074991eac87c2208be8a6f5cd466c1e9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

074991eac87c2208be8a6f5cd466c1e9_JaffaCakes118
Size

10.1MB
MD5

074991eac87c2208be8a6f5cd466c1e9
SHA1

dd953621fb43c3f0b2265f61ee56c6bb0d9d116d
SHA256

8daf7236eae48472fd91f7316062e6055ca695cca1b667ffc248d3b5b660df36
SHA512

f5ca974df6cb5883cde9d573416a08fbf15d1bc8719e45a9ee08633c18f081cebbafb79248538994e4326544bcbf18e34db41ca7bbf630f36f9fddc43a6155fd
SSDEEP

49152:jv0oqK6xKKDgRkxzpyDdc2pfBWDorGrypPapoQ:ZqKndcSfBWDorGrOP9Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
074991eac87c2208be8a6f5cd466c1e9_JaffaCakes118

Files

074991eac87c2208be8a6f5cd466c1e9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1db8add3e8f03652fdd3ff9c8baf0fe2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreate

kernel32

LocalReAlloc
TlsFree
InterlockedIncrement
GetFileAttributesW
GetFileSizeEx
GetFileTime
lstrlenA
SetErrorMode
GetTickCount
GetStartupInfoW
HeapAlloc
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ExitThread
CreateThread
HeapSize
SetStdHandle
GetFileType
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
TlsSetValue
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalFlags
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GlobalAddAtomW
GetModuleHandleA
GetCurrentProcessId
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
InterlockedDecrement
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
FreeResource
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
GlobalFree
GlobalUnlock
MulDiv
FormatMessageW
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLastError
lstrlenW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
CompareStringA
WideCharToMultiByte
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
GetModuleHandleW
GetProcAddress
WaitForSingleObject
RemoveDirectoryW
Sleep
Process32NextW
TerminateProcess
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
DeleteFileW
SetFileAttributesW
GetModuleFileNameW
GetTimeFormatW
GetDateFormatW
GetLocalTime
GetVersionExW
GetEnvironmentVariableW
CreateMutexW
OpenMutexW
ExitProcess
LocalFree
GetCommandLineW
CloseHandle
CreateProcessW
GetTempFileNameW
GetTempPathW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
FreeEnvironmentStringsW

user32

SetCapture
InvalidateRgn
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
GetSysColorBrush
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
SetMenu
GetScrollRange
SetScrollPos
GetScrollPos
UpdateWindow
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
EqualRect
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
CopyRect
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowThreadProcessId
GetLastActivePopup
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
PostThreadMessageW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
RegisterClipboardFormatW
DestroyMenu
UnregisterClassW
MessageBeep
GetNextDlgGroupItem
GetClassInfoW
ReleaseCapture
UnhookWindowsHookEx
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
CharUpperW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostMessageW
PostQuitMessage
GetParent
LoadCursorW
SetCursor
PtInRect
GetWindowRect
InvalidateRect
ShowScrollBar
SetForegroundWindow
GetDesktopWindow
KillTimer
LoadBitmapW
DrawIcon
GetClientRect
IsIconic
SetTimer
DestroyIcon
GetSystemMetrics
LoadIconW
EnableWindow
SendMessageW
FindWindowW
MessageBoxW

gdi32

CreateBitmap
SelectObject
CreateSolidBrush
CreateRectRgnIndirect
DeleteDC
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
Escape
ExtTextOutW
TextOutW
RectVisible
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
BitBlt
GetObjectW
CreateCompatibleDC
CreateFontIndirectW
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
GetStockObject
SetViewportOrgEx

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenCurrentUser
RegCreateKeyExW
RegOpenKeyW
RegQueryValueExW
RegCloseKey

shell32

Shell_NotifyIconW
ShellExecuteW
SHGetFolderPathW
CommandLineToArgvW

comctl32

ImageList_Create
InitCommonControlsEx
ImageList_ReplaceIcon

shlwapi

PathRenameExtensionW
PathRemoveFileSpecW
PathAppendW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoInitializeEx
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoCreateInstance
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysStringLen
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString

wininet

HttpOpenRequestW
InternetConnectW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
InternetQueryDataAvailable

Sections

.text
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9.7MB - Virtual size: 9.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1db8add3e8f03652fdd3ff9c8baf0fe2

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 295KB - Virtual size: 294KB

.rdata Size: 81KB - Virtual size: 81KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 9.7MB - Virtual size: 9.7MB

.text
Size: 295KB - Virtual size: 294KB

.rdata
Size: 81KB - Virtual size: 81KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 9.7MB - Virtual size: 9.7MB