1bd5dc321de3b29b9f49705b1394141d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1bd5dc321de3b29b9f49705b1394141d_JaffaCakes118
Size

39KB
MD5

1bd5dc321de3b29b9f49705b1394141d
SHA1

50d9369233c3327a29a29f8b379098cb0df0aa1b
SHA256

06e7a52b919aeef242de5fe49c922d448034be378d396320eafdbd4ef43813bb
SHA512

38e09c22ea903ad77bfaebee39be154184d73fbed0b041f52cccd26f2375c51cd8134d6afaae6acca94d0c403ec7ba10366273c618503c05bb4c027a92472c3f
SSDEEP

768:cnhYzh/X3XMTv4YsExY+cRxhxngfMOst0McrY5pGRrGnxB/29uOqSda4m4QDnVVY:ceh/ssYsL+0xgfMOs2Mj736uKdczVVMJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bd5dc321de3b29b9f49705b1394141d_JaffaCakes118

Files

1bd5dc321de3b29b9f49705b1394141d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1e3917705a361a138eb9689a1ca7e3e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleCreateLinkFromData
DoDragDrop
OleLockRunning
CoTaskMemAlloc
StgIsStorageFile
CoFreeUnusedLibraries
OleSetContainedObject
CoCreateInstance
CoTaskMemFree
OleGetClipboard
CreateILockBytesOnHGlobal
OleCreate
CreateGenericComposite
OleIsRunning
StgCreateDocfile
CLSIDFromProgID
RegisterDragDrop
OleGetIconOfClass
OleCreateStaticFromData
OleRegEnumVerbs
StringFromGUID2
OleSetClipboard
CoInitialize
StgCreateDocfileOnILockBytes
CoGetMalloc
OleSaveToStream
OleSetMenuDescriptor
ReadClassStg
OleSave
GetClassFile
ReadClassStm
OleIsCurrentClipboard
CoDisconnectObject
CoGetClassObject
CoRegisterMessageFilter
OleRegGetMiscStatus
CreateOleAdviseHolder
OleLoad
OleCreateLinkToFile
OleUninitialize
CoUninitialize
OleCreateFromData
OleFlushClipboard
CoRegisterClassObject
StgOpenStorageOnILockBytes
CLSIDFromString
OleCreateMenuDescriptor
CreateDataAdviseHolder
CreateDataCache
OleQueryLinkFromData
WriteClassStg
GetHGlobalFromILockBytes
CreateFileMoniker
WriteClassStm
GetRunningObjectTable
RevokeDragDrop
CoRevokeClassObject
OleLoadFromStream
StringFromCLSID
WriteFmtUserTypeStg
CreateItemMoniker
SetConvertStg
OleTranslateAccelerator
ReleaseStgMedium
CreateStreamOnHGlobal
OleQueryCreateFromData
ReadFmtUserTypeStg
OleDuplicateData
OleRegGetUserType
CoTreatAsClass
StgOpenStorage
CoLockObjectExternal
OleDestroyMenuDescriptor
OleInitialize
OleRun
OleCreateFromFile
IsAccelerator
CreateBindCtx

activeds

FreeADsMem
DllGetClassObject

cmdial32

CmCustomHangUp
AutoDialFunc

wininet

InternetConnectW
FtpOpenFileW
FtpSetCurrentDirectoryW
InternetGetCookieW
FtpCreateDirectoryW
FtpGetCurrentDirectoryW
InternetOpenW
FtpRemoveDirectoryW
InternetQueryOptionW
GopherCreateLocatorW
InternetSetOptionExW
InternetSetCookieW
InternetCloseHandle
InternetCanonicalizeUrlW
InternetGetLastResponseInfoW
HttpAddRequestHeadersW
GopherFindFirstFileW
InternetSetFilePointer
InternetReadFile
InternetSetStatusCallbackW
FtpDeleteFileW
FtpPutFileW
InternetCrackUrlW
InternetOpenUrlW
HttpSendRequestExW
InternetFindNextFileW
GopherOpenFileW
FtpRenameFileW
FtpGetFileW
InternetErrorDlg
InternetQueryDataAvailable
HttpSendRequestW
InternetWriteFile
FtpFindFirstFileW
HttpEndRequestW
HttpQueryInfoW
GopherGetAttributeW
HttpOpenRequestW

