07f5cc5bd0299a189cb7b53d72af46e4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07f5cc5bd0299a189cb7b53d72af46e4_JaffaCakes118
Size

273KB
MD5

07f5cc5bd0299a189cb7b53d72af46e4
SHA1

8b0a21a13b6da9447b889c9a11f7f482dbce0d22
SHA256

af310050755a1694e9dc45878db08534b1c1db896d7496ff349a4f2b27a8467f
SHA512

e2e6c66a0724bb6a6df49029e2206a373e2c5794ac4321a328bfe3d9487582bba4840caab5a478c6703df7a1ef3db6f4d7593d831865e1c3f48463890aed1045
SSDEEP

3072:G9YTWUvwDZAg/1XiWoEwUK6WgaETd5qtIhf0pdPCZGugZXmJ7UO6NSwkyx:G9YKU4DJRifBUKpUfx0tFkUO6NSwZx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07f5cc5bd0299a189cb7b53d72af46e4_JaffaCakes118

Files

07f5cc5bd0299a189cb7b53d72af46e4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e9b473087a7721fd984c831e0b09287b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
EnumResourceTypesW
GetPrivateProfileStringA
GetUserDefaultLCID
IsBadStringPtrW
SetCommState
UnlockFile
EnumDateFormatsW
GetSystemRegistryQuota
OpenMutexA
UnregisterWaitEx
EncodePointer
GetNamedPipeHandleStateW
SetFileApisToOEM
FindFirstFileW
GetThreadIOPendingFlag
CreateDirectoryExW
IsBadWritePtr
QueryPerformanceCounter
OutputDebugStringA
GetCurrencyFormatW
GetSystemPowerStatus
SetTimeZoneInformation
LocalLock
OpenEventA
GetLogicalDrives
FindNextVolumeA
MapViewOfFileEx
EnumResourceTypesA
GetConsoleAliasExesLengthA
GetNativeSystemInfo
CreateProcessW
UpdateResourceW
GetPrivateProfileSectionA
CreateFileA
PeekConsoleInputA
EnumCalendarInfoExA
GetFileType
GetSystemTime
CreateJobSet
CreatePipe
GlobalFree
RegisterWaitForSingleObject
IsValidCodePage
DisableThreadLibraryCalls
LocalShrink
LocalCompact
MoveFileW
WritePrivateProfileStringW
EnumTimeFormatsW
HeapFree
SetSystemTime
QueryActCtxW
SwitchToThread
AllocConsole
GetTempPathW
IsProcessorFeaturePresent
FoldStringW
GetThreadPriority
GetCompressedFileSizeA
GetEnvironmentStringsW
OpenProcess
EnumSystemLanguageGroupsA
FindNextVolumeMountPointA
HeapCompact
GetModuleHandleExA
MultiByteToWideChar
DebugBreakProcess
GlobalHandle
GetCPInfoExW
FreeResource
GetProfileStringW
SetCommConfig
Beep
GlobalAddAtomW
GetSystemDirectoryA
GetProfileStringA
SetVolumeMountPointA
GetLongPathNameW
GetConsoleAliasW
CancelIo
WaitForDebugEvent
GetConsoleDisplayMode
ReadProcessMemory
LocalAlloc
InitializeCriticalSectionAndSpinCount
GetEnvironmentStrings
WriteFile
GetStdHandle
FindFirstFileA
BindIoCompletionCallback
GetCalendarInfoA
FindFirstChangeNotificationW
CompareFileTime
CreateTimerQueue
FreeConsole
SetHandleCount
WriteConsoleOutputCharacterA
GetPrivateProfileIntA
GetWindowsDirectoryA
GetVolumeNameForVolumeMountPointW
FatalAppExitW
SetThreadPriorityBoost
GetCurrencyFormatA
SetWaitableTimer
InitializeCriticalSection
GetFileSizeEx
InitAtomTable
CreateRemoteThread
InterlockedDecrement
IsDebuggerPresent
GetFirmwareEnvironmentVariableW
GlobalAlloc
GetLocalTime
GetConsoleAliasExesLengthW
ReadConsoleOutputA
GetDllDirectoryW
HeapLock
GetConsoleTitleA
WriteTapemark
QueryDosDeviceW
FindFirstVolumeMountPointW
GetStringTypeW
AreFileApisANSI
VirtualQuery
SwitchToFiber
SizeofResource
OpenSemaphoreW
GetFullPathNameA
SetProcessWorkingSetSize
GetProcessWorkingSetSize
GetVolumeNameForVolumeMountPointA
GetGeoInfoW
CreateNamedPipeW
PostQueuedCompletionStatus
LoadResource
FlushInstructionCache
FileTimeToSystemTime
UnregisterWait
EraseTape
TlsFree
GlobalMemoryStatusEx
SetLocaleInfoA
FatalAppExitA
GetDriveTypeA
GetShortPathNameW
SetConsoleActiveScreenBuffer
CheckNameLegalDOS8Dot3A
