14a57d0a0a25ee493b479f7c2ce4c8f6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

14a57d0a0a25ee493b479f7c2ce4c8f6_JaffaCakes118
Size

86KB
MD5

14a57d0a0a25ee493b479f7c2ce4c8f6
SHA1

216dd4bc519bd24241fae8b94774072eb98dcc97
SHA256

dc278e2452d5a812d8d4b8b8fd69fea72d3c3afd731d0f872abb1451d42b8124
SHA512

31c208ab47fb732befafe96cc9a6949ba94812748ff7456f4135f5ca5c2085a9295fe79e2814b46eaa4f987c33cc04b283306e6a6c99b6acf2fba9471d5c678f
SSDEEP

1536:9RpybXf7i2eXnxepCsBwajxo4dBGr0UUDxh8StznpUHDHAVg0K629Xrau4jh5Oax:zpyjffmxHQwZ4vGo1h/t7pGgVLK79X1U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14a57d0a0a25ee493b479f7c2ce4c8f6_JaffaCakes118

Files

14a57d0a0a25ee493b479f7c2ce4c8f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7dbdc202d2726aff687021f12a266fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleQueryLinkFromData
OleCreateLinkFromDataEx
RegisterDragDrop
StgOpenAsyncDocfileOnIFillLockBytes
StgCreateStorageEx
CoQueryProxyBlanket
CoGetPSClsid
CoGetObject
ReadClassStm
OleDraw
CoUninitialize
CoMarshalInterface
WriteClassStg
CoMarshalHresult
CreateObjrefMoniker
FreePropVariantArray
CoFileTimeToDosDateTime
CoInitialize
DllDebugObjectRPCHook
OleGetClipboard
OleConvertOLESTREAMToIStorage
StgOpenStorageEx
OleSetContainedObject
CoUnmarshalHresult
OleNoteObjectVisible
CoQueryAuthenticationServices
RevokeDragDrop
OleConvertIStorageToOLESTREAM
CreateBindCtx
OleDuplicateData
OleCreateMenuDescriptor
CoFileTimeNow
CoCreateFreeThreadedMarshaler
CoAddRefServerProcess
StgOpenStorage
CoRegisterMessageFilter
ReadClassStg
CoGetStandardMarshal
OleRegEnumFormatEtc
OleRegGetMiscStatus
CoGetMalloc
OleUninitialize
OleInitialize
CLSIDFromString
CoGetClassObject
CoImpersonateClient
CreateOleAdviseHolder
OleIsRunning
ReadFmtUserTypeStg
OleLoadFromStream
CoResumeClassObjects
StgGetIFillLockBytesOnILockBytes
UtGetDvtd16Info
SetDocumentBitStg
GetHGlobalFromILockBytes
OleGetIconOfFile
MonikerCommonPrefixWith
OleCreateLinkToFile
OleDoAutoConvert
OleSaveToStream
CoTaskMemAlloc
CoRegisterSurrogate
CoCopyProxy
StgOpenStorageOnILockBytes
CoGetCallContext
PropVariantCopy
StgIsStorageILockBytes
CreateDataAdviseHolder
OleRegGetUserType
CoTreatAsClass
CoInitializeSecurity
OleCreateFromFileEx
GetClassFile
GetConvertStg
OleGetIconOfClass
OleCreateFromFile
GetHGlobalFromStream
UtConvertDvtd16toDvtd32
OleSetMenuDescriptor
OleQueryCreateFromData
OleCreateEmbeddingHelper
CoRegisterClassObject
EnableHookObject
DoDragDrop
CoGetCallerTID
SetConvertStg
CoReleaseMarshalData
IsAccelerator
ReadOleStg
CoSwitchCallContext
CoFreeLibrary
OleSetClipboard
StgGetIFillLockBytesOnFile
OleGetAutoConvert
OleRegEnumVerbs
CoQueryClientBlanket
WriteStringStream
OleTranslateAccelerator
GetRunningObjectTable
OleIsCurrentClipboard
CoCreateInstanceEx
BindMoniker

kernel32

GetProfileIntA
SwitchToFiber
GetOEMCP
OpenWaitableTimerW
FormatMessageA
LoadLibraryA
CopyFileW
SetThreadPriority
GetTempPathW
GetComputerNameA
SetConsoleScreenBufferSize
lstrcpyA
GetDiskFreeSpaceA
LockFileEx
SleepEx
GetThreadPriorityBoost
InitializeCriticalSectionAndSpinCount
GetThreadContext
UnlockFile
CreateEventA
GetCurrentDirectoryW
WriteConsoleOutputW
GetPrivateProfileIntW
GetFileAttributesA
GetProcessHeaps
DeleteFileA
GetSystemTime
Thread32First
ClearCommError
GetWindowsDirectoryA
GetTickCount
GetCPInfoExW
EnumTimeFormatsW
GetProcessHeap
GetFileAttributesExW
ContinueDebugEvent
TerminateProcess
VirtualAlloc
GlobalUnfix
SetVolumeLabelW
GetCurrentProcess
ResetWriteWatch
FindCloseChangeNotification
CreateEventW
GetLocaleInfoA
GetCommandLineW
TransactNamedPipe
VirtualFree
ExitProcess
CancelWaitableTimer
SetCurrentDirectoryW
WriteConsoleW
SetDefaultCommConfigA
OpenFileMappingW
EnumCalendarInfoA
RemoveDirectoryA
GetProcessTimes
FindFirstFileA
GetSystemTimeAdjustment
EnumSystemLocalesA
CreateFiber
SetComputerNameA
GetCalendarInfoA
GetDiskFreeSpaceExA
VirtualUnlock
Beep
OpenWaitableTimerA
RemoveDirectoryW
ScrollConsoleScreenBufferW
SetVolumeLabelA
SetThreadLocale
FlushViewOfFile
WaitForMultipleObjects
GetTimeFormatA
DuplicateHandle
GetStringTypeA
GetDevicePowerState
DeleteAtom
InitAtomTable
GetLastError
LocalFileTimeToFileTime
EnumDateFormatsExA
SetCommMask
ReadConsoleOutputCharacterA
WriteConsoleOutputCharacterA
CreateConsoleScreenBuffer
FindAtomW
BackupSeek
SetConsoleCP
QueryPerformanceCounter
GetExitCodeProcess
SetFilePointer
GlobalFlags
GetUserDefaultLangID
GetNamedPipeHandleStateW
DeleteFiber
ConvertThreadToFiber
DeviceIoControl
SuspendThread
SignalObjectAndWait
FindFirstChangeNotificationA
GetStartupInfoA
IsDBCSLeadByteEx
HeapLock
VirtualProtect
GetShortPathNameW
SetCurrentDirectoryA
GetDateFormatW
GetFullPathNameA
ReadProcessMemory
CopyFileExA
Heap32ListNext
BackupRead
OpenFile
ExpandEnvironmentStringsW
GetNamedPipeInfo
LockFile
GetProfileIntW
GetTempFileNameA
SetLocaleInfoA
SetSystemTimeAdjustment
WritePrivateProfileSectionA
GetMailslotInfo
GetProfileStringW
SetConsoleTextAttribute
SetCommBreak
GetPrivateProfileStructA
GetFileAttributesExA
GetCompressedFileSizeW
LocalCompact
GetCurrencyFormatW
LocalUnlock
GetVolumeInformationW
FreeLibraryAndExitThread
SetLocaleInfoW
SetConsoleActiveScreenBuffer
GetEnvironmentVariableW
GetThreadPriority
SwitchToThread

