2951f186e0540940067f769645042cbc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2951f186e0540940067f769645042cbc_JaffaCakes118
Size

868KB
MD5

2951f186e0540940067f769645042cbc
SHA1

8e67742a3a6ad569fc1ec3103239cbc8e80669d5
SHA256

dce3681189f01fcbd777b6255fb15ed9db722b3d7bb3a63f03fc30307ec8db62
SHA512

c946ed021b2cff9f424e5fbd510224179896663ca1320adcee6365e8c1a0eaf775e2bfac9df320038c1325645a422fff54874f71079fbb7f12105e9590fc5a1c
SSDEEP

24576:UuKw3zgk880BFGPmbCbVXOs0TcnCHAYVS:UuXzgtgP94snCHA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2951f186e0540940067f769645042cbc_JaffaCakes118

Files

2951f186e0540940067f769645042cbc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

20c758a16cbe7843ac9481096eb4f059

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
GetTempFileNameW
lstrlenW
GetCPInfo
GetModuleHandleW
HeapFree
IsDebuggerPresent
MulDiv
InterlockedCompareExchange
EnterCriticalSection
CloseHandle
WriteFile
GetFileSize
CreateThread
FreeEnvironmentStringsW
FindResourceExW
GlobalSize
DuplicateHandle
GetProcessHeap
GetCurrentDirectoryW
VirtualQuery
GlobalGetAtomNameW
CompareStringW
SearchPathW
WideCharToMultiByte
GetStringTypeW
GlobalUnlock
LocalFree
GlobalDeleteAtom
SetFilePointer
lstrcmpiW
GetTimeZoneInformation
InterlockedIncrement
GetCurrentThread
LoadLibraryW
DisconnectNamedPipe
FileTimeToSystemTime
CreateEventW
GlobalFlags
LocalReAlloc
VirtualProtectEx
FindResourceW
TerminateThread
GetUserDefaultUILanguage
GetFileSizeEx
GlobalReAlloc
lstrlenA
GlobalFree
RtlUnwind
GetFileAttributesExW
FreeLibrary
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapSize
GetCurrentThreadId
GetFullPathNameW
ExitThread
GetConsoleCP
FileTimeToLocalFileTime
FreeResource
RaiseException
GetLastError
GetEnvironmentStringsW
GetFileType
TlsFree
GetTempPathW
UnlockFile
InterlockedExchange
SetLastError
GetCurrentProcess
LoadResource
LockResource
UnhandledExceptionFilter
FlushFileBuffers
SizeofResource
WriteConsoleW
GlobalFindAtomW
GetFileTime
HeapReAlloc
GetSystemTimeAsFileTime
WaitForSingleObject
IsValidCodePage
LockFile
TlsGetValue
SetEvent
LCMapStringW
VirtualAlloc
TlsSetValue
HeapQueryInformation
Sleep
GetLocaleInfoW
GetACP
GetCurrentProcessId
OpenEventW
GetFileAttributesW
FindFirstFileW
GetOEMCP
GetStdHandle
SetEnvironmentVariableA
lstrcpyW
GetSystemDirectoryW
FindClose
GetTickCount
SetStdHandle
MultiByteToWideChar
ReadFile
CreateMutexW
GetCommandLineW
InitializeCriticalSection
SetEndOfFile
GetVersionExW
FormatMessageW
GetProcAddress
SetUnhandledExceptionFilter
GetConsoleMode
LoadLibraryExW
SetThreadPriority
ResumeThread
LocalAlloc
GetStartupInfoW
LeaveCriticalSection
HeapAlloc
HeapSetInformation
GlobalHandle
lstrcmpW
GlobalAddAtomW
GetSystemInfo
SetHandleCount
CreateFileW
lstrcmpA
GetNumberFormatW
GlobalLock
GetVolumeInformationW
IsProcessorFeaturePresent
HeapCreate
WaitForMultipleObjects
GetModuleFileNameW
GlobalAlloc
GetProfileIntW
QueryPerformanceCounter
HeapDestroy
InterlockedDecrement
CopyFileW
CreateNamedPipeW

