0dc7efb3dddc26d6bd6defaef2692616_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0dc7efb3dddc26d6bd6defaef2692616_JaffaCakes118
Size

79KB
MD5

0dc7efb3dddc26d6bd6defaef2692616
SHA1

a5cb10ed18b6a1ab8290f6d06f01307adbcea1bb
SHA256

7803a9ec1db94d6ddbb63a2f5d292b6322e87b21a20ca8395d9d5c5d53cec91d
SHA512

373b119c68b14c7086330e4d20a636f7082bb96b75f557dfc9307f615cfc39db283863ba92b052bf951ae9e1f78c957cbbf2ae05ca72d490768b0a6593d8bc61
SSDEEP

1536:GkfDn1/ba28pA6iv74ZUJvw8FqUFHwp2iDgg1F3cCsQ3cCsirPW1kEtIDHaPXMiv:GYDn1/Fr3v74iw8rFk/DHsQHsMPW1z+U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dc7efb3dddc26d6bd6defaef2692616_JaffaCakes118

Files

0dc7efb3dddc26d6bd6defaef2692616_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44a924eab80b9f0b0f1d0c4f4393f54c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
OpenEventW
OpenWaitableTimerW
GetEnvironmentVariableW
WideCharToMultiByte
GetLocaleInfoW
SetThreadPriority
GetStringTypeExA
SuspendThread
OpenMutexA
GetNamedPipeInfo
LockFile
QueryDosDeviceA
InitializeCriticalSectionAndSpinCount
EscapeCommFunction
ReadDirectoryChangesW
FormatMessageW
CompareFileTime
HeapSize
GetUserDefaultLangID
BuildCommDCBAndTimeoutsA
IsDBCSLeadByte
GlobalSize
AllocConsole
GetExitCodeProcess
GetProcessAffinityMask
GetEnvironmentVariableA
GetConsoleTitleA
FileTimeToLocalFileTime
ProcessIdToSessionId
BackupWrite
GlobalAddAtomW
GetACP
QueryPerformanceCounter
ReadConsoleOutputCharacterW
FreeResource
LocalReAlloc
SetConsoleCP
GetLogicalDriveStringsA
GetVersionExW
GetProcessVersion
Process32Next
GetTapePosition
WriteProfileStringW
VirtualQueryEx
GetConsoleScreenBufferInfo
GetBinaryTypeW
SetConsoleDisplayMode
GetDefaultCommConfigW
GetLocaleInfoA
SystemTimeToTzSpecificLocalTime
_lcreat
GetSystemTime
SetConsoleOutputCP
DeleteFileA
SetFileTime
GetThreadPriority
CreateEventW
GetPrivateProfileSectionNamesW
ReplaceFileA
GetFileInformationByHandle
GetDateFormatA
GetSystemDefaultLangID
HeapDestroy
TerminateProcess
Module32Next
RtlFillMemory
GetSystemWindowsDirectoryA
GetVolumePathNameW
UpdateResourceA
SetProcessWorkingSetSize
WriteProfileStringA
RaiseException
SetCommTimeouts
VirtualProtect
lstrlen
GlobalFindAtomW
HeapWalk
ExpandEnvironmentStringsW
SetConsoleCursor
FindFirstFileW
OpenMutexW
GetPrivateProfileSectionNamesA
WritePrivateProfileStructW
GetCompressedFileSizeA
WriteConsoleW
WaitForSingleObjectEx
TryEnterCriticalSection
FindVolumeClose
GetDriveTypeA
GlobalAlloc
MoveFileWithProgressA
GetAtomNameA
CreateIoCompletionPort
FreeUserPhysicalPages
GetThreadSelectorEntry
lstrcmpiA
WritePrivateProfileSectionW
lstrcpyW
LocalCompact
GetNumberOfConsoleInputEvents