user32

TranslateMessage
CreateWindowStationA
CharLowerA
DdeReconnect
DeleteMenu
GetMenuItemID
LoadKeyboardLayoutW
TileChildWindows
DlgDirListW
LoadMenuW
TabbedTextOutA
DlgDirListComboBoxA
PostThreadMessageA
GetUserObjectInformationW
DefDlgProcW
SendMessageW
OpenClipboard
IsCharAlphaNumericA
PeekMessageA
ReplyMessage
EnumWindowStationsW
DdeClientTransaction
SwitchDesktop
GetNextDlgGroupItem
BroadcastSystemMessageA
GetTabbedTextExtentA
DdeAccessData
UnregisterClassW
RemovePropW
RegisterWindowMessageW
DdeImpersonateClient
PostQuitMessage
InvertRect
MonitorFromWindow
DrawAnimatedRects
WINNLSEnableIME
WinHelpW
IsChild
PtInRect
CallWindowProcW
DefMDIChildProcW
GetKeyState
DdeCreateStringHandleA
EnumClipboardFormats
GetDCEx
CreateIcon
SetDeskWallpaper
SystemParametersInfoA
MapVirtualKeyA
SendMessageTimeoutW
ChildWindowFromPointEx
CopyAcceleratorTableW
EnableWindow
GetInputDesktop
DrawStateA
ShowWindowAsync
GetComboBoxInfo
SetCaretBlinkTime
DdeInitializeA
OffsetRect
SendDlgItemMessageA
EnableMenuItem
DefFrameProcA
SetClassWord
GetDialogBaseUnits
PostThreadMessageW
MessageBoxA
CountClipboardFormats
SendMessageTimeoutA
SetRectEmpty
CreateWindowExA
TrackMouseEvent
SetWindowTextW
DdeUninitialize
GetClassInfoA
SendIMEMessageExW
EnumThreadWindows
ReuseDDElParam
InsertMenuA
GetPropA
InvalidateRgn
GetKeyboardLayout
CharUpperW
BeginDeferWindowPos
EnumDisplayMonitors
ValidateRgn
GetClipCursor
CheckDlgButton
LookupIconIdFromDirectory
DlgDirSelectExW
DialogBoxIndirectParamA
DrawFocusRect
ShowOwnedPopups
UnregisterDeviceNotification
SetProcessWindowStation
SetDlgItemTextW
RegisterWindowMessageA
EndTask
OemKeyScan
CreateIconFromResourceEx
CopyIcon
SetMessageQueue
DdePostAdvise
RealGetWindowClass
GetKeyboardLayoutList
SetClipboardViewer
AttachThreadInput
CharToOemBuffW
CharNextW
CloseWindow
RegisterClassW
SetLastErrorEx
CreatePopupMenu
GetKeyboardState
AppendMenuA
DdeGetData
ChangeMenuA
ChangeMenuW
RegisterDeviceNotificationW
DrawMenuBar
DdeFreeDataHandle
SendDlgItemMessageW
IsZoomed
GetWindowPlacement
MonitorFromRect
MessageBoxExA
DrawStateW
ModifyMenuW
NotifyWinEvent
DdeDisconnect
DialogBoxParamA
SubtractRect

advapi32

RegCreateKeyExA
CryptSetKeyParam
FreeSid
RegConnectRegistryA
CryptSignHashW
SetEntriesInAccessListA
GetTrusteeTypeW
SetSecurityDescriptorDacl
CryptHashSessionKey
BuildTrusteeWithSidA
DeleteService
BackupEventLogW
GetNamedSecurityInfoA
TrusteeAccessToObjectA
QueryServiceConfigA
GetFileSecurityW
RegRestoreKeyW
SetServiceBits
NotifyChangeEventLog
RegisterEventSourceW
GetMultipleTrusteeOperationW
RegisterServiceCtrlHandlerA
ObjectPrivilegeAuditAlarmW
SetNamedSecurityInfoExW
SetKernelObjectSecurity
CopySid
RegSaveKeyW
AreAllAccessesGranted
GetTrusteeTypeA
ReportEventW
GetAccessPermissionsForObjectW
BuildImpersonateExplicitAccessWithNameA
LogonUserA
GetSidSubAuthorityCount
GetServiceDisplayNameA
RegEnumValueW
SetNamedSecurityInfoA
SetServiceStatus
SetSecurityInfoExA
GetSecurityInfoExW
CryptEnumProviderTypesA
IsValidSid
QueryServiceLockStatusA
RegCreateKeyA
GetSecurityDescriptorLength
QueryServiceLockStatusW
GetTrusteeNameW
RegDeleteValueA
GetKernelObjectSecurity
BuildTrusteeWithNameA
CloseServiceHandle
LookupPrivilegeNameA
RegUnLoadKeyA
CryptEnumProviderTypesW
CryptSetProvParam
RegisterServiceCtrlHandlerW
OpenSCManagerW
LookupSecurityDescriptorPartsA
SetSecurityInfoExW
RegQueryMultipleValuesW
RegDeleteValueW
LockServiceDatabase
LookupAccountSidA
AdjustTokenGroups
BuildImpersonateTrusteeW
CryptExportKey
RegSaveKeyA
GetMultipleTrusteeW
GetSecurityDescriptorControl
RegEnumKeyExW
GetCurrentHwProfileW
CreatePrivateObjectSecurity
RegSetValueExA
ClearEventLogA
RegQueryMultipleValuesA
EnumDependentServicesA
GetAccessPermissionsForObjectA
MakeSelfRelativeSD
AllocateLocallyUniqueId
RegFlushKey
AddAuditAccessAce
InitializeSecurityDescriptor
CreateProcessAsUserA
RegEnumValueA
StartServiceA
GetSecurityDescriptorOwner
RegOpenKeyA
SetNamedSecurityInfoW
OpenServiceA
SetEntriesInAccessListW
RegEnumKeyExA
CryptEncrypt
GetServiceKeyNameW
GetSecurityInfoExA
SetEntriesInAclW
CancelOverlappedAccess
CryptSetProviderExA
EqualSid
OpenBackupEventLogW
SetFileSecurityA
CryptDecrypt
GetCurrentHwProfileA
UnlockServiceDatabase
ObjectDeleteAuditAlarmW
GetSecurityInfo
GetNamedSecurityInfoW
GetSecurityDescriptorSacl
RegSetKeySecurity
AddAccessDeniedAce
SetSecurityDescriptorGroup
GetExplicitEntriesFromAclW
DuplicateTokenEx
GetMultipleTrusteeA
GetSecurityDescriptorGroup

