetCommandLineW
TlsSetValue
MulDiv
GetACP
WaitForSingleObject
HeapSetInformation
GlobalAlloc
LCMapStringW
FindResourceW
SetEvent
GetVolumeInformationW
WriteConsoleW
GetConsoleMode
GlobalHandle
LockResource
SizeofResource
ReadFile
LoadResource
GlobalSize
FileTimeToSystemTime
GlobalFlags
GetEnvironmentStringsW
InterlockedExchange
DeleteCriticalSection
GetSystemInfo
FreeResource
GetCurrentProcess
ExitThread
HeapReAlloc
SetThreadPriority
FreeLibrary
GetFileType
DuplicateHandle
SetEndOfFile
HeapQueryInformation
lstrcmpW
GetFileAttributesW
TlsFree
InterlockedIncrement
GetFullPathNameW
UnlockFile
LockFile
CreateNamedPipeW
GetStringTypeW
GetConsoleCP
GetFileTime
GlobalFree
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetCurrentProcessId
WriteFile
GetModuleHandleW
ResumeThread
GlobalGetAtomNameW
GetProcAddress
GlobalReAlloc
GetProcessHeap
HeapSize
GetFileSize
GlobalUnlock
GetTickCount
GetModuleFileNameW
GetLastError

user32

GetSubMenu
SetParent
GetKeyboardState
MonitorFromPoint
GetKeyNameTextW
CheckDlgButton
DestroyAcceleratorTable
SetWindowPlacement
ReleaseDC
GetMenuItemCount
GetClassLongW
IsWindowEnabled
LoadAcceleratorsW
WinHelpW
GetMenuStringW
DeleteMenu
SendDlgItemMessageW
SetWindowTextW
TranslateMDISysAccel
GetActiveWindow
DialogBoxParamW
RegisterClipboardFormatW
BeginDeferWindowPos
GetUpdateRect
RedrawWindow
PeekMessageW
OpenClipboard
WaitMessage
CreateDialogIndirectParamW
SetScrollRange
IsChild
GetSysColorBrush
ScrollWindow
UnionRect
PostQuitMessage
SetCapture
GetMenuCheckMarkDimensions
HideCaret
UpdateWindow
GetWindowThreadProcessId
GrayStringW
GetAsyncKeyState
InsertMenuItemW
LoadIconW
LoadCursorW
InvertRect
GetWindowTextW
GetMonitorInfoW
MapWindowPoints
TranslateAcceleratorW
WindowFromPoint
SendMessageW
GetScrollInfo
ReuseDDElParam
GetCursorPos
GetMenuDefaultItem
UnhookWindowsHookEx
SendDlgItemMessageA
GetCapture
SetScrollPos
PtInRect
GetClassNameW
PostMessageW
GetMessageW
MessageBoxW
GetMenuItemInfoW
EndDialog
RemoveMenu
GetLastActivePopup
ShowOwnedPopups
CallNextHookEx
IsWindowVisible
ToUnicodeEx
CopyIcon
EndDeferWindowPos
GetClassInfoW
GetDlgCtrlID
SetMenuItemBitmaps
IsRectEmpty
LoadBitmapW
EnableMenuItem
DrawFocusRect
GetSystemMenu
IsCharLowerW
ShowWindow
TranslateMessage
DestroyCursor
TabbedTextOutW
FrameRect
GetForegroundWindow
GetWindowRgn
FillRect
IntersectRect
EndPaint
UpdateLayeredWindow
GetScrollPos
GetWindowPlacement
DefWindowProcW
LoadMenuW
PostThreadMessageW
SetScrollInfo
DrawIconEx
BringWindowToTop
GetKeyState
DrawTextExW
MoveWindow
GetMessageTime
BeginPaint
CheckMenuItem
MapVirtualKeyW
DestroyMenu
EqualRect
EnumDisplayMonitors
GetMenuState
OffsetRect
SetFocus
SubtractRect
MapVirtualKeyExW
InsertMenuW
CreateWindowExW
GetDC
EnableWindow
CallWindowProcW
GetPropW
GetSystemMetrics
GetClassInfoExW
SetCursor
DeferWindowPos
RegisterWindowMessageW
SetActiveWindow
GetWindow
GetFocus
GetTopWindow
IsClipboardFormatAvailable
EnableScrollBar
GetClientRect
GetNextDlgTabItem
UnpackDDElParam
EmptyClipboard
KillTimer
GetScrollRange
MapDialogRect
MonitorFromWindow
DrawFrameControl
CopyAcceleratorTableW
CharUpperW
IsWindow
GetNextDlgGroupItem
LoadImageW
GetIconInfo
SetMenu
DrawIcon
DrawEdge
GetWindowTextLengthW
ClientToScreen
GetDesktopWindow
IsIconic
GetWindowDC
CreateMenu
InflateRect
GetDlgItem
EnumWindows
SetClipboardData
GetWindowRect
DrawStateW
GetWindowLongW
DrawTextW
SetTimer
IsDialogMessageW
RegisterClassW
SetPropW
DefFrameProcW
SetLayeredWindowAttributes
CopyRect
LockWindowUpdate
SetCursorPos
GetMenuItemID
ReleaseCapture
AppendMenuW
SetRect
SetForegroundWindow
AdjustWindowRectEx
CreateAcceleratorTableW
CreatePopupMenu
GetDoubleClickTime
DestroyIcon
InvalidateRect
DestroyWindow
DefMDIChildProcW
RealChildWindowFromPoint
SetWindowRgn
IsZoomed
SetWindowPos
GetMenu
SetWindowsHookExW
CharUpperBuffW
SetWindowLongW
GetSysColor
ValidateRect
SetRectEmpty
ScreenToClient
GetKeyboardLayout
NotifyWinEvent
CloseClipboard
DispatchMessageW
CopyImage
RemovePropW
GetMessagePos
ShowScrollBar
SetClassLongW
ModifyMenuW
SetMenuDefaultItem
DrawMenuBar
IsMenu
SystemParametersInfoW
MessageBeep
TrackPopupMenu

