07c85e492608467733ee60f6a1b93751_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07c85e492608467733ee60f6a1b93751_JaffaCakes118
Size

552KB
MD5

07c85e492608467733ee60f6a1b93751
SHA1

146a36fe78f47866535eff13e22d8930ced71074
SHA256

1c2623d589b8b46aebe027ba04d4149947d24741a38580144911ffcb0fdd9448
SHA512

2fb0833787eaa003e747ad78ebc16c022e449b97baf914e69e4d17543f7e9078d94e0e55a293e06928c968eabec823c60c956d0a87e76d529342238ca13cd8b1
SSDEEP

12288:o4VTj4TdOTdZ9OOlzaXRlZr1PTNeJUeMMnMMMMMBW43P:o4VqcpvOBBlTPAUeMMnMMMMMB9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07c85e492608467733ee60f6a1b93751_JaffaCakes118

Files

07c85e492608467733ee60f6a1b93751_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c66aa9aa4dd5352766bd992956cf5096

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueA
RegSetValueA
SetSecurityDescriptorDacl
AdjustTokenPrivileges
RegCloseKey
RegEnumKeyW
RegisterEventSourceA
RegSetValueExA
RegOpenKeyExA
InitializeSecurityDescriptor
RegEnumValueW
RegQueryValueExW
RegEnumValueA
RegSetValueExW
ReportEventA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueW
RegOpenKeyW
RegCreateKeyA
RegQueryValueExA
DeregisterEventSource
OpenProcessToken
RegOpenKeyA
RegDeleteKeyW
RegCreateKeyW
LookupPrivilegeValueA

kernel32

GlobalUnlock
FreeEnvironmentStringsA
SetFileAttributesA
GetStringTypeW
GetExitCodeProcess
GetVolumeInformationA
GetEnvironmentStringsW
LCMapStringA
_lwrite
LoadLibraryA
LockResource
HeapReAlloc
VirtualFree
GetModuleFileNameA
LockFile
GetSystemTime
TlsAlloc
GlobalHandle
GetStringTypeExA
lstrcpynA
GetFullPathNameA
MulDiv
DeleteFileA
FreeEnvironmentStringsW
CreateEventA
CloseHandle
GetDriveTypeA
UnlockFile
HeapDestroy
SetHandleCount
GetWindowsDirectoryA
WinExec
CreateFileA
WaitForSingleObject
GetSystemDefaultLangID
GetTempPathA
InterlockedIncrement
FormatMessageW
SetFilePointer
GetTempFileNameA
LeaveCriticalSection
FlushFileBuffers
VirtualQuery
FileTimeToSystemTime
Sleep
GetStdHandle
FormatMessageA
FindFirstFileA
CreateProcessW
SizeofResource
TlsFree
GetCurrentProcess
VirtualAlloc
CreateSemaphoreA
TlsSetValue
RaiseException
LoadLibraryExA
SetFileTime
GetCurrentThreadId
lstrlenA
lstrcmpiW
CompareStringW
GetStringTypeA
IsBadReadPtr
CreateThread
LoadResource
GetSystemInfo
GlobalLock
GetCurrentDirectoryA
SearchPathA
GetLastError
InitializeCriticalSection
GetShortPathNameA
GetModuleHandleA
WideCharToMultiByte
VirtualProtect
ReleaseSemaphore
RemoveDirectoryA
GlobalAddAtomA
GetFileTime
ReadFile
CreateProcessA
GetProfileStringA
GetFileAttributesA
GetVersionExA
GlobalFree
SetEvent
GetModuleFileNameW
HeapSize
CreateDirectoryA
_llseek
lstrcpyA
ExitProcess
HeapAlloc
TlsGetValue
CompareStringA
GetStartupInfoA
MultiByteToWideChar
FreeResource
SetEndOfFile
SetStdHandle
lstrcmpA
GetCurrentProcessId
SetErrorMode
GetEnvironmentStrings
ResumeThread
GetLocalTime
GetDateFormatA
InterlockedDecrement
SetLastError
FindNextFileA
GlobalAlloc
GetCPInfo
GetACP
FreeLibrary
_lclose
lstrcatA
IsDBCSLeadByte
DeleteCriticalSection
GetTickCount
IsBadCodePtr
LCMapStringW
SetCurrentDirectoryA
GetSystemDirectoryA
HeapFree
GetCommandLineA
GetUserDefaultLCID
GetSystemDefaultLCID
GetOEMCP
GlobalDeleteAtom
GlobalSize
RtlUnwind
FindResourceA
GetLocaleInfoA
GetUserDefaultLangID
DuplicateHandle
FindClose
GetProcAddress
FileTimeToLocalFileTime
SetEnvironmentVariableA
GetVersion
TerminateProcess
GetTimeZoneInformation
GlobalReAlloc
HeapCreate
FlushInstructionCache
_lread
ResetEvent
GetFileType
ExitThread
WriteFile
lstrcmpiA
EnterCriticalSection
SystemTimeToFileTime
UnhandledExceptionFilter
MoveFileA
SetLocalTime

ws2_32

WSAConnect

ddraw

DirectDrawEnumerateA

user32

DefWindowProcA
CharUpperBuffW
MsgWaitForMultipleObjects
GetWindowRgn
LoadCursorA
CharUpperBuffA
AdjustWindowRectEx
SetTimer
CharLowerA
PostMessageA
ReleaseCapture
DestroyMenu
GetUpdateRgn
MoveWindow
EndPaint
GetMenuItemID
VkKeyScanA
GetCursorPos
DrawFocusRect
CreateIcon
DdeCreateStringHandleA
SetDlgItemTextA
PostThreadMessageA
CreateWindowExA
CharNextA
HideCaret
LoadAcceleratorsA
ClientToScreen
IsZoomed
KillTimer
UnregisterClassA
SetWindowLongA
ClipCursor
DdeQueryConvInfo
CreateCursor
RegisterClipboardFormatA
InflateRect
TrackPopupMenu
CallWindowProcA
GetMessagePos
CharToOemBuffA
SetCaretPos
EqualRect
EmptyClipboard
PostMessageW
DdeDisconnect
SystemParametersInfoA
MessageBeep
SetRect
UnhookWindowsHookEx
GetKeyboardLayout
AdjustWindowRect
SetWindowPos
DdeInitializeA
ReleaseDC
FrameRect
DdeCreateDataHandle
GetParent
ModifyMenuA
EnableMenuItem
ShowWindow
RemoveMenu
IsWindowEnabled
SetScrollPos
BringWindowToTop
MessageBoxA
GetDC
GetQueueStatus
GetClipboardData
EnumThreadWindows
SubtractRect
ShowScrollBar
ShowCaret
GetPropA
OffsetRect
GetLastActivePopup
WindowFromPoint
CopyAcceleratorTableA
InsertMenuA
DeferWindowPos
SendDlgItemMessageA
GetDoubleClickTime
VkKeyScanW
DdeGetData
GetMenu
RemovePropA
SetScrollInfo
EnableWindow
SetMenuItemInfoA
EndDialog
GetKeyState
wsprintfA
UpdateWindow
SetCursor
GetForegroundWindow
WaitMessage
GetWindowTextLengthA
DefMDIChildProcA
TranslateMessage
RegisterClassExA
SetWindowRgn
GetWindowThreadProcessId
GetSubMenu
InvalidateRgn
DestroyCaret
DialogBoxParamA
GetWindowDC
TabbedTextOutA
GetSystemMenu
GetCursor
RegisterClassA
GetCapture
LoadImageA
DefFrameProcA
IsIconic
CharPrevA
CharToOemA
GetAsyncKeyState
DestroyCursor
SetPropA
SetWindowContextHelpId
GetFocus
TranslateMDISysAccel
DdeConnect
DestroyAcceleratorTable
GetClassInfoExA
IsChild
OemToCharA
DdeClientTransaction
LoadIconA
DdeUninitialize
GetDesktopWindow
DeleteMenu
GetClassInfoA
ShowCursor
SetMenuDefaultItem
DdeFreeStringHandle
GetDlgItem
CreateMenu
SetClipboardData
PeekMessageW
DestroyWindow
GetMenuState
PostQuitMessage
CreateAcceleratorTableA
CreateDialogParamA
FillRect
CopyRect
IntersectRect
DdeQueryStringA
DrawTextA
CharUpperA
GetScrollInfo
BeginDeferWindowPos
DdePostAdvise
WinHelpA
SetKeyboardState
PeekMessageA
IsRectEmpty
CreatePopupMenu
GetWindowRect
CloseClipboard
GetClassNameA
GetWindow
DispatchMessageA
LockWindowUpdate
GetMenuItemInfoA
SendMessageA
SetWindowTextA
CheckMenuItem
DdeNameService
IsClipboardFormatAvailable
LoadBitmapA
IsDialogMessageA
IsWindow
AppendMenuA
InvalidateRect
CharLowerBuffA
SetWindowsHookExW
GetDCEx
SetForegroundWindow
PtInRect
ScreenToClient
MapWindowPoints
SetParent
DrawFrameControl
FindWindowA
keybd_event
GetTabbedTextExtentA
MessageBoxIndirectA
DrawMenuBar
GetActiveWindow
IsWindowVisible
EndDeferWindowPos
DdeFreeDataHandle
GetSystemMetrics
GetClipboardFormatNameA
GetMenuStringA
DdeAbandonTransaction
SetActiveWindow
GetSysColor
FindWindowW
LoadStringA
IsCharAlphaA
SetWindowsHookExA
SetCapture
SetScrollRange
GetWindowTextA
GetMenuItemCount
GetIconInfo
CharLowerBuffW
DdeCmpStringHandles
GetUpdateRect
GetWindowLongA
GetScrollPos
GetClientRect
DdeSetUserHandle
SetMenu
OpenClipboard
AttachThreadInput
GetCaretPos
EnumClipboardFormats
CreateCaret
SetCursorPos
WaitForInputIdle
DdeGetLastError
GetCaretBlinkTime
GetKeyboardState
DestroyIcon
ToAscii
GetMessageTime
DrawIcon
CallNextHookEx
BeginPaint
SetFocus

