0ee538394d41cf6e6fb70569499e5fe9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0ee538394d41cf6e6fb70569499e5fe9_JaffaCakes118
Size

756KB
MD5

0ee538394d41cf6e6fb70569499e5fe9
SHA1

c78e0449b81b63ef77b83731a67d15cc3da3de0e
SHA256

ef60d64177821b9aa10d88866de7c718fa14677be9c7ed918f7a13f3750a8c91
SHA512

230e1ad52523fe0d6bee86d77ff681ba873b810eb1d0fb957482b9014cc3292410cbac3459d89058d9dbd249b72509127ad01f911d008a2332d66b3983b2bf29
SSDEEP

12288:YojejFK2dAj+YjGhty0GA5VTGd3y3y1VAaYWWK7oNpnJtJNH4XeL23d:YAejFaj+Y6BGOVTGN0Kd1/oHXJVL2t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ee538394d41cf6e6fb70569499e5fe9_JaffaCakes118

Files

0ee538394d41cf6e6fb70569499e5fe9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e21dc6ce1847c04563741294de65abe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleLoad
CoInitialize
CoFreeUnusedLibraries
OleIsCurrentClipboard
OleTranslateAccelerator
CoTaskMemRealloc
CoRegisterClassObject
WriteClassStg
OleFlushClipboard
CreateItemMoniker
CreateFileMoniker
GetHGlobalFromILockBytes
CreateBindCtx
CoGetInterfaceAndReleaseStream
WriteClassStm
OleCreateFromFile
OleCreateStaticFromData
CoMarshalInterThreadInterfaceInStream
OleDestroyMenuDescriptor
CoRegisterMessageFilter
RevokeDragDrop
CoUninitialize
CoReleaseMarshalData
OleRegGetUserType
CoGetClassObject
OleCreateLinkFromData
OleRegGetMiscStatus
StgIsStorageFile
StgOpenStorage
CoGetMalloc
CoCreateGuid
OleCreateLinkToFile
ReleaseStgMedium
OleDuplicateData
CoTreatAsClass
StgCreateDocfile
OleRun
CLSIDFromProgID
OleSaveToStream
OleCreate
OleRegEnumVerbs
StgOpenStorageOnILockBytes
OleGetClipboard
CoMarshalInterface
IsAccelerator
CoTaskMemFree
CoTaskMemAlloc
CoLockObjectExternal
RegisterDragDrop
OleCreateMenuDescriptor
OleUninitialize
CreateStreamOnHGlobal
CreateGenericComposite
OleLockRunning
OleSetClipboard
GetClassFile
StringFromCLSID
OleSave
CoCreateInstance
CoRevokeClassObject
CLSIDFromString
StgCreateDocfileOnILockBytes
OleIsRunning
CreateILockBytesOnHGlobal
OleGetIconOfClass
CoDisconnectObject
StgIsStorageILockBytes
OleSetMenuDescriptor
GetRunningObjectTable
OleInitialize
DoDragDrop
OleLoadFromStream

winmm

mixerGetNumDevs
mixerGetLineControlsW
waveOutRestart
waveInUnprepareHeader
waveOutUnprepareHeader
waveInGetNumDevs
mixerGetDevCapsW
waveOutPause
mixerGetControlDetailsW
mixerGetLineInfoW
waveInGetDevCapsA
waveOutReset
waveInReset
waveOutGetVolume
mixerGetID
mixerOpen
waveInPrepareHeader
waveOutPrepareHeader
waveOutSetVolume
waveInAddBuffer
mixerGetLineControlsA
mixerClose
waveInOpen
waveInClose
waveInStart
waveOutWrite
waveOutGetDevCapsA
mixerGetControlDetailsA
mixerGetLineInfoA
mixerSetControlDetails
PlaySoundW
timeGetDevCaps
timeEndPeriod

shell32

SHGetMalloc
SHGetSpecialFolderPathW
SHFileOperationW
SHFileOperationA
SHGetFolderPathW
ShellExecuteExA
Shell_NotifyIconA
SHBrowseForFolderA
SHGetFileInfoA
DragFinish
ShellExecuteA
ExtractIconA
ShellExecuteW
DragQueryFileA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetSpecialFolderPathA
ord155
SHAppBarMessage