kernel32

SystemTimeToFileTime
lstrcmpiW
GlobalDeleteAtom
InterlockedDecrement
CopyFileW
FlushFileBuffers
SetEvent
GetModuleHandleW
GlobalReAlloc
UnhandledExceptionFilter
GetProcAddress
ReleaseSemaphore
GetUserDefaultLCID
MoveFileW
GetTempPathW
GetVolumeInformationW
DeleteFileW
GetShortPathNameW
FindFirstFileW
LoadLibraryW
SetLastError
GetPrivateProfileStringW
DeleteCriticalSection
SetFileAttributesW
FindResourceExW
GetDiskFreeSpaceW
GlobalHandle
lstrcatA
GetStringTypeExW
LocalReAlloc
CreateFileW
SetFileTime
IsDBCSLeadByte
LeaveCriticalSection
InterlockedIncrement
GetSystemInfo
LockResource
CloseHandle
DelayLoadFailureHook
FindClose
SetUnhandledExceptionFilter
LockFile
OutputDebugStringW
InitializeCriticalSection
lstrcpynW
lstrcpyA
LocalFileTimeToFileTime
GetVersion
GetModuleHandleA
LocalAlloc
SizeofResource
WaitForMultipleObjects
LocalFree
SearchPathW
GetSystemTimeAsFileTime
GetModuleFileNameW
GlobalSize
TlsSetValue
WideCharToMultiByte
GlobalGetAtomNameW
GlobalLock
FreeConsole
TlsAlloc
CreateMutexW
FileTimeToSystemTime
GetTempFileNameW
GetTickCount
FreeLibrary
FormatMessageW
GetSystemDirectoryA
GetFileSize
GlobalFindAtomW
GetVersionExA
GetFileTime
GetFileAttributesW
VirtualAlloc
lstrcmpW
ReadFile
InterlockedCompareExchange
FindNextFileW
GetProcessVersion
GlobalFree
UnlockFile
GetProfileIntW
TlsFree
DuplicateHandle
VirtualProtect
lstrcmpiA
FindResourceW
SetFilePointer
GetVersionExW
TerminateProcess
MultiByteToWideChar
SetErrorMode
GetCurrentProcessId
LocalLock
MulDiv
lstrcmpA
LoadLibraryA
CreateSemaphoreW
CreateEventW
LoadLibraryExA
WriteFile
GetLastError
lstrcpynA
GetCurrentThreadId
GlobalFlags
GlobalUnlock
Sleep
WritePrivateProfileStringW
lstrcpyW
GlobalAddAtomW
LocalUnlock
TlsGetValue
GlobalAlloc
lstrlenW
QueryPerformanceCounter
SetEndOfFile
FileTimeToLocalFileTime
ResumeThread
ReleaseMutex
LoadResource
lstrcatW
GetPrivateProfileIntW
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentThread
GetFullPathNameW
FreeResource
VirtualQuery
GetThreadLocale
EnterCriticalSection
SetThreadPriority
lstrlenA
SuspendThread

advapi32

RegDeleteValueW
RegQueryValueExW
RegQueryValueW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegDeleteKeyW
SetFileSecurityW
RegEnumKeyW
RegSetValueW
RegCreateKeyW
RegOpenKeyW
RegCreateKeyExW
GetFileSecurityW

