01468a69ca8676b51a357676e0856c88_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

01468a69ca8676b51a357676e0856c88_JaffaCakes118
Size

2.0MB
MD5

01468a69ca8676b51a357676e0856c88
SHA1

4413a7f864255767a6d84c3e8362b9873a7e224b
SHA256

fcccc611730474775ff1cfd4c60481deef586f01191348b07d7a143d174a07b0
SHA512

d0d516c96c14e4ec5dded82e80f82a3ff6b2f8c2aae63b8f0e8667aea6e07e52e8dcf2ee7939304ef2303b07a4b8ca6e6c64f985a508d57aad79440d479d68b8
SSDEEP

49152:Na175O/mZxrkaH1EN5/yxnxEil7F8vSZBWwj186KQGwi38KQrF+FO7p1FzohbJqE:uO/mZxbHW7yxnxECF8vSZBW+Pbi38KQU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01468a69ca8676b51a357676e0856c88_JaffaCakes118

Files

01468a69ca8676b51a357676e0856c88_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cb1194123f68a68eb14552c085b620ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

msimg32

AlphaBlend
TransparentBlt

kernel32

GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
IsValidCodePage
GetStdHandle
GetTimeZoneInformation
CompareStringW
LCMapStringW
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
CreateFileW
SetEnvironmentVariableA
SetHandleCount
HeapCreate
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapQueryInformation
GetFileType
SetStdHandle
CreateThread
ExitThread
HeapReAlloc
GetProcessHeap
VirtualQuery
GetSystemInfo
HeapAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
EncodePointer
GetSystemTimeAsFileTime
DecodePointer
ExitProcess
RaiseException
RtlUnwind
HeapFree
FindResourceExW
SearchPathA
GetProfileIntA
InitializeCriticalSectionAndSpinCount
GetNumberFormatA
GetWindowsDirectoryA
SetErrorMode
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetStringTypeExA
DeleteFileA
GetCurrentDirectoryA
GetACP
GetOEMCP
GetCPInfo
GetThreadLocale
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GetConsoleMode
GetConsoleCP
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetFileSizeEx
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileAttributesExA
CreateFileA
GetFullPathNameA
GetTempFileNameA
GetFileTime
GetFileAttributesA
GetUserDefaultLCID
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetModuleHandleW
FindResourceA
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
FreeLibrary
CompareStringA
LoadLibraryW
lstrcmpW
GetModuleFileNameA
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
lstrlenW
MulDiv
GlobalLock
GlobalUnlock
GetCurrentProcessId
GetProcAddress
GetModuleHandleA
LoadLibraryA
lstrlenA
GlobalGetAtomNameA
GlobalAddAtomA
ActivateActCtx
DeactivateActCtx
SetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedDecrement
InterlockedIncrement
CreateMutexA
GetLastError
WideCharToMultiByte
GetTempPathA
CreateProcessA
GetTickCount
VirtualAlloc
VirtualFree
lstrcpyA
lstrcatA
MultiByteToWideChar
Sleep
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
VirtualProtect
GlobalReAlloc
GetStringTypeW

user32

TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
WaitMessage
IsClipboardFormatAvailable
RegisterClipboardFormatA
CopyImage
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableA
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateA
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
DestroyAcceleratorTable
RedrawWindow
UnregisterClassA
WindowFromPoint
PostThreadMessageA
CreateMenu
SetWindowRgn
DrawIcon
LoadMenuW
LoadAcceleratorsW
MessageBeep
GetNextDlgGroupItem
SetCapture
InvalidateRgn
CopyAcceleratorTableA
CharNextA
CharUpperA
UnionRect
SetParent
GetSystemMenu
DeleteMenu
IsRectEmpty
SetLayeredWindowAttributes
EnumDisplayMonitors
GetSysColorBrush
MapVirtualKeyA
GetKeyNameTextA
SystemParametersInfoA
GetMenuItemInfoA
InflateRect
RealChildWindowFromPoint
IsZoomed
GetSystemMetrics
LoadCursorW
LoadCursorA
DestroyCursor
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamA
GetNextDlgTabItem
ShowOwnedPopups
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetClientRect
CreateWindowExA
GetClassInfoExA
RegisterClassA
GetWindowRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
MessageBoxA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuState
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
GetFocus
IsChild
AdjustWindowRectEx
GetClassNameA
GetSysColor
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
GetWindowRgn
SubtractRect
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
CharUpperBuffA
CopyIcon
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetUpdateRect
WinHelpA
DestroyIcon
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
EqualRect
GetDlgItem
SetWindowLongA
GetDlgCtrlID
FrameRect
SetMenuDefaultItem
IsMenu
UpdateLayeredWindow
MonitorFromPoint
GetKeyState
LoadIconW
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
GetParent
SetActiveWindow
IsWindowVisible
IsIconic
SendMessageA
InsertMenuItemA
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
GetClassInfoA
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetMenu
GetLastActivePopup
BringWindowToTop
PostMessageA
SetMenu
GetDesktopWindow
GetWindow
ShowWindow
GetWindowLongA
IsWindow
TranslateAcceleratorA
FillRect
KillTimer
SetTimer
InvalidateRect
SetRect
SetWindowPos
UpdateWindow
GetDC
LoadImageA
EnableWindow
EndDialog

gdi32

CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
DPtoLP
GetViewportOrgEx
Rectangle
PatBlt
GetTextMetricsA
GetTextExtentPoint32A
GetCharWidthA
CreateFontA
StretchDIBits
CreateRectRgnIndirect
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetRectRgn
CombineRgn
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
CreateEllipticRgn
LPtoDP
Ellipse
CreateDIBSection
OffsetViewportOrgEx
GetTextFaceA
GetWindowOrgEx
CreateRoundRectRgn
CreatePolygonRgn
Polyline
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
EnumFontFamiliesExA
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
CreatePen
SetViewportOrgEx
Escape
ExtTextOutA
GetObjectType
SelectPalette
GetStockObject
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
BitBlt
CreateCompatibleBitmap
SetWindowOrgEx
ScaleViewportExtEx
SelectObject
CreateCompatibleDC
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
GetObjectA
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
GetDeviceCaps
SetViewportExtEx

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumValueA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegEnumKeyExA
RegCloseKey
RegQueryValueA

shell32

SHAppBarMessage
ShellExecuteA
DragFinish
DragQueryFileA
SHAddToRecentDocs
SHBrowseForFolderA
SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

OleLockRunning
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoInitializeEx
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CLSIDFromProgID
CoInitialize
CoCreateInstance
CoUninitialize
RevokeDragDrop
RegisterDragDrop
CoRegisterMessageFilter
CoRevokeClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleGetClipboard
CoLockObjectExternal
CLSIDFromString

oleaut32

VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
OleCreateFontIndirect
VariantCopy
SysStringLen
SysAllocStringLen
VariantChangeType
SysAllocStringByteLen
SysFreeString
VariantInit
SysAllocString
VariantClear

oledlg

ord8

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown
GdipDrawImageI

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 301KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb1194123f68a68eb14552c085b620ce

Headers

DLL Characteristics

File Characteristics

Imports

winmm

msimg32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 285KB - Virtual size: 284KB

.data Size: 301KB - Virtual size: 340KB

.rsrc Size: 29KB - Virtual size: 28KB

.reloc Size: 170KB - Virtual size: 169KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 285KB - Virtual size: 284KB

.data
Size: 301KB - Virtual size: 340KB

.rsrc
Size: 29KB - Virtual size: 28KB

.reloc
Size: 170KB - Virtual size: 169KB