0d39d5d55e5e035bd1586c828eb98e7b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0d39d5d55e5e035bd1586c828eb98e7b_JaffaCakes118
Size

56KB
MD5

0d39d5d55e5e035bd1586c828eb98e7b
SHA1

defb30ff8f6d181e53106bbfe3ae7e39d659d92f
SHA256

6342009e70f29a9f25617dbdfb85e67dec292a5585bdee2f11469a9c47611d32
SHA512

b04ee07ae602f6178a9d0bed974a536fbf9cff4d8038ca203dcb6792886c22ad9bf7dcb7187f3b9267946fccbbd0b40a0828a512d915419c92d231d34e43122b
SSDEEP

768:DadaE737uUmJ4LnPorh2GNVU9paA2Pewda4m4Q03qfOsHorVcauqyFC:udf7ruWPork4AFwdc06mNrVbIFC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d39d5d55e5e035bd1586c828eb98e7b_JaffaCakes118

Files

0d39d5d55e5e035bd1586c828eb98e7b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b96ca7a379a5053e10628944665891e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAppendW
StrToIntW

cmdial32

AutoDialFunc

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFolderPathW
SHGetMalloc

kernel32

TryEnterCriticalSection
LocalAlloc
GetSystemTimeAsFileTime
FindClose
LoadResource
GlobalAlloc
CreateFileW
FreeLibrary
InterlockedDecrement
GetTempFileNameW
lstrcpyW
IsBadWritePtr
WritePrivateProfileSectionW
VirtualAlloc
GetTempPathW
SizeofResource
GetUserDefaultLangID
CompareStringW
GetSystemDirectoryW
DeleteCriticalSection
HeapFree
GetModuleFileNameW
CloseHandle
SetLastError
lstrcmpW
IsBadStringPtrW
LockResource
lstrcpynW
LoadLibraryExA
FreeConsole
GetTickCount
GetModuleHandleW
lstrlenW
GetUserDefaultUILanguage
LoadLibraryW
SetCurrentDirectoryW
FindResourceW
LeaveCriticalSection
GetVersion
CreateEventW
TerminateProcess
LoadLibraryExW
WideCharToMultiByte
GetProcessHeap
MultiByteToWideChar
ExpandEnvironmentStringsW
FindFirstFileW
GetModuleHandleA
SetEvent
GetSystemWindowsDirectoryW
GetCurrentThreadId
GlobalUnlock
GetCurrentThread
ReadFile
HeapAlloc
GetThreadLocale
lstrcatW
WritePrivateProfileStringW
OutputDebugStringW
Sleep
GlobalLock
LocalReAlloc
UnhandledExceptionFilter
CreateDirectoryW
QueryPerformanceCounter
LocalFree
DeleteFileW
CreateProcessW
GetExitCodeThread
GlobalFree
SetFilePointer
GetProcAddress
EnterCriticalSection
lstrcmpiW
CopyFileW
SetUnhandledExceptionFilter
GetCurrentProcess
LoadLibraryA
GetFileAttributesW
OutputDebugStringA
GetLastError
CreateThread
FormatMessageW
InitializeCriticalSection
GetCurrentProcessId
GetWindowsDirectoryW
SetThreadLocale
WaitForSingleObject

advapi32

GetTokenInformation
GetLengthSid
OpenThreadToken
LookupAccountNameW
SetSecurityDescriptorSacl
ConvertSidToStringSidW
RegSetValueExW
CopySid
LookupPrivilegeDisplayNameW
SetSecurityDescriptorOwner
MapGenericMask
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
IsTextUnicode
RegCloseKey
AllocateAndInitializeSid
GetSecurityDescriptorControl
RegDeleteValueW
LsaClose
InitializeSecurityDescriptor
LookupAccountSidW
IsValidSid
LsaQueryInformationPolicy
LsaLookupSids
GetSecurityDescriptorLength
GetSecurityDescriptorDacl
RegQueryValueExW
OpenProcessToken
SetSecurityDescriptorDacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
FreeSid
GetSecurityDescriptorSacl
MakeSelfRelativeSD
LsaOpenPolicy
RegQueryInfoKeyW
GetSecurityDescriptorOwner
IsValidSecurityDescriptor
LsaFreeMemory
CreateWellKnownSid
EqualSid
ConvertSecurityDescriptorToStringSecurityDescriptorW