gdi32

GetNearestColor
GetTextAlign
CreateDIBPatternBrushPt
GetROP2
CreateCompatibleDC
RealizePalette
CloseMetaFile
SetWindowExtEx
SelectObject
CreateBitmap
CreateMetaFileW
GetClipBox
GetViewportOrgEx
CreatePen
ScaleViewportExtEx
EndDoc
GetBkMode
SetRectRgn
SetStretchBltMode
GetObjectW
ArcTo
UnrealizeObject
SetWindowOrgEx
SaveDC
SetViewportOrgEx
OffsetClipRgn
GetViewportExtEx
RestoreDC
SetViewportExtEx
EnumMetaFile
CreateHatchBrush
GetTextColor
SetTextAlign
CopyMetaFileW
DeleteMetaFile
GetWindowExtEx
DeleteObject
PatBlt
GetDeviceCaps
GetCharWidthW
SetPolyFillMode
CreateCompatibleBitmap
GetStockObject
Rectangle
TextOutW
SelectClipPath
GetWindowOrgEx
IntersectClipRect
CreatePatternBrush
GetBkColor
CreatePalette
PolyBezierTo
SetArcDirection
GetCurrentPositionEx
SelectClipRgn
Escape
AbortDoc
CreateRectRgn
PolyDraw
SetTextJustification
SetBkMode
SetColorAdjustment
RectVisible
LineTo
OffsetRgn
StartPage
GetTextMetricsW
GetTextExtentPoint32W
DPtoLP
SetTextCharacterExtra
GetTextFaceW
PlayMetaFile
GetTextExtentPoint32A
LPtoDP
GetObjectType
SetMapperFlags
DeleteDC
ExtTextOutW
ExtCreatePen
GetPaletteEntries
EndPage
SetAbortProc
StretchDIBits
GetClipRgn
StartDocW
CreateRectRgnIndirect
CreateSolidBrush
CreateDCW
ExcludeClipRect
CreateFontIndirectW
OffsetViewportOrgEx
GetPixel
SetBrushOrgEx
GetStretchBltMode
MoveToEx
GetPolyFillMode
EnumFontFamiliesExW
SetBkColor
PtVisible
BitBlt
CombineRgn
ScaleWindowExtEx
PlayMetaFileRecord
PolylineTo
EnumFontFamiliesW
GetMapMode
SetTextColor
SelectPalette
OffsetWindowOrgEx
SetROP2
ExtSelectClipRgn
CreateFontW
SetMapMode