advapi32

RegSetValueExW
RegOpenKeyExA
InitializeAcl
GetTokenInformation
SetSecurityDescriptorDacl
LookupPrivilegeValueW
OpenSCManagerW
RegEnumKeyW
LookupAccountNameW
RegEnumKeyExA
InitializeSecurityDescriptor
OpenThreadToken
SetFileSecurityW
RegDeleteValueA
RegCloseKey
RegCreateKeyW
IsValidSecurityDescriptor
DuplicateToken
RegOpenKeyW
RegQueryInfoKeyA
SetSecurityDescriptorGroup
GetUserNameW
FreeSid
RegDeleteKeyA
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCreateKeyExW
RegQueryValueW
RegCreateKeyExA
RegSetValueExA
RegQueryValueExW
RegCreateKeyA
GetFileSecurityA
CloseServiceHandle
RegOpenKeyExW
RegEnumKeyA
RegQueryValueExA
RegEnumValueA
RegQueryValueA
EqualSid
RegOpenCurrentUser
RegEnumKeyExW
AllocateAndInitializeSid
RegSetValueW
SetSecurityDescriptorOwner
GetUserNameA
RegEnumValueW
RevertToSelf
StartServiceCtrlDispatcherW
RegDeleteKeyW
OpenServiceW
RegDeleteValueW
RegisterServiceCtrlHandlerA
RegOpenKeyA
DeleteService
GetSecurityDescriptorDacl
GetFileSecurityW
AddAccessAllowedAce
DeregisterEventSource
GetLengthSid
RegisterServiceCtrlHandlerW

kernel32

GetComputerNameA
GetOEMCP
LockResource
GetDiskFreeSpaceW
CreateFileMappingA
GetEnvironmentVariableA
lstrcmpW
TlsFree
SetCurrentDirectoryA
GetStringTypeW
GetTempPathW
DeleteCriticalSection
RtlUnwind
TerminateProcess
GetLocalTime
CreateProcessW
EnumResourceLanguagesA
GetDriveTypeA
SizeofResource
OpenFile
RaiseException
GlobalLock
GetCurrentProcess
FindNextFileA
IsBadStringPtrA
GetCurrentDirectoryA
QueryPerformanceCounter
GetWindowsDirectoryW
GetConsoleOutputCP
InterlockedIncrement
WritePrivateProfileStringA
SetErrorMode
LoadLibraryW
SetFileAttributesW
CreateEventA
GetFileInformationByHandle
HeapCreate
lstrcmpiA
GetTickCount
SetEndOfFile
GetSystemDirectoryA
GetProfileIntW
GetExitCodeProcess
GetModuleFileNameA
SystemTimeToFileTime
ConvertDefaultLocale
CompareStringW
ExitThread
FreeResource
FatalAppExitA
GlobalSize
WaitForSingleObject
GetFileSize
GetVolumeInformationW
OutputDebugStringW
InitializeCriticalSection
CopyFileW
lstrcatA
IsValidLocale
GetStartupInfoW
_llseek
HeapReAlloc
GlobalFree
_lread
MoveFileW
GetSystemDefaultLangID
LockFile
IsBadWritePtr
LCMapStringW
ResumeThread
GlobalGetAtomNameA
GetStdHandle
CreateFileW
WriteConsoleW
GetCommandLineW
GetTimeFormatA
HeapAlloc
DeleteFileA
GetCurrentProcessId
MulDiv
CreateSemaphoreA
WinExec
FindFirstFileA
FileTimeToSystemTime
GetFileTime
SetEnvironmentVariableA
InterlockedCompareExchange
LeaveCriticalSection
SetStdHandle
FormatMessageA
lstrcmpA
lstrcpyA
FormatMessageW
FindCloseChangeNotification
GetVersion
CreateThread
GlobalDeleteAtom
GetPrivateProfileStringA
GetEnvironmentStringsW
FindNextFileW
GetModuleHandleA
GetConsoleMode
GetStringTypeA
GetTempPathA
DeleteFileW
LocalFileTimeToFileTime
GetProcessHeap
SearchPathA
TlsGetValue
CreateFileA
CloseHandle
WideCharToMultiByte
FreeEnvironmentStringsA
FindNextChangeNotification
ResetEvent
CreateDirectoryA
GetFileAttributesW
GetEnvironmentStrings
WriteFile
LocalAlloc
HeapDestroy
GetLocaleInfoA
RemoveDirectoryW
IsBadReadPtr
GetProcAddress
DuplicateHandle
GetCPInfo
GetConsoleCP
UnhandledExceptionFilter
MultiByteToWideChar
HeapFree
FreeLibrary
GetModuleHandleW
VirtualUnlock
FlushFileBuffers
SetLastError
GetStartupInfoA
SetHandleCount
lstrcmpiW
GetPrivateProfileIntA
GetCurrentThreadId
LoadResource
_lcreat
lstrlenA
lstrlenW
GetEnvironmentVariableW
FindClose
lstrcpynW
FreeEnvironmentStringsW
GetACP
ExitProcess
ReadFile
GetCurrentThread
GlobalHandle
VirtualFree
Sleep
GlobalFindAtomA
RemoveDirectoryA
GetTimeZoneInformation
TlsAlloc
LCMapStringA
IsDebuggerPresent
WriteConsoleA
GlobalAlloc
IsBadCodePtr
OutputDebugStringA
CreateToolhelp32Snapshot
EnterCriticalSection
GetLastError
LoadLibraryA
GetFileType
GetProcessVersion
GetCommandLineA
GetLocaleInfoW
GlobalUnlock
SetFilePointer
SetFileAttributesA
VirtualQuery
GetThreadLocale
TlsSetValue
VirtualAlloc
CompareStringA
CreateMutexA
VirtualProtect
GetFullPathNameW
UnlockFile
LocalFree
GetSystemTime
SetThreadPriority
GetFileAttributesA
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
SetEvent
OpenMutexA
LocalReAlloc
InterlockedDecrement
GlobalAddAtomA
HeapSize
FindResourceA
InterlockedExchange
FileTimeToLocalFileTime
GlobalFlags
GetVersionExA

