2ad98fd21749c7bb7af063cdc474dc98_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2ad98fd21749c7bb7af063cdc474dc98_JaffaCakes118
Size

47KB
MD5

2ad98fd21749c7bb7af063cdc474dc98
SHA1

4d708c7957dbd71894d1df235154c883ff8fa7b8
SHA256

32109333e71cf47e8efa217745fb61de4c52b80d821f7947f55d43fad9a2f0c2
SHA512

7aa6dd68ceb19135971ca60ae12744201cba1d2b037612151ebc2cb8ae8db633468e4994f7f7bb7ad7c37ea7636fe968e531051428fa96816e2edbbe40773600
SSDEEP

768:1aNch3AvI7L4cR25+0H08hdzSHh57OHvZlVxPbe44Ej9AV0SUaO6W47WYD+:gChQQocA5+20ydzy7il7beCj9AV0SUnN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ad98fd21749c7bb7af063cdc474dc98_JaffaCakes118

Files

2ad98fd21749c7bb7af063cdc474dc98_JaffaCakes118
.exe windows:5 windows x86 arch:x86

36939b8c29f15add42e4c34804907d6f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
FatalAppExitW
FindAtomA
FindClose
FindFirstChangeNotificationA
FindFirstVolumeA
FindFirstVolumeMountPointA
FindResourceExA
FlushFileBuffers
FormatMessageA
FreeResource
GetACP
GetCPInfoExA
GetCalendarInfoW
GetCommModemStatus
GetComputerNameA
GetConsoleAliasesLengthW
GetConsoleCursorInfo
GetConsoleMode
GetConsoleTitleA
GetCurrencyFormatA
GetCurrentConsoleFont
GetDefaultCommConfigW
GetDevicePowerState
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetFileAttributesA
GetFileAttributesExW
GetModuleHandleA
GetNamedPipeInfo
GetNumberFormatW
GetPrivateProfileStructA
GetProcessShutdownParameters
GetShortPathNameA
GetSystemWindowsDirectoryA
GetTempFileNameW
GetTempPathA
GetThreadLocale
GetTimeFormatW
GetUserDefaultLCID
GlobalAddAtomW
GlobalFlags
GlobalMemoryStatusEx
GlobalSize
GlobalUnlock
HeapUnlock
IsBadStringPtrA
EnumUILanguagesW
IsBadWritePtr
LCMapStringW
LocalHandle
LocalSize
LockResource
MapUserPhysicalPages
MapViewOfFile
Module32FirstW
OpenEventW
OpenFileMappingW
OpenProcess
OpenWaitableTimerW
OutputDebugStringA
ProcessIdToSessionId
QueryDosDeviceW
ReadConsoleInputW
ReadDirectoryChangesW
ReadProcessMemory
ReplaceFile
RtlZeroMemory
ScrollConsoleScreenBufferA
ScrollConsoleScreenBufferW
SetCalendarInfoA
SetComputerNameExA
SetConsoleCP
SetConsoleCursor
SetConsoleTextAttribute
SetInformationJobObject
SetLastError
SetProcessShutdownParameters
SetThreadPriorityBoost
SignalObjectAndWait
SwitchToFiber
TlsSetValue
UnlockFile
UnregisterWait
UnregisterWaitEx
VerLanguageNameA
VerifyVersionInfoA
VirtualFree
WriteConsoleOutputCharacterW
WriteFile
WritePrivateProfileSectionA
WriteTapemark
lstrlenA
lstrlenW
EnumSystemLanguageGroupsW
EnterCriticalSection
DosDateTimeToFileTime
DnsHostnameToComputerNameA
DeleteTimerQueueTimer
DefineDosDeviceW
DebugBreak
CreateTimerQueue
CreateIoCompletionPort
CreateHardLinkA
CreateDirectoryW
CopyFileW
CallNamedPipeW
AddConsoleAliasW
LoadLibraryA
GetLocalTime
GetProcAddress
VirtualAlloc
GetWindowsDirectoryW
lstrcatW
CreateFileW
IsBadStringPtrW

user32

SetCapture
DestroyAcceleratorTable
AttachThreadInput
BeginDeferWindowPos
BeginPaint
BroadcastSystemMessageW
CallMsgFilter
CallMsgFilterW
ChangeDisplaySettingsExW
CharToOemA
CloseClipboard
CloseWindowStation
CopyImage
CreateDialogIndirectParamW
CreateIcon
CreateIconFromResourceEx
DdeConnect
DdeCreateDataHandle
DdeDisconnect
DdeFreeStringHandle
DdeGetData
DdeGetLastError
DdeInitializeW
DefDlgProcW
keybd_event
WindowFromDC
VkKeyScanExA
TrackMouseEvent
ToUnicode
ToAsciiEx
TileWindows
SwitchDesktop
SetWindowsHookExA
SetWindowsHookA
SetWindowTextA
SetWindowLongW
SetWinEventHook
SetTimer
SetProcessWindowStation
SetProcessDefaultLayout
SetMenuDefaultItem
SetLastErrorEx
SetKeyboardState
SetDlgItemTextW
SetClipboardData
SetClassWord
SetClassLongA
DefFrameProcA
SendMessageTimeoutW
SendInput
RemovePropW
PostThreadMessageW
PostQuitMessage
PostMessageW
OpenWindowStationA
MsgWaitForMultipleObjectsEx
MonitorFromRect
ModifyMenuW
MessageBoxExW
MessageBoxExA
MapVirtualKeyW
LoadMenuIndirectA
IsWindowVisible
IsDialogMessageA
IsDialogMessage
InvalidateRect
IntersectRect
IMPSetIMEW
HiliteMenuItem
GetWindowTextA
GetPriorityClipboardFormat
GetNextDlgGroupItem
GetMenuStringA
GetLastInputInfo
GetIconInfo
GetGUIThreadInfo
GetDlgItem
GetDialogBaseUnits
GetClassInfoA
GetCaretPos
GetAltTabInfoA
FreeDDElParam
FlashWindow
FindWindowW
FindWindowExA
EnumThreadWindows
EnumDisplaySettingsExA
EndPaint
EnableScrollBar
DrawIconEx
DrawFrameControl
DragDetect
DlgDirSelectComboBoxExW
DlgDirListComboBoxA