ole32

MkParseDisplayName
WriteClassStg
IIDFromString
OleSaveToStream
OleCreateLinkToFile
CreateStreamOnHGlobal
OleSetClipboard
OleUninitialize
CoRegisterClassObject
GetClassFile
OleCreateFromFile
OleGetAutoConvert
CreateBindCtx
OleSave
OleFlushClipboard
OleQueryCreateFromData
CLSIDFromProgID
OleCreateLink
OleDuplicateData
OleRun
StgCreateDocfile
OleRegGetUserType
ReleaseStgMedium
CoLockObjectExternal
CreateILockBytesOnHGlobal
StringFromCLSID
OleQueryLinkFromData
CreateOleAdviseHolder
OleLoadFromStream
CoFreeUnusedLibraries
OleDoAutoConvert
OleIsRunning
ReadClassStm
RegisterDragDrop
CoRegisterMessageFilter
OleInitialize
OleTranslateAccelerator
DoDragDrop
OleSetMenuDescriptor
CreateDataAdviseHolder
ReadClassStg
CLSIDFromString
RevokeDragDrop
BindMoniker
OleLoad
CoDisconnectObject
CoRevokeClassObject
IsAccelerator
CoUnmarshalInterface
CoGetMalloc
CoCreateInstance
StgCreateDocfileOnILockBytes
CoMarshalInterface
OleDestroyMenuDescriptor
StgOpenStorage
OleGetClipboard
ProgIDFromCLSID
OleIsCurrentClipboard
OleCreateMenuDescriptor
OleLockRunning
CoIsOle1Class
OleConvertOLESTREAMToIStorage
StgIsStorageILockBytes
CoGetClassObject
OleGetIconOfClass
OleConvertIStorageToOLESTREAM
StringFromGUID2
OleCreateLinkFromData
StgOpenStorageOnILockBytes
OleCreateFromData

olecli32

OleClone

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 396KB - Virtual size: 394KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c66aa9aa4dd5352766bd992956cf5096

Headers

File Characteristics

Imports

advapi32

kernel32

ws2_32

ddraw

user32

ole32

olecli32

Sections

.text Size: 4KB - Virtual size: 1KB

.idata Size: 16KB - Virtual size: 12KB

.rdata Size: 396KB - Virtual size: 394KB

.data Size: 8KB - Virtual size: 2.0MB

.rsrc Size: 124KB - Virtual size: 123KB

.text
Size: 4KB - Virtual size: 1KB

.idata
Size: 16KB - Virtual size: 12KB

.rdata
Size: 396KB - Virtual size: 394KB

.data
Size: 8KB - Virtual size: 2.0MB

.rsrc
Size: 124KB - Virtual size: 123KB