comctl32

ImageList_GetImageCount
ImageList_DragEnter
ImageList_SetBkColor
ImageList_DragLeave
ImageList_ReplaceIcon
CreatePropertySheetPageA
ImageList_DragShowNolock
ImageList_Draw
DestroyPropertySheetPage
ImageList_Create
PropertySheetA
ImageList_GetIconSize
ImageList_Duplicate
ImageList_GetIcon
ImageList_SetImageCount
ImageList_DrawEx
_TrackMouseEvent
ImageList_LoadImageA
ImageList_GetBkColor
ImageList_Add
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_BeginDrag
CreatePropertySheetPageW
ImageList_SetOverlayImage
ord17
ImageList_Destroy
ImageList_EndDrag
ImageList_AddMasked
CreateStatusWindowW
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_Replace

user32

TranslateAcceleratorA
DrawIcon
FillRect
SystemParametersInfoA
GetMessageTime
ShowOwnedPopups
SetPropA
TranslateMDISysAccel
SetActiveWindow
GetWindowTextLengthA
TranslateAcceleratorW
GetKeyNameTextW
ShowCaret
CreateAcceleratorTableA
SetScrollInfo
ScrollWindow
LoadCursorA
SetCapture
WindowFromPoint
LoadIconW
DestroyIcon
GetKeyState
LoadCursorW
RegisterClassA
DrawEdge
CheckRadioButton
SendDlgItemMessageA
DrawMenuBar
IsWindowEnabled
HideCaret
SetCursorPos
GetWindowPlacement
SetForegroundWindow
TranslateMessage
GetClipboardData
IsChild
GetNextDlgGroupItem
DestroyWindow
LoadImageA
OffsetRect
CreateCaret
IsWindowUnicode
GetWindow
CharNextA
TabbedTextOutA
ValidateRect
DdeInitializeA
GetKeyboardLayout
CreateWindowExA
SetDlgItemTextA
DeleteMenu
CreateDialogIndirectParamA
DdeUninitialize
GetSysColorBrush
GetDlgItemTextA
GetFocus
ModifyMenuW
CreateMenu
PostThreadMessageA
CheckMenuRadioItem
GetDC
RegisterWindowMessageW
SendMessageA
SetScrollPos
IsWindowVisible
mouse_event
SetWindowTextW
GetUpdateRgn
SetRect
RegisterClassW
CharLowerA
EmptyClipboard
InvalidateRgn
CreateDialogParamA
AppendMenuA
EndDialog
GetMenuState
ClientToScreen
GetMenuItemCount
InflateRect
SetWindowLongA
GetSystemMenu
SetTimer
GetMessageA
DefMDIChildProcA
SendMessageTimeoutW
GetComboBoxInfo
GetUpdateRect
IsIconic
GetSysColor
GetKeyboardState
GetMenuItemID
SetWindowsHookExA
LoadAcceleratorsA
CreatePopupMenu
BringWindowToTop
GetWindowLongA
GetParent
SetClipboardData
InsertMenuA
UnionRect
IntersectRect
GetClipboardFormatNameA
IsRectEmpty
PostMessageA
WaitForInputIdle
RegisterClipboardFormatA
CreateIconIndirect
DispatchMessageA
EnableWindow
PtInRect
MsgWaitForMultipleObjects
DeferWindowPos
AdjustWindowRectEx
GetMenuDefaultItem
GetScrollRange