comdlg32

CommDlgExtendedError
ChooseColorW
ChooseFontA
ChooseFontW
FindTextA
FindTextW
GetFileTitleA
GetFileTitleW
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
GetSaveFileNameW
PageSetupDlgA
PageSetupDlgW
PrintDlgA
PrintDlgExA
PrintDlgExW
PrintDlgW
ReplaceTextA
ReplaceTextW
ChooseColorA

ole32

WdtpInterfacePointer_UserUnmarshal
UtGetDvtd32Info
UtConvertDvtd32toDvtd16
StringFromCLSID
StgOpenStorage
StgCreatePropStg
SetConvertStg
STGMEDIUM_UserSize
STGMEDIUM_UserFree
ReleaseStgMedium
ReadFmtUserTypeStg
ReadClassStg
OleSave
OleRegGetUserType
OleNoteObjectVisible
OleLoadFromStream
OleIsCurrentClipboard
OleFlushClipboard
OleDoAutoConvert
OleCreateMenuDescriptor
OleCreateFromDataEx
OleCreate
MonikerRelativePathTo
IsAccelerator
IIDFromString
HWND_UserUnmarshal
HMETAFILE_UserUnmarshal
HMETAFILE_UserMarshal
HMETAFILE_UserFree
HMENU_UserMarshal
HGLOBAL_UserUnmarshal
HGLOBAL_UserFree
HENHMETAFILE_UserMarshal
HENHMETAFILE_UserFree
HDC_UserSize
HBRUSH_UserMarshal
HBRUSH_UserFree
HACCEL_UserSize
HACCEL_UserMarshal
GetHGlobalFromILockBytes
GetConvertStg
GetClassFile
FreePropVariantArray
DcomChannelSetHResult
CreateGenericComposite
CreateAntiMoniker
CoWaitForMultipleHandles
CoUnloadingWOW
CoTaskMemFree
CoSuspendClassObjects
CoSetProxyBlanket
CoSetCancelObject
CoRevokeMallocSpy
CoRevokeClassObject
CoRegisterClassObject
CoRegisterChannelHook
CoReactivateObject
CoQueryReleaseObject
CoQueryAuthenticationServices
CoLockObjectExternal
CoIsOle1Class
CoIsHandlerConnected
CoInitializeEx
CoGetTreatAsClass
CoGetStandardMarshal
CoGetInterfaceAndReleaseStream
CoEnableCallCancellation
CoDisconnectObject
CoDeactivateObject
CoCreateInstance
CoCreateGuid
CLSIDFromProgID
CLIPFORMAT_UserSize
CoRevertToSelf

oleaut32

VarOr
VarI1FromUI2
VarI1FromR8
VarI1FromI2
VarI1FromDisp
VarI1FromCy
VarI1FromBool
VarFormatPercent
VarFormatNumber
VarFormatFromTokens
VarFormatCurrency
VarFormat
VarDecMul
VarDecInt
VarDecFromUI4
VarDecFromUI1
VarDecFromI4
VarDecFromI2
VarDecFromDate
VarDecFromCy
VarDecDiv
VarDecCmp
VarDecAdd
VarDateFromUdateEx
VarDateFromUdate
VarDateFromUI4
VarDateFromUI2
VarDateFromUI1
VarDateFromStr
VarDateFromR4
VarDateFromI4
VarDateFromI2
VarDateFromI1
VarDateFromDec
VarDateFromCy
VarCySu
VarCyNeg
VarCyMul
VarCyInt
VarCyFromUI4
VarCyFromStr
VarCyFromR8
VarCyFromR4
VarCyFromI4
VarCyFromI2
VarCyFromDisp
VarCyFromDec
VarCyFromBool
VarCyCmpR8
VarCmp
VarCat
VarBstrFromUI4
VarBstrFromUI2
VarBstrFromR4
VarBstrFromI4
VarBstrFromI1
VarBstrFromDisp
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarBstrFromBool
VarBstrCmp
VarBstrCat
VarBoolFromStr
VarBoolFromR8
VarBoolFromI2
VarBoolFromI1
VarBoolFromCy
VarAnd
VarAdd
VARIANT_UserSize
VARIANT_UserFree
SystemTimeToVariantTime
SysStringLen
SysReAllocStringLen
SysAllocStringLen
SysAllocString
SetErrorInfo
SafeArrayUnlock
SafeArraySetIID
SafeArrayRedim
SafeArrayPutElement
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetElement
SafeArrayGetDim
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayCreateVector
SafeArrayCreateEx
SafeArrayCreate
SafeArrayCopy
SafeArrayAllocDescriptorEx
SafeArrayAllocData
RevokeActiