0d2a2d596554a4ce74057f69a3d8b1c4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d2a2d596554a4ce74057f69a3d8b1c4_JaffaCakes118
Size

33KB
MD5

0d2a2d596554a4ce74057f69a3d8b1c4
SHA1

445d34c7cddb2ab67a8c93ae086d5ee0d6a20c8c
SHA256

999ea2535b2a1c0ea50092ebc603eedbfb43b6e70164626324faa2eb58a1049d
SHA512

741e4b0c0785d54c87f72ce4e5c1f1da8f8b489823b4496a06caef92662522e49f1bdd07b2be5e5a8269283999c3c93afff201200bb1e64405ed682136e345a5
SSDEEP

768:EsFil58Sb8FJ/SBF3Lcrrn7O030BHOvMPP5NnhkPN72S:EQi58SbccFb+XO66PHhkPJ2S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d2a2d596554a4ce74057f69a3d8b1c4_JaffaCakes118

Files

0d2a2d596554a4ce74057f69a3d8b1c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69ab22beabdfd81fb0d76b50ed27590b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
RegCreateKeyW
RegCloseKey
RegQueryValueExA
RegCreateKeyA
RegEnumValueA
RegSetValueExA
AdjustTokenPrivileges
RegDeleteKeyW
RegDeleteKeyA
RegSetValueExW
RegEnumValueW
InitializeSecurityDescriptor
RegQueryValueExW
RegQueryValueA
RegDeleteValueW
RegSetValueA
OpenProcessToken
RegEnumKeyA
RegOpenKeyExA
DeregisterEventSource
LookupPrivilegeValueA
RegEnumKeyW
RegQueryInfoKeyA
RegisterEventSourceA
ReportEventA
RegOpenKeyA
SetSecurityDescriptorDacl
RegOpenKeyW

ddraw

DirectDrawEnumerateA

ws2_32

setsockopt

user32

IsClipboardFormatAvailable
LoadStringA
CreateCaret
EmptyClipboard
UpdateWindow
GetClassInfoExA
DefFrameProcA
BeginPaint
FindWindowA
ReleaseDC
LoadImageA
ShowScrollBar
SetWindowsHookExW
EnumThreadWindows
LoadCursorA
SetTimer
PostMessageA
CreateWindowExA
CreateDialogParamA
FillRect
UnregisterClassA
GetWindow
KillTimer
DdeAbandonTransaction
CloseClipboard
SetScrollInfo
ToAscii
WaitMessage
SetWindowsHookExA
LoadAcceleratorsA
DestroyAcceleratorTable
IsDialogMessageA
GetMessageTime
SetRect
GetPropA
keybd_event
MessageBoxIndirectA
UnhookWindowsHookEx
IsWindowEnabled
SetScrollPos
PostQuitMessage
PeekMessageW
SetParent
VkKeyScanW
GetDoubleClickTime
GetClipboardFormatNameA
SendDlgItemMessageA
DestroyCursor
GetDC
ShowWindow
GetMenuItemInfoA
SetPropA
DdeSetUserHandle
DdeCreateStringHandleA
GetMessagePos
GetCaretBlinkTime
CharUpperA
SendMessageA
CopyAcceleratorTableA
VkKeyScanA
DdeFreeDataHandle
GetScrollInfo
SetMenuItemInfoA
DdeDisconnect
TranslateMessage
DrawTextA
AdjustWindowRectEx
DdeCmpStringHandles
DdeInitializeA
AppendMenuA
DeleteMenu
DdeClientTransaction
CreatePopupMenu
GetSystemMenu
SetKeyboardState
CreateAcceleratorTableA
RegisterClipboardFormatA
DrawIcon
SetScrollRange
RemovePropA
BringWindowToTop
SetWindowRgn
GetKeyboardState
CallWindowProcA
GetForegroundWindow
DrawFrameControl
SetClipboardData
DdeFreeStringHandle
CreateIcon
IsWindowVisible
PtInRect
CharPrevA
ModifyMenuA
SetForegroundWindow
MoveWindow
DdeNameService
SetFocus
DefMDIChildProcA
DestroyMenu
EndDeferWindowPos
MessageBoxA
GetFocus
EndPaint
DestroyWindow
CharNextA
GetCaretPos
DdeUninitialize
LockWindowUpdate
CharLowerBuffW
RemoveMenu
GetSystemMetrics
IsCharAlphaA
SetCapture
OemToCharA
CreateMenu
IsZoomed
SetWindowLongA
SetWindowContextHelpId
GetParent
GetWindowDC
ClientToScreen
DestroyCaret
CharLowerA
CharToOemBuffA
ShowCursor
LoadBitmapA
ReleaseCapture
BeginDeferWindowPos
SetWindowTextA
PostMessageW
IntersectRect
GetActiveWindow
PostThreadMessageA
AdjustWindowRect
GetClassInfoA
GetClipboardData
GetSysColor
MessageBeep
DdeQueryConvInfo
OffsetRect
CharUpperBuffA
GetWindowTextLengthA
GetMenuItemCount
SetCaretPos
SetMenu
HideCaret
GetCapture
SetMenuDefaultItem
DialogBoxParamA
GetMenuItemID
GetKeyState
GetIconInfo
DdeQueryStringA
AttachThreadInput
GetUpdateRect
ShowCaret
TrackPopupMenu
InflateRect
EnableWindow
wsprintfA
ClipCursor
GetWindowThreadProcessId
GetWindowTextA
InvalidateRgn
SubtractRect
GetDesktopWindow
GetTabbedTextExtentA
DdePostAdvise
GetDCEx
LoadIconA
DdeGetData
MsgWaitForMultipleObjects
GetMenuState
PeekMessageA
SetDlgItemTextA
DefWindowProcA
DdeConnect
GetAsyncKeyState
DispatchMessageA
CheckMenuItem
DdeCreateDataHandle
MapWindowPoints
GetLastActivePopup
SetCursor
TranslateMDISysAccel
EndDialog
GetMenu
GetCursorPos
TabbedTextOutA
FindWindowW
GetSubMenu
GetUpdateRgn
InvalidateRect
InsertMenuA
CharToOemA
CallNextHookEx
RegisterClassExA
GetWindowRgn
IsChild
DeferWindowPos
FrameRect
CopyRect
DestroyIcon
SystemParametersInfoA
WinHelpA
CreateCursor
SetWindowPos
GetClassNameA
GetMenuStringA
CharUpperBuffW
IsIconic
GetDlgItem
GetWindowLongA
GetScrollPos
DrawFocusRect
SetActiveWindow
RegisterClassA
DdeGetLastError
GetCursor
WaitForInputIdle
IsRectEmpty
GetClientRect
SetCursorPos
GetWindowRect
IsWindow
OpenClipboard
EnumClipboardFormats
GetKeyboardLayout
WindowFromPoint
GetQueueStatus
DrawMenuBar
EqualRect
CharLowerBuffA
EnableMenuItem
ScreenToClient