PostQuitMessage
WinHelpA
DestroyCursor
InvalidateRect
GetWindowThreadProcessId
CopyAcceleratorTableA
LoadMenuA
GetWindowDC
GetWindowTextA
wvsprintfA
KillTimer
LoadImageW
ShowScrollBar
CallWindowProcW
DdeDisconnect
BeginPaint
EndDeferWindowPos
RedrawWindow
DrawIconEx
GetCursorPos
MessageBeep
PeekMessageW
ShowWindow
GetScrollPos
CopyRect
GrayStringA
BeginDeferWindowPos
PostMessageW
SetWindowContextHelpId
IsMenu
CreateWindowExW
LoadIconA
GetDlgCtrlID
IsCharAlphaNumericA
SetScrollRange
GetActiveWindow
wsprintfA
RegisterClassExA
GetSystemMetrics
SetMenuDefaultItem
GetLastActivePopup
DdeClientTransaction
PeekMessageA
DrawFocusRect
DefWindowProcW
GetNextDlgTabItem
GetTopWindow
SetFocus
GetMenu
UnregisterClassA
GetIconInfo
DrawTextA
GetClassLongA
GetMenuCheckMarkDimensions
GetClassInfoExA
LoadMenuW
WindowFromDC
FindWindowA
SetWindowPlacement
RemoveMenu
SetDlgItemInt
GetMenuItemInfoA
RemovePropA
SetWindowRgn
DestroyMenu
CallNextHookEx
SetCursor
ExitWindowsEx
GetKeyNameTextA
GetCapture
GetScrollInfo
LoadAcceleratorsW
SetParent
GetClassNameW
ScreenToClient
MoveWindow
UnhookWindowsHookEx
MapVirtualKeyW
SetWindowTextA
SetClassLongA
GetWindowLongW
SetWindowPos
SendMessageW
DestroyAcceleratorTable
InvertRect
IsZoomed
GetDlgItem
AppendMenuW
GetDesktopWindow
IsDialogMessageW
IsCharLowerA
IsDialogMessageA
IsDlgButtonChecked
RegisterWindowMessageA
SetWindowLongW
MapDialogRect
DefWindowProcA
TrackPopupMenu
ClipCursor
LoadBitmapA
GetClientRect
SetMenu
EqualRect
MessageBoxA
GetPropA
EndPaint
CharUpperA
GetClassInfoA
GetMenuStringA
IsWindow
ReleaseCapture
ModifyMenuA
LockWindowUpdate
ReleaseDC
EnumWindows
MapWindowPoints
SetMenuItemBitmaps
GetForegroundWindow
IsClipboardFormatAvailable
DragDetect
GetAsyncKeyState
GetWindowTextW
GetWindowRect
AttachThreadInput
UpdateWindow
CallWindowProcA
SetRectEmpty
CheckMenuItem

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 456KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e21dc6ce1847c04563741294de65abe

Headers

File Characteristics

Imports

ole32

winmm

shell32

advapi32

kernel32

comctl32

user32

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 456KB - Virtual size: 455KB

.data Size: 144KB - Virtual size: 166KB

.rsrc Size: 64KB - Virtual size: 63KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 456KB - Virtual size: 455KB

.data
Size: 144KB - Virtual size: 166KB

.rsrc
Size: 64KB - Virtual size: 63KB