user32

AppendMenuW
SetWindowPos
IsWindowEnabled
LoadCursorW
MsgWaitForMultipleObjects
MoveWindow
PostMessageW
CreatePopupMenu
SetScrollInfo
GetSystemMetrics
GetSysColorBrush
RedrawWindow
PostThreadMessageW
ScreenToClient
SendMessageW
MessageBoxW
GetFocus
BringWindowToTop
IsClipboardFormatAvailable
IsWindowVisible
SystemParametersInfoW
SetScrollPos
ScrollWindow
GetWindowLongW
DestroyIcon
PeekMessageW
ChildWindowFromPointEx
FrameRect
MapDialogRect
PtInRect
GetMessagePos
SetFocus
GetDlgCtrlID
GetWindowRect
SendDlgItemMessageW
ShowWindow
DispatchMessageW
GetWindow
GetDlgItem
LoadImageW
IsWindow
wsprintfW
EnableWindow
ReleaseDC
GetScrollInfo
MapWindowPoints
OpenClipboard
TrackPopupMenu
LoadStringW
SetWindowLongW
LoadIconW
SetCursor
DrawFocusRect
InflateRect
CloseClipboard
DestroyWindow
WinHelpW
RegisterClipboardFormatW
SetWindowTextW
DefWindowProcW
SetClipboardData
TranslateMessage
GetParent
CreateWindowExW
RegisterClassW
EmptyClipboard
GetDC
LoadBitmapW
SetScrollRange
GetClientRect
GetSysColor

ole32

CoTaskMemAlloc
StringFromCLSID
CoCreateInstance
CoInitialize
CreateStreamOnHGlobal
StringFromGUID2
CoUninitialize
CoSetProxyBlanket
ReleaseStgMedium
CoTaskMemFree

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

scecli

SceCopyBaseProfile
SceGetSecurityProfileInfo
SceAddToNameList
SceSvcUpdateInfo
SceCompareSecurityDescriptors
SceAddToNameStatusList
SceGetScpProfileDescription
SceGetServerProductType
SceUpdateSecurityProfile
SceFreeMemory
SceUpdateObjectInfo
SceFreeProfileMemory
SceAnalyzeSystem
SceLookupPrivRightName
SceSvcConvertTextToSD
SceConfigureSystem
SceSvcQueryInfo
SceCompareNameList
SceSvcFree
SceCreateDirectory
SceCommitTransaction
SceStartTransaction
SceCloseProfile
SceGetObjectSecurity
SceEnumerateServices
SceAppendSecurityProfileInfo
SceSvcSetInformationTemplate
SceSvcGetInformationTemplate
SceOpenProfile
SceRollbackTransaction
SceWriteSecurityProfileInfo
SceGetObjectChildren

netapi32

DsGetDcNameW
NetApiBufferFree

gdi32

SetMapMode
GetTextExtentPoint32W
SetTextColor
SetBkColor
SelectObject
CreateCompatibleDC
GetPixel
SetBkMode
GetStockObject

activeds

ADsEncodeBinaryData
FreeADsMem

msvcrt

_CxxThrowException
malloc
wcscmp
_findclose
_except_handler3
_initterm
__RTDynamicCast
wcsncpy
wcscpy
_wfindfirst
_wcsicmp
_purecall
wcschr
_adjust_fdiv
_onexit
vswprintf
setlocale
_wfindnext
__dllonexit
wcstoul
_wchdir
wcslen
__CxxFrameHandler
_wcslwr
wcscat
_wtol
free
swprintf
_wtoi
_wcsnicmp

atl

AtlAxGetHost

atmlib

ATMAddFontA

Sections

.text
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0b96ca7a379a5053e10628944665891e

Headers

File Characteristics

Imports

shlwapi

cmdial32

shell32

kernel32

advapi32

user32

ole32

version

scecli

netapi32

gdi32

activeds

msvcrt

atl

atmlib

Sections

.text Size: 512B - Virtual size: 492B

.rdata Size: 12KB - Virtual size: 11KB

.rsrc Size: 33KB - Virtual size: 32KB

.idata Size: 9KB - Virtual size: 9KB

.data Size: - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 492B

.rdata
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 33KB - Virtual size: 32KB

.idata
Size: 9KB - Virtual size: 9KB

.data
Size: - Virtual size: 1.3MB