kernel32

FreeLibrary
HeapSize
IsDBCSLeadByte
GetDateFormatA
MulDiv
GlobalHandle
VirtualProtect
lstrcpynA
LoadResource
Sleep
IsBadReadPtr
lstrcpyA
GlobalSize
GetTempFileNameA
TlsGetValue
WideCharToMultiByte
GetFileTime
GetDriveTypeA
FlushInstructionCache
GetStringTypeExA
GetEnvironmentStrings
GetProfileStringA
GetCurrentThreadId
_lwrite
CompareStringA
HeapDestroy
GetLocalTime
GetACP
SetFileTime
GlobalAlloc
GetStdHandle
FileTimeToLocalFileTime
CreateDirectoryA
IsBadCodePtr
lstrcmpA
lstrcmpiA
GetUserDefaultLangID
SetLastError
CreateThread
GetCommandLineA
FindClose
GetVersionExA
ResumeThread
FreeResource
MoveFileA
GetStringTypeA
ExitProcess
lstrlenA
GetModuleHandleA
MultiByteToWideChar
WaitForSingleObject
lstrcatA
GetSystemDefaultLangID
GetLocaleInfoA
GetCurrentProcess
CompareStringW
SetEnvironmentVariableA
lstrcmpiW
SizeofResource
ExitThread
GlobalAddAtomA
GetFullPathNameA
SetHandleCount
GetWindowsDirectoryA
ReadFile
GetCurrentProcessId
DeleteCriticalSection
GetLastError
GetModuleFileNameA
GlobalDeleteAtom
GetStartupInfoA
CloseHandle
FileTimeToSystemTime
InitializeCriticalSection
LoadLibraryExA
HeapReAlloc
TlsFree
CreateFileA
VirtualAlloc
GetUserDefaultLCID
SetEndOfFile
CreateEventA
UnlockFile
GlobalReAlloc
WriteFile
_llseek
GetProcAddress
FindResourceA
SetCurrentDirectoryA
FreeEnvironmentStringsW
RemoveDirectoryA
GetOEMCP
CreateProcessA
ResetEvent
InterlockedIncrement
OpenProcess
VirtualQuery
CreateProcessW
GetExitCodeProcess
_lclose
GetFileAttributesA
VirtualFree
LockResource
WinExec
CreateSemaphoreA
ReleaseSemaphore
SetErrorMode
GetSystemInfo
GetCurrentDirectoryA
FindFirstFileA
FreeEnvironmentStringsA
HeapFree
FindNextFileA
SetLocalTime
TlsAlloc
GetTempPathA
RtlUnwind
SystemTimeToFileTime
SetStdHandle
LoadLibraryA
SetFilePointer
FormatMessageA
TlsSetValue
LeaveCriticalSection
SearchPathA
GetStringTypeW
InterlockedDecrement
DeleteFileA
GetSystemDirectoryA
GlobalFree
UnhandledExceptionFilter
GetTimeZoneInformation
GlobalLock
GetModuleFileNameW
LCMapStringA
EnterCriticalSection
FormatMessageW
GetFileType
TerminateProcess
GetTickCount
FlushFileBuffers
GetCPInfo
GetShortPathNameA
GetSystemDefaultLCID
GetEnvironmentStringsW
GetVersion
GetSystemTime
HeapAlloc
RaiseException
GlobalUnlock
SetFileAttributesA
HeapCreate
LockFile
LCMapStringW
SetEvent
DuplicateHandle
_lread

samlib

SamConnectWithCreds
SamRemoveMultipleMembersFromAlias

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69ab22beabdfd81fb0d76b50ed27590b

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

ddraw

ws2_32

user32

kernel32

samlib

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 80KB

.idata Size: 11KB - Virtual size: 10KB

.rsrc Size: 10KB - Virtual size: 10KB

.rdata Size: 8KB - Virtual size: 7KB

.reloc Size: 512B - Virtual size: 56B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 80KB

.idata
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 10KB - Virtual size: 10KB

.rdata
Size: 8KB - Virtual size: 7KB

.reloc
Size: 512B - Virtual size: 56B