gdi32

CreateRoundRectRgn
BitBlt
SetTextColor
GetNearestPaletteIndex
ScaleViewportExtEx
LineTo
FillRgn
SetPaletteEntries
SelectObject
SetViewportOrgEx
GetDeviceCaps
CopyMetaFileW
EnumFontFamiliesW
SetLayout
GetPaletteEntries
StretchBlt
GetObjectType
CreateBitmap
Polygon
SelectClipRgn
SetWindowOrgEx
CreatePalette
SetViewportExtEx
GetRgnBox
CreateRectRgnIndirect
SetBkMode
SetROP2
RestoreDC
GetSystemPaletteEntries
EnumFontFamiliesExW
OffsetWindowOrgEx
GetPixel
CreateCompatibleBitmap
SetPolyFillMode
SetWindowExtEx
CreateRectRgn
DeleteObject
GetTextColor
LPtoDP
OffsetViewportOrgEx
CreateHatchBrush
SetTextAlign
GetViewportExtEx
GetTextFaceW
GetBkColor
GetWindowOrgEx
SetPixel
CreateEllipticRgn
SetPixelV
CreateDIBitmap
DeleteDC
MoveToEx
PtInRegion
ExtTextOutW
CreateCompatibleDC
GetBitmapBits
CreatePatternBrush
GetViewportOrgEx
SetDIBColorTable
GetClipBox
CreateFontIndirectW
GetLayout
CombineRgn
FrameRgn
OffsetRgn
ScaleWindowExtEx
SaveDC
Polyline
GetTextCharsetInfo
RectVisible
CreatePen
Ellipse
GetTextExtentPoint32W
ExcludeClipRect
Escape
PatBlt
RealizePalette
CreateDCW
SetBkColor
ExtFloodFill
GetObjectW
SelectPalette
ExtSelectClipRgn
CreatePolygonRgn
CreateSolidBrush
GetTextMetricsW
GetBoundsRect
CreateDIBSection
SetMapMode
GetWindowExtEx
DPtoLP
TextOutW
SetRectRgn
Rectangle
IntersectClipRect
PtVisible

advapi32

RegDeleteValueW
GetSecurityDescriptorSacl
RegDeleteKeyW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenProcessToken
RegOpenKeyExW
ConvertSidToStringSidW
GetTokenInformation
RegCreateKeyExW
OpenThreadToken
RegEnumKeyExW
SetSecurityDescriptorSacl
InitializeSecurityDescriptor
RegQueryValueExW
RegSetValueExW
IsValidSid
SetSecurityDescriptorDacl

shell32

SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetDesktopFolder
ShellExecuteExW
SHGetFolderLocation
SHGetSpecialFolderLocation
DragQueryFileW
DragFinish
ShellExecuteW
SHAppBarMessage

ole32

OleTranslateAccelerator
CoCreateInstance
CoInitialize
CoInitializeEx
IsAccelerator
RegisterDragDrop
DoDragDrop
OleLockRunning
ReleaseStgMedium
OleDestroyMenuDescriptor
CoTaskMemFree
CoTaskMemAlloc
OleGetClipboard
CreateStreamOnHGlobal
OleCreateMenuDescriptor
CLSIDFromString
CoUninitialize
OleDuplicateData
RevokeDragDrop
CoLockObjectExternal

oleaut32

VariantChangeType
SysStringByteLen
SysFreeString
VariantInit
SysAllocStringByteLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
VariantClear
SysStringLen
SysAllocString
VarBstrFromDate

comctl32

ImageList_GetIconSize

shlwapi

SHDeleteEmptyKeyA
PathIsUNCW
SHDeleteValueA
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW
PathStripToRootW

gdiplus

GdipDisposeImage
GdipGetImagePalette
GdipCreateFromHDC
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipDrawImageI
GdipDrawImageRectI
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipCreateBitmapFromHBITMAP
GdipFree
GdipSetInterpolationMode
GdipBitmapLockBits
GdipGetImagePixelFormat
GdipDeleteGraphics
GdipGetImageWidth
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipAlloc
GdipGetImagePaletteSize
GdipGetImageGraphicsContext

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kpol
Size: - Virtual size: 5.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kupol
Size: 486KB - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d02db791f9f4ba8651ac8a51d7a1332

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

gdiplus

oleacc

Sections

.text Size: 8KB - Virtual size: 8KB

.kpol Size: - Virtual size: 5.4MB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 278KB - Virtual size: 278KB

.kupol Size: 486KB - Virtual size: 486KB

.tls Size: 512B - Virtual size: 57B

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 8KB - Virtual size: 8KB

.kpol
Size: - Virtual size: 5.4MB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 278KB - Virtual size: 278KB

.kupol
Size: 486KB - Virtual size: 486KB

.tls
Size: 512B - Virtual size: 57B

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 14KB - Virtual size: 13KB