GetUserDefaultUILanguage
DeleteTimerQueueEx
GlobalFree
SetVolumeLabelW
FillConsoleOutputCharacterA
GetConsoleAliasExesLengthW
IsSystemResumeAutomatic
GetComputerNameW
SetCommState
FindNextFileW
EnumDateFormatsExA
EnumSystemLanguageGroupsA
CompareStringA
GetThreadTimes
GenerateConsoleCtrlEvent
OpenJobObjectA
BuildCommDCBAndTimeoutsW
TerminateThread
TerminateJobObject
SetPriorityClass
WaitNamedPipeW
SetThreadAffinityMask
TransmitCommChar
SetStdHandle
GetSystemDefaultUILanguage
GetNumberFormatW
GetNamedPipeHandleStateW
FileTimeToDosDateTime
GetVolumeInformationW
InterlockedCompareExchange
CreateDirectoryExA
GetFileAttributesExA
CreateDirectoryW
lstrcpynA
ConnectNamedPipe
SetLocaleInfoW
CreateNamedPipeW
SetWaitableTimer
GlobalAddAtomA
GetLocalTime
WritePrivateProfileStringW
FindAtomW
OpenSemaphoreW
ReadConsoleOutputCharacterA
GlobalFix
CancelTimerQueueTimer
WritePrivateProfileSectionA
RequestDeviceWakeup
ReplaceFile
SetConsoleCtrlHandler
ReplaceFileW
HeapAlloc
AreFileApisANSI
FindFirstVolumeMountPointA
SetCurrentDirectoryW
GetBinaryTypeA
GlobalFindAtomA
GetVersionExA
FindNextVolumeMountPointA
GetProfileSectionA
SetConsoleActiveScreenBuffer
GlobalWire
GlobalReAlloc
EnumResourceLanguagesA
FindResourceExA
LoadResource
GetFullPathNameW
FindClose
EnumLanguageGroupLocalesA
MapUserPhysicalPagesScatter
EnumSystemLocalesW
VirtualFreeEx
CreateWaitableTimerW
GetTimeFormatW
GetDiskFreeSpaceExA
SetHandleInformation
IsValidLanguageGroup
GetWindowsDirectoryA
SetVolumeMountPointA
GetCommProperties
ClearCommError
CreateDirectoryA
GetCurrentDirectoryW
FreeEnvironmentStringsA
RemoveDirectoryW
UnlockFile
CreateJobObjectW
GetNumberFormatA
SetLocaleInfoA
LockResource
CreateConsoleScreenBuffer
QueryInformationJobObject
GlobalHandle
VerifyVersionInfoA
WaitNamedPipeA
FileTimeToSystemTime
SetProcessPriorityBoost
GetConsoleAliasesLengthA
Toolhelp32ReadProcessMemory
GetSystemPowerStatus
CompareStringW
CreateTimerQueueTimer
DeleteFileW
GetCommandLineW
SetDefaultCommConfigA
GetConsoleFontSize
GetCurrentProcess
LocalAlloc
GlobalDeleteAtom
Process32FirstW
GetThreadLocale
WriteConsoleOutputAttribute
ReadFileEx
GetTimeFormatA
QueueUserWorkItem
GetPriorityClass
CreateTapePartition
SetLocalTime
WriteProcessMemory
CreateMailslotW
ResetWriteWatch
TlsAlloc
OpenProcess
SetComputerNameExW
GetProcessHeap
GetDefaultCommConfigA
SleepEx
EnumResourceNamesW
EnumCalendarInfoA
GetVolumePathNameA
EnumDateFormatsW
GetProcessIoCounters
FillConsoleOutputCharacterW
BackupSeek
GetThreadPriorityBoost
EnumResourceTypesA
SetUnhandledExceptionFilter
GetBinaryType
GetCommState
VerifyVersionInfoW
EnumSystemLanguageGroupsW
VirtualAlloc
LoadLibraryA
GetProcAddress