user32

CopyIcon
EndDialog
MapVirtualKeyW
HideCaret
EmptyClipboard
DestroyAcceleratorTable
GetSystemMetrics
GetWindowLongW
GetScrollPos
FillRect
BeginDeferWindowPos
RegisterClassW
TrackPopupMenu
IsWindow
AppendMenuW
IsCharLowerW
IsRectEmpty
GetWindowTextW
SetRectEmpty
GetActiveWindow
GetUpdateRect
DrawTextW
PeekMessageW
CreateMenu
CreateWindowExW
LoadMenuW
GetMessageW
DrawIconEx
GetMenuItemCount
EnumWindows
EnableMenuItem
ReleaseCapture
GetWindowPlacement
InvertRect
SetMenuItemBitmaps
GetClassInfoW
RemoveMenu
LoadImageW
GetMenuDefaultItem
GetNextDlgTabItem
GetSysColor
SubtractRect
IsClipboardFormatAvailable
ShowOwnedPopups
SendDlgItemMessageW
CharUpperBuffW
GetWindowDC
PostMessageW
CreateAcceleratorTableW
SetMenu
GetClassInfoExW
DrawIcon
DrawMenuBar
BringWindowToTop
SendMessageW
CheckMenuItem
MessageBoxW
LoadBitmapW
CloseClipboard
GetMenuStringW
ClientToScreen
GetCursorPos
ShowWindow
CopyImage
PostQuitMessage
IsIconic
GetForegroundWindow
GetKeyNameTextW
DestroyMenu
InsertMenuW
ShowScrollBar
DestroyIcon
EnableScrollBar
GetClassNameW
SetFocus
EndDeferWindowPos
SetClassLongW
IsWindowVisible
GetMessagePos
ReuseDDElParam
GetLastActivePopup
GetFocus
GetKeyboardState
GetClientRect
SetWindowLongW
GetMonitorInfoW
SystemParametersInfoW
MapVirtualKeyExW
GetWindowRgn
SetMenuDefaultItem
GetWindowRect
IsZoomed
GetMenuItemID
RedrawWindow
CheckDlgButton
DialogBoxParamW
ModifyMenuW
DeleteMenu
EndPaint
ScrollWindow
GetWindowTextLengthW
GetDlgCtrlID
GetWindow
TranslateMessage
DrawFrameControl
DeferWindowPos
MessageBeep
UnpackDDElParam
DrawEdge
InvalidateRect
SetScrollPos
UpdateWindow
GetClassLongW
DestroyCursor
GetMessageTime
CopyRect
CallWindowProcW
GetCapture
IsDialogMessageW
IntersectRect
RegisterClipboardFormatW
DrawStateW
WindowFromPoint
GetDC
GetAsyncKeyState
WinHelpW
SetCapture
DrawFocusRect
DefWindowProcW
UnhookWindowsHookEx
AdjustWindowRectEx
RegisterWindowMessageW
GetSubMenu
SetWindowPos
SetWindowPlacement
UpdateLayeredWindow
IsChild
DefFrameProcW
TabbedTextOutW
LockWindowUpdate
GetScrollInfo
TranslateAcceleratorW
ScreenToClient
GetTopWindow
RemovePropW
PtInRect
InflateRect
InsertMenuItemW
LoadIconW
GetPropW
SetForegroundWindow
GetMenuState
DrawTextExW
PostThreadMessageW
RealChildWindowFromPoint
MapWindowPoints
IsMenu
GrayStringW
GetIconInfo
OpenClipboard
SetParent
GetDesktopWindow
DestroyWindow
SetPropW
GetMenuItemInfoW
BeginPaint
CreateDialogIndirectParamW
DefMDIChildProcW
NotifyWinEvent
GetWindowThreadProcessId
GetDoubleClickTime
CharUpperW
GetNextDlgGroupItem
SetScrollInfo
FrameRect
ToUnicodeEx
SetWindowTextW
GetScrollRange
CreatePopupMenu
UnionRect
SetActiveWindow
SetWindowsHookExW
GetSystemMenu
GetMenu
GetSysColorBrush
EnableWindow
EnumDisplayMonitors
SetCursor
TranslateMDISysAccel
SendDlgItemMessageA
GetKeyboardLayout
SetClipboardData
IsWindowEnabled
CopyAcceleratorTableW
OffsetRect
EqualRect
SetCursorPos
SetWindowRgn
KillTimer
GetDlgItem
MonitorFromPoint
LoadAcceleratorsW
MonitorFromWindow
SetRect
DispatchMessageW
GetMenuCheckMarkDimensions
SetScrollRange
MapDialogRect
SetTimer
WaitMessage
MoveWindow
GetKeyState
LoadCursorW
ValidateRect
SetLayeredWindowAttributes
ReleaseDC
CallNextHookEx