DnsHostnameToComputerNameW
GetPriorityClass
CreateSemaphoreW
FlushFileBuffers
GetFileTime
DeactivateActCtx
BeginUpdateResourceW
FindResourceW
SetComputerNameExA
GetHandleInformation
VerifyVersionInfoA
GetProcessPriorityBoost
GetSystemTimeAdjustment
HeapAlloc
ChangeTimerQueueTimer
BeginUpdateResourceA
SetErrorMode
QueryDepthSList
WriteConsoleOutputW
FindActCtxSectionGuid
GetNumberFormatW
FreeUserPhysicalPages
EnumResourceNamesA
EscapeCommFunction
GetCurrentProcessId
GetEnvironmentVariableA
ReadFileEx
HeapValidate
SleepEx
WriteConsoleInputW
FindResourceExW
GetBinaryTypeW
FillConsoleOutputAttribute
GetNamedPipeHandleStateA
CallNamedPipeW
QueryPerformanceFrequency
GetGeoInfoA
EnumUILanguagesA
TerminateProcess
SetVolumeMountPointW
GlobalFindAtomW
_llseek
GetMailslotInfo
TlsGetValue
GetProcessAffinityMask
GetConsoleAliasA
GetProcessShutdownParameters
GetStringTypeA
MoveFileWithProgressW
ReadConsoleA
CheckNameLegalDOS8Dot3W
ReadConsoleOutputCharacterA
GetCurrentConsoleFont
GetModuleFileNameW
GetConsoleWindow
SetComputerNameA
GetNumberOfConsoleInputEvents
SetFileShortNameA
GetStartupInfoA
AllocateUserPhysicalPages
OpenJobObjectW
AddVectoredExceptionHandler
CreateDirectoryExA
LoadLibraryW
CreateEventA
WriteFileGather
IsSystemResumeAutomatic
GetSystemTimeAsFileTime
SetThreadIdealProcessor
FreeEnvironmentStringsA
GetUserDefaultUILanguage
RemoveVectoredExceptionHandler
WTSGetActiveConsoleSessionId
CreateIoCompletionPort
GetDiskFreeSpaceExW
BackupWrite
EnumSystemLanguageGroupsW
MoveFileExA
CreateThread
WideCharToMultiByte
GetConsoleOutputCP
InterlockedIncrement
BuildCommDCBAndTimeoutsA
ConvertThreadToFiber
lstrcpyA
VirtualAllocEx
SetComputerNameW
GetLargestConsoleWindowSize
GetQueuedCompletionStatus
SetThreadContext
SetUnhandledExceptionFilter
ResumeThread
SetEnvironmentVariableW
ReplaceFileA
SignalObjectAndWait
GlobalSize
TzSpecificLocalTimeToSystemTime
SetConsoleCtrlHandler
GetDriveTypeW
FindFirstChangeNotificationA
IsWow64Process
QueueUserWorkItem
EndUpdateResourceA
AddAtomA
CreateJobObjectW
EnumResourceLanguagesW
QueueUserAPC
GetConsoleAliasesLengthA
SetFileAttributesA
GetPrivateProfileStringW
SetDefaultCommConfigW
GetSystemWindowsDirectoryA
GetConsoleProcessList
CreateFileW
GetWindowsDirectoryW
ReleaseActCtx
GetPrivateProfileIntW
SetConsoleCursorPosition
DecodeSystemPointer
FindActCtxSectionStringA
PrepareTape
IsBadStringPtrA
LocalSize
SetPriorityClass
GlobalUnWire
BackupRead
CancelDeviceWakeupRequest
SetHandleInformation
ZombifyActCtx
GetTimeFormatA
CreateFiber
SetNamedPipeHandleState
GlobalGetAtomNameA
CreateActCtxA
VerLanguageNameW
GetExitCodeProcess
EncodeSystemPointer
ReadConsoleOutputW
LocalFileTimeToFileTime
GetSystemWindowsDirectoryW
FormatMessageW
SetComputerNameExW
WriteProcessMemory
ExpandEnvironmentStringsA
IsBadCodePtr
MapUserPhysicalPages
EnumCalendarInfoA
FatalExit
GlobalReAlloc
GetProcessVersion
GetSystemWow64DirectoryW
GetStringTypeExW
CancelWaitableTimer
GetVersion
CreateTapePartition
SetProcessShutdownParameters
GetLongPathNameA
GetCurrentThread
FindNextFileA
GetProcessHeaps
EnumCalendarInfoExW
SetLocaleInfoW
GetComputerNameExW
GlobalDeleteAtom
IsBadHugeWritePtr
SetFilePointerEx
GetProcessIoCounters
WaitForMultipleObjectsEx
GetOEMCP
GetModuleFileNameA
GetSystemWow64DirectoryA
GetThreadPriorityBoost
EnumDateFormatsExW
GetDateFormatW
SetFirmwareEnvironmentVariableW
_lcreat
SetThreadLocale
GetPrivateProfileStructW
ReadConsoleInputA
ActivateActCtx
SetTapeParameters
SetFileAttributesW