user32

FindWindowExW
ActivateKeyboardLayout
BroadcastSystemMessageA
CreateIcon
VkKeyScanExW
GetMouseMovePointsEx
SetWindowsHookExA
EnumDisplayDevicesA
DrawStateW
MsgWaitForMultipleObjects
GetKeyState
LoadMenuIndirectW
ShowWindowAsync
EnumWindows
SetWindowWord
CreateAcceleratorTableW
ClipCursor
GetClipboardFormatNameW
VkKeyScanW
TranslateMDISysAccel
SetPropW
RegisterClassExW
GetMenu
CharUpperA
DispatchMessageW
GetMessagePos
GetFocus
OemKeyScan
SetMessageQueue
AttachThreadInput
GetClassInfoW
DlgDirListA
CopyRect
SetMessageExtraInfo
GetTabbedTextExtentW
GetSystemMetrics
EndTask
CharToOemBuffA
GetKeyboardLayout
GetKeyboardLayoutNameA
DrawFrameControl
MoveWindow
OpenWindowStationW
PostQuitMessage
LoadStringA
GetGUIThreadInfo
MessageBoxA
GetAltTabInfoW
GetQueueStatus
GetKeyboardState
InsertMenuW
GetPropA
GetDlgItemTextA
DdeUninitialize
EnumDisplaySettingsA
IsDlgButtonChecked
WindowFromPoint
TileChildWindows
GetKBCodePage
SetWindowPos
MessageBoxIndirectW
ChangeDisplaySettingsExW
BringWindowToTop
GetClassLongW
GetMenuState
GetDialogBaseUnits
SendNotifyMessageW
SetCaretPos
SetWindowsHookW
GetClipboardFormatNameA
SetWindowPlacement
GetMenuInfo
EnumPropsExA
CreateDialogParamW
SetPropA
GetDlgItemInt
EnableWindow
GetMenuItemInfoW
mouse_event
DefFrameProcA
ImpersonateDdeClientWindow
GetWindowPlacement
ShowCaret
CheckMenuItem
SetDlgItemInt
SetDlgItemTextA
GetMenuStringW
DrawMenuBar
CreateDesktopW
CopyIcon
SetCaretBlinkTime
DdeCmpStringHandles
IsDialogMessageA
CreateCaret
GetNextDlgTabItem
ScrollDC
CharLowerBuffA
DdeAbandonTransaction
CreateMDIWindowW
ScrollWindow
GetAltTabInfoA
MapVirtualKeyA
IsWindowEnabled
IsWindowUnicode
GetClassNameA
RegisterDeviceNotificationA
IMPGetIMEW
MenuItemFromPoint
TranslateMessage
DefFrameProcW
SetProcessDefaultLayout
CharToOemW
OffsetRect
GetWindowTextA
IsHungAppWindow
GetWindowRgn
SetCapture
RegisterClipboardFormatW
GetInputDesktop
LoadImageA
GetWindowModuleFileNameA
SetParent
CreateWindowExA
EnumClipboardFormats
ValidateRgn
ScrollWindowEx
ChildWindowFromPointEx
ToAsciiEx
AnimateWindow
RemovePropA
LoadCursorFromFileW
OemToCharBuffA
OpenClipboard
SystemParametersInfoA
GetPropW
FindWindowA
FrameRect
wsprintfW
GetMonitorInfoA
LoadKeyboardLayoutW
LoadBitmapA
LoadIconA
GrayStringW
GetClassInfoExW
LoadBitmapW
DdeNameService
UnhookWindowsHookEx
InflateRect
LockWorkStation
SystemParametersInfoW
GetWindowLongW
IsClipboardFormatAvailable
CharNextExA
GetKeyNameTextA
DdeCreateStringHandleW
GetCursorPos
EnumDisplaySettingsW
RegisterClassExA
DestroyCaret
DrawCaption
GetClassInfoA
TranslateAcceleratorW
GetUpdateRect
DlgDirSelectExW
ToAscii
CopyImage
RegisterDeviceNotificationW
DdeQueryConvInfo
GetSysColor
GetClassInfoExA
DrawStateA
GetDlgItemTextW
GetWindowDC
OpenDesktopA
GetAncestor
EnumDisplayMonitors
LookupIconIdFromDirectoryEx
DdeInitializeA
SendNotifyMessageA
CheckMenuRadioItem
EnumWindowStationsW
GetCursor
GetCapture
UnpackDDElParam
SetWindowLongA
IsZoomed
CopyAcceleratorTableA
MonitorFromWindow
SendMessageA
IsRectEmpty
GetWindowLongA
PaintDesktop
CreateWindowExW
SubtractRect
SetScrollRange
LookupIconIdFromDirectory
CheckRadioButton
CreateMenu
MessageBoxW
DdeUnaccessData
WaitMessage
SendMessageTimeoutW
SetWindowTextA
DrawTextW
EnumDisplaySettingsExA
GetDlgItem
GetWindowWord
GetWindowModuleFileNameW
DdeFreeStringHandle
GetAsyncKeyState
TrackPopupMenuEx
EndMenu
UnregisterClassA
RegisterClipboardFormatA
IsDialogMessage
SetRect
LoadMenuW
CopyAcceleratorTableW
DdeKeepStringHandle
GetMenuBarInfo
GetClipboardData
EndDeferWindowPos
SetShellWindow
SendMessageTimeoutA
SetKeyboardState
CreateIconFromResource
SetWindowsHookA
ReplyMessage
CountClipboardFormats
GetInputState
CharToOemBuffW
IntersectRect
SendInput
RegisterHotKey
GetKeyboardType
RegisterWindowMessageA
EnumDesktopsW
CharToOemA
ChangeClipboardChain
DialogBoxIndirectParamA
SetMenu
DdeInitializeW
CreateWindowStationA
DragDetect

msvcrt

memcpy

comdlg32

GetFileTitleW
ChooseFontW
ChooseColorW
GetSaveFileNameW
PrintDlgExW
GetOpenFileNameW
FindTextA
ChooseColorA
PrintDlgW
GetSaveFileNameA
ReplaceTextW
GetFileTitleA
CommDlgExtendedError
ReplaceTextA
PrintDlgA
ChooseFontA
GetOpenFileNameA
PageSetupDlgW
PrintDlgExA
PageSetupDlgA
FindTextW