user32

IsZoomed
ValidateRect
PostMessageW
ClipCursor
GetLastActivePopup
GetDCEx
GetMessagePos
SetRectEmpty
GetSysColorBrush
SetWindowLongW
IsWindowEnabled
GetWindowDC
InvalidateRgn
RegisterWindowMessageW
GetSysColor
ShowOwnedPopups
FillRect
GetCapture
GetScrollRange
IntersectRect
CheckDlgButton
ReleaseDC
GetMenuState
IsRectEmpty
GetClassNameW
GetSystemMenu
AppendMenuW
MsgWaitForMultipleObjects
EndDialog
DestroyWindow
LoadAcceleratorsW
GetDlgItem
UnionRect
ScreenToClient
LoadMenuW
IsChild
ShowScrollBar
DispatchMessageW
EndPaint
SetDlgItemInt
IsDlgButtonChecked
SetCursor
CheckRadioButton
InsertMenuW
GetActiveWindow
SetCapture
GetDlgItemTextW
UnhookWindowsHookEx
FindWindowW
DestroyCursor
CallWindowProcW
RemovePropW
GetScrollPos
UpdateWindow
MessageBeep
DefMDIChildProcW
GetDialogBaseUnits
EqualRect
CharUpperW
GetParent
GetClientRect
BeginPaint
GetMenuStringW
RegisterClassW
PtInRect
GetNextDlgTabItem
GetKeyState
MessageBoxW
InvalidateRect
GetCursorPos
DrawTextW
UnpackDDElParam
CharNextW
GetWindowTextW
GetForegroundWindow
ReleaseCapture
GetDlgCtrlID
wsprintfW
GetMessageW
DestroyMenu
SystemParametersInfoA
IsWindowVisible
IsDialogMessageW
InflateRect
GetFocus
SetActiveWindow
SetCursorPos
GetMenuItemID
GetClassInfoW
DrawMenuBar
MessageBoxA
GetDC
SetMenu
SetWindowPos
DefWindowProcW
SetWindowsHookExW
CreateDialogIndirectParamW
GrayStringW
GetAsyncKeyState
MapWindowPoints
SendDlgItemMessageW
BeginDeferWindowPos
InSendMessage
DrawEdge
GetWindowPlacement
MoveWindow
IsWindow
PostThreadMessageW
EnableMenuItem
LoadCursorW
LockWindowUpdate
DestroyIcon
SendDlgItemMessageA
SetScrollInfo
ReuseDDElParam
WindowFromPoint
wvsprintfW
SetTimer
RedrawWindow
CopyRect
ScrollWindow
InvertRect
GetDlgItemInt
GetWindowRect
LoadBitmapW
RegisterClipboardFormatW
IsClipboardFormatAvailable
GetWindowThreadProcessId
GetSystemMetrics
ModifyMenuW
GetWindowLongW
ClientToScreen
TranslateMDISysAccel
KillTimer
LoadStringW
GetDesktopWindow
SetRect
ShowWindow
GetMenuCheckMarkDimensions
TranslateAcceleratorW
IsIconic
UnregisterClassW
OffsetRect
LoadIconW
TabbedTextOutW
SetMenuItemBitmaps
DeleteMenu
MapDialogRect
SystemParametersInfoW
SendMessageW
EnableWindow
SetFocus
GetPropW
DeferWindowPos
SetWindowPlacement
WinHelpW
PeekMessageW
WaitMessage
GetMessageTime
TrackPopupMenu
SetScrollRange
SetParent
GetTopWindow
CountClipboardFormats
BringWindowToTop
GetTabbedTextExtentA
AdjustWindowRectEx
PostQuitMessage
GetWindow
TranslateMessage
CreateWindowExW
EnumChildWindows
CallNextHookEx
SetForegroundWindow
GetMenuItemCount
ScrollWindowEx
GetSubMenu
GetScrollInfo
GetNextDlgGroupItem
SetPropW
RemoveMenu
SetDlgItemTextW
GetMenu
CreateMenu
SetWindowContextHelpId
EndDeferWindowPos
DefFrameProcW
DrawFocusRect
FrameRect
SetScrollPos
GetWindowTextLengthW
WindowFromDC
GetTabbedTextExtentW
CheckMenuItem
SetWindowTextW
CopyAcceleratorTableW

msvcrt

_ultow
_wcsnicmp
wcstod
time
wcsspn
malloc
__doserrno
_adjust_fdiv
_endthreadex
_wtoi
_wtol
_wcsupr
modf
floor
vswprintf
_ltow
wcscmp
_wsplitpath
swprintf
_wfullpath
_purecall
_open_osfhandle
_fdopen
_except_handler3
_initterm
_CxxThrowException
_itow
wcsncpy
__CxxFrameHandler
_snwprintf
__wargv
_wcsdup
fwrite
_beginthreadex
_wcslwr
memmove
fseek
ceil
__dllonexit
fclose
abort
fread
wcschr
wcsstr
fflush
ftell
mktime
wcscspn
clearerr
wcscpy
iswdigit
wcslen
calloc
wcsrchr
wcsftime
_get_osfhandle
realloc
_expand
gmtime
wcstoul
wcstol
fgetws
free
_onexit
fputws
iswspace
_wcsrev
wcspbrk
_msize
__argc
localtime
wcsncmp

Sections

.text
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e3917705a361a138eb9689a1ca7e3e4

Headers

DLL Characteristics

File Characteristics

Imports

ole32

activeds

cmdial32

wininet

kernel32

advapi32

gdi32

user32

msvcrt

Sections

.text Size: 512B - Virtual size: 456B

.idata Size: 17KB - Virtual size: 16KB

.rsrc Size: 15KB - Virtual size: 15KB

.data Size: - Virtual size: 80KB

.rdata Size: 5KB - Virtual size: 5KB

.text
Size: 512B - Virtual size: 456B

.idata
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 15KB - Virtual size: 15KB

.data
Size: - Virtual size: 80KB

.rdata
Size: 5KB - Virtual size: 5KB