GetCommModemStatus
ScrollConsoleScreenBufferA
RequestDeviceWakeup
ReadFileScatter
SetTimerQueueTimer
SetVolumeLabelA
GetFirmwareEnvironmentVariableA
ScrollConsoleScreenBufferW
SetConsoleWindowInfo
SearchPathW
lstrcatA
SetupComm
LocalFlags
WriteConsoleA
WriteConsoleOutputA
WritePrivateProfileStructA
EnumSystemCodePagesA
SetConsoleTextAttribute
CopyFileExW
ReadConsoleInputW
OpenSemaphoreA
SetEndOfFile
FindClose
CreateHardLinkW
SetCurrentDirectoryW
CancelTimerQueueTimer
GlobalUnlock
CreateActCtxW
TerminateJobObject
GetWriteWatch
CreateMemoryResourceNotification
CreateFiberEx
CreateDirectoryA
AddConsoleAliasW
SetTapePosition
OutputDebugStringW
WriteProfileStringW
GetTimeZoneInformation
GetShortPathNameA
FindVolumeClose
FindResourceA
FillConsoleOutputCharacterW
GetConsoleCP
OpenJobObjectA
SystemTimeToTzSpecificLocalTime
GetDateFormatA
lstrcpyW
GetSystemTimes
GetConsoleSelectionInfo
WriteConsoleOutputAttribute
CopyFileExA
CreateSemaphoreA
VirtualAlloc
GetProfileIntW
GetTapeParameters
GetLocaleInfoA
CommConfigDialogW
FindNextChangeNotification
GetSystemDefaultLCID
CreateFileMappingW
DnsHostnameToComputerNameA
GetFileAttributesA
GetCPInfoExA
_hread
OpenFileMappingA
RemoveDirectoryW
LocalUnlock
IsDBCSLeadByteEx
EnumSystemGeoID
BackupSeek
CreateDirectoryW
CreateConsoleScreenBuffer
GetDevicePowerState
OpenFileMappingW
HeapQueryInformation
SetFileTime
EnumResourceNamesW
LocalHandle
GlobalUnfix
SetCalendarInfoA
SetCommTimeouts
HeapWalk
GetFileInformationByHandle
WritePrivateProfileStructW
SetFirmwareEnvironmentVariableA
SetMailslotInfo
lstrcpynW
GetFileAttributesExA
GetModuleHandleW
CreateMutexW
HeapReAlloc
SetThreadPriority
TlsSetValue
GlobalFix
GetCurrentThreadId
FindFirstVolumeA
WaitForMultipleObjects
GetComputerNameExA
CopyFileW
DosDateTimeToFileTime
GetDiskFreeSpaceExA
GetFileAttributesExW
MoveFileWithProgressA
FindAtomA
CreateTimerQueueTimer
LoadLibraryExW
VirtualLock
OpenFile
CreateWaitableTimerA
SearchPathA
GetModuleHandleA
LoadLibraryA
lstrcmpA
lstrlenA
lstrcmpiA
EnterCriticalSection
LeaveCriticalSection
lstrcpynA
DeleteCriticalSection
_lread
GetProcAddress
DeleteVolumeMountPointA
ExitProcess
GetLastError
GetCommandLineA
GetCurrentProcess
UnhandledExceptionFilter
HeapCreate
VirtualFree
Sleep
CloseHandle
ReadFile
SetFilePointer
RtlUnwind
FreeEnvironmentStringsW
TlsAlloc
SetLastError
GetTickCount
SetStdHandle
GetConsoleMode
GetCPInfo
GetACP
HeapSize
WriteConsoleW
GetProcessHeap
LCMapStringA

comdlg32

ChooseFontW
ReplaceTextW
PageSetupDlgA
CommDlgExtendedError

imm32

ImmGetIMEFileNameW
ImmDisableIME
ImmEnumInputContext
ImmSetCompositionStringW
ImmGetCandidateListCountW
ImmGetProperty
ImmGetImeMenuItemsW
ImmUnregisterWordA
ImmAssociateContext
ImmGetOpenStatus
ImmSetConversionStatus
ImmGetGuideLineW
ImmGetDefaultIMEWnd
ImmGetImeMenuItemsA
ImmGetStatusWindowPos
ImmDestroyContext
ImmSetCandidateWindow
ImmIsIME
ImmGetConversionListA
ImmSetOpenStatus
ImmGetCompositionStringW
ImmGetIMEFileNameA
ImmSimulateHotKey
ImmGetContext
ImmGetCompositionFontA
ImmConfigureIMEA

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_Copy

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 193KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e9b473087a7721fd984c831e0b09287b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

imm32

msimg32

comctl32

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 193KB - Virtual size: 199KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 193KB - Virtual size: 199KB