gdi32

SelectObject
SetViewportOrgEx
IntersectClipRect
ExtFloodFill
SetTextAlign
CreateFontIndirectW
GetPixel
ScaleViewportExtEx
GetWindowExtEx
SetPolyFillMode
GetBoundsRect
Escape
CreateDIBitmap
SetBkColor
CopyMetaFileW
SelectClipRgn
LineTo
GetViewportOrgEx
CreateSolidBrush
SaveDC
GetBkColor
MoveToEx
SetDIBColorTable
ExtSelectClipRgn
SetBkMode
GetDeviceCaps
CreateRoundRectRgn
Polygon
GetClipBox
EnumFontFamiliesExW
CreatePen
CreatePolygonRgn
CreateCompatibleBitmap
CreatePatternBrush
SetPixel
SetMapMode
SetLayout
CreateHatchBrush
FrameRgn
PtVisible
SetROP2
RestoreDC
SetPixelV
BitBlt
GetRgnBox
GetSystemPaletteEntries
GetViewportExtEx
PatBlt
ScaleWindowExtEx
GetTextColor
OffsetViewportOrgEx
FillRgn
DeleteObject
ExcludeClipRect
CreateDIBSection
OffsetWindowOrgEx
EnumFontFamiliesW
CombineRgn
CreateCompatibleDC
GetObjectType
StretchBlt
LPtoDP
RectVisible
GetTextExtentPoint32W
SetWindowExtEx
SetPaletteEntries
SetWindowOrgEx
CreateRectRgn
GetTextCharsetInfo
GetBitmapBits
GetObjectW
ExtTextOutW
Rectangle
Polyline
CreateRectRgnIndirect
GetTextFaceW
CreatePalette
DPtoLP
OffsetRgn
SetRectRgn
CreateBitmap
TextOutW
GetTextMetricsW
RealizePalette
GetWindowOrgEx
DeleteDC
SetViewportExtEx
Ellipse
GetLayout
GetPaletteEntries
CreateEllipticRgn
PtInRegion
SetTextColor
CreateDCW
GetNearestPaletteIndex
SelectPalette

comdlg32

GetFileTitleW
GetOpenFileNameW

advapi32

SetSecurityDescriptorDacl
RegOpenKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegDeleteValueW
InitializeSecurityDescriptor
RegDeleteKeyW
ConvertSidToStringSidW
IsValidSid
SetSecurityDescriptorSacl
RegCloseKey
RegCreateKeyExW
GetSecurityDescriptorSacl
RegQueryValueExW
OpenThreadToken
OpenProcessToken
RegEnumKeyExW
RegSetValueExW
GetTokenInformation

shell32

SHBrowseForFolderW
ShellExecuteW
SHGetDesktopFolder
SHGetFileInfoW
SHGetFolderLocation
SHAppBarMessage
SHGetPathFromIDListW
DragQueryFileW
ShellExecuteExW
DragFinish
SHGetSpecialFolderLocation

ole32

OleLockRunning
CoTaskMemAlloc
CLSIDFromString
OleTranslateAccelerator
RevokeDragDrop
OleDestroyMenuDescriptor
OleDuplicateData
CoUninitialize
DoDragDrop
CoCreateInstance
CoTaskMemFree
OleCreateMenuDescriptor
RegisterDragDrop
IsAccelerator
CreateStreamOnHGlobal
CoInitialize
CoInitializeEx
CoLockObjectExternal
OleGetClipboard
ReleaseStgMedium

oleaut32

SysAllocString
VarBstrFromDate
SysFreeString
SysStringByteLen
VariantClear
SysAllocStringByteLen
SysStringLen
VariantChangeType
VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen

comctl32

ImageList_GetIconSize

shlwapi

SHDeleteValueW
SHDeleteValueA
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
SHGetThreadRef
ord345

winmm

PlaySoundW

msimg32

AlphaBlend
TransparentBlt

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

gdiplus

GdipFree
GdipDisposeImage
GdipCreateBitmapFromStream
GdiplusStartup
GdipGetImageWidth
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipBitmapUnlockBits
GdipAlloc
GdipGetImagePalette
GdipDrawImageRectI
GdipDeleteGraphics
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
GdipDrawImageI
GdiplusShutdown
GdipGetImagePaletteSize

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.klop
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rlew
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.koopl
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kupol
Size: 517KB - Virtual size: 517KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20c758a16cbe7843ac9481096eb4f059

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

winmm

msimg32

imm32

gdiplus

oleacc

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 512B - Virtual size: 163KB

.klop Size: 287KB - Virtual size: 287KB

.rlew Size: 8KB - Virtual size: 8KB

.koopl Size: 12KB - Virtual size: 11KB

.kupol Size: 517KB - Virtual size: 517KB

.rsrc Size: 1024B - Virtual size: 712B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 512B - Virtual size: 163KB

.klop
Size: 287KB - Virtual size: 287KB

.rlew
Size: 8KB - Virtual size: 8KB

.koopl
Size: 12KB - Virtual size: 11KB

.kupol
Size: 517KB - Virtual size: 517KB

.rsrc
Size: 1024B - Virtual size: 712B

.reloc
Size: 5KB - Virtual size: 4KB