advapi32

RegOpenKeyExA

shell32

SHCreateDirectoryExW
SHQueryRecycleBinA
DoEnvironmentSubstA
ExtractIconEx
ExtractAssociatedIconExA
Shell_NotifyIconA
SHBindToParent
ShellExecuteEx
ShellExecuteExW
ExtractIconExW
ShellExecuteW
ExtractIconA
SHGetSpecialFolderPathW
SHIsFileAvailableOffline
SHGetFolderPathA
SHBrowseForFolderA
ExtractIconExA
DragAcceptFiles
ShellExecuteExA
SHGetDataFromIDListW
SHGetInstanceExplorer
SHGetMalloc
SHCreateProcessAsUserW
SHQueryRecycleBinW
SHFreeNameMappings
DragQueryPoint
ShellAboutA
SHAddToRecentDocs
SHGetPathFromIDListA
SHGetFileInfoW
Shell_NotifyIcon
SHLoadNonloadedIconOverlayIdentifiers
FindExecutableW
WOWShellExecute
DragFinish
SHEmptyRecycleBinW
SHGetDesktopFolder
DuplicateIcon
SHGetFileInfo
SHGetSettings
DoEnvironmentSubstW
SHFileOperationW
SHBrowseForFolder
ExtractIconW
SHInvokePrinterCommandW
SHGetSpecialFolderPathA
Shell_NotifyIconW
DragQueryFile
SHGetFolderLocation
SHGetDiskFreeSpaceA
SHGetDiskFreeSpaceExW
FindExecutableA
SHFileOperation
CheckEscapesW
SHGetFolderPathW
ShellAboutW
SHBrowseForFolderW
SHFileOperationA
SHGetDataFromIDListA
SHGetDiskFreeSpaceExA
SHGetFileInfoA
SHCreateDirectoryExA
DragQueryFileA
SHEmptyRecycleBinA
SHFormatDrive
DragQueryFileAorW
ShellExecuteA
SHPathPrepareForWriteA
SHGetSpecialFolderLocation
SHPathPrepareForWriteW
ExtractAssociatedIconA
SHInvokePrinterCommandA
SHChangeNotify
SHGetPathFromIDListW
DragQueryFileW
ExtractAssociatedIconW
SHAppBarMessage
ShellHookProc
SHLoadInProc
SHGetPathFromIDList
ExtractAssociatedIconExW

shlwapi

StrCmpNA
StrChrIW
StrStrIW
StrRChrIW
StrCmpNIW
StrStrA
StrRStrIA
StrStrW
StrStrIA
StrCmpNIA
StrChrW
StrRChrA
StrChrA
StrRChrIA
StrRChrW
StrChrIA
StrRStrIW

comctl32

ord3
ImageList_SetBkColor
ImageList_Copy
DrawStatusText
FlatSB_GetScrollProp
ord8
UninitializeFlatSB
ord2
ImageList_DrawEx
ImageList_DragMove
ImageList_DragLeave
ImageList_GetBkColor
ImageList_AddIcon
_TrackMouseEvent
GetMUILanguage
PropertySheet
ImageList_LoadImage
ImageList_GetDragImage
ImageList_GetImageCount
ImageList_DrawIndirect
ord17
ImageList_Merge
ord4
ImageList_SetFilter
FlatSB_EnableScrollBar
CreatePropertySheetPageW
ImageList_Duplicate
ImageList_EndDrag
ImageList_SetIconSize
ord15
FlatSB_GetScrollInfo
ord6
ImageList_Write
ord14
ImageList_Remove
DrawStatusTextW
FlatSB_SetScrollProp
ImageList_Draw
FlatSB_ShowScrollBar
ImageList_SetDragCursorImage
ImageList_BeginDrag
InitializeFlatSB
ImageList_LoadImageA
InitCommonControlsEx
ImageList_SetOverlayImage
PropertySheetW
ImageList_Add
CreateStatusWindowW
ImageList_DragEnter
ImageList_SetImageCount
ImageList_GetIcon
ImageList_LoadImageW
ImageList_Create
ImageList_GetIconSize
FlatSB_SetScrollInfo
ImageList_DragShowNolock
ord7
ord5
FlatSB_SetScrollRange
FlatSB_GetScrollPos
ImageList_GetImageRect
FlatSB_GetScrollRange
ord16
CreateToolbarEx
FlatSB_SetScrollPos
ImageList_Replace
CreatePropertySheetPageA
ImageList_Destroy
CreatePropertySheetPage
DestroyPropertySheetPage
ord13
ImageList_Read
ImageList_ReplaceIcon
ImageList_AddMasked
InitMUILanguage
ImageList_GetImageInfo
PropertySheetA

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44a924eab80b9f0b0f1d0c4f4393f54c

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

comdlg32

advapi32

shell32

shlwapi

comctl32

Sections

.text Size: 51KB - Virtual size: 51KB

.data Size: 19KB - Virtual size: 18KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 51KB - Virtual size: 51KB

.data
Size: 19KB - Virtual size: 18KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 4KB