shlwapi

UrlApplySchemeA
SHSkipJunction
StrStrA
UrlEscapeA
SHDeleteKeyW
PathCompactPathExA
PathIsURLW
SHEnumValueA
PathIsSystemFolderW
SHRegGetUSValueW
SHRegWriteUSValueW
SHRegEnumUSValueW
SHCreateShellPalette
StrCatBuffW
SHRegSetUSValueA
SHGetThreadRef
StrRChrIW
StrCSpnIA
PathRenameExtensionW
UrlIsOpaqueW
SHRegDeleteEmptyUSKeyW
PathCommonPrefixW
PathCombineW
AssocQueryStringByKeyW
PathIsUNCW
UrlGetLocationW
SHRegOpenUSKeyW
StrFormatByteSizeW
UrlCompareA
StrCmpNIW
StrRStrIA
PathParseIconLocationA
UrlIsW
PathIsPrefixW
PathSkipRootA
PathGetArgsW
SHRegGetBoolUSValueA
PathCanonicalizeA
PathMakeSystemFolderA
UrlCanonicalizeA
PathIsDirectoryEmptyW
PathIsLFNFileSpecW
PathMakeSystemFolderW
PathIsNetworkPathW
PathMatchSpecA
SHRegQueryInfoUSKeyW
PathRemoveArgsW
PathIsDirectoryW
StrCatBuffA
UrlHashA
SHSetValueW
PathIsContentTypeW
UrlIsOpaqueA
PathFindFileNameW
PathGetCharTypeA
PathAddBackslashA
PathFindFileNameA
PathMakePrettyA
UrlUnescapeW
PathIsRootW
SHQueryValueExW
StrCpyNW
PathQuoteSpacesA
SHGetInverseCMAP
StrCatW
UrlEscapeW
PathIsUNCServerShareW
UrlHashW
PathFindExtensionA
PathIsPrefixA
StrCmpNIA
PathSkipRootW
SHEnumKeyExA
StrFormatByteSizeA
SHCopyKeyA
UrlCompareW
StrToIntW
PathCommonPrefixA
PathAppendA
PathFindNextComponentA
SHQueryInfoKeyW
StrToIntA
PathIsUNCA
SHOpenRegStreamW
UrlIsNoHistoryA
PathGetCharTypeW
GetMenuPosFromID
StrNCatA
PathRemoveArgsA
StrToIntExA
PathMakePrettyW
PathIsUNCServerA
StrRetToBufW
SHRegCreateUSKeyW
PathStripPathW
UrlIsA
UrlGetPartW
PathSearchAndQualifyA
SHRegQueryUSValueW
PathRelativePathToA
SHRegCreateUSKeyA

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c7dbdc202d2726aff687021f12a266fe

Headers

DLL Characteristics

File Characteristics

Imports

ole32

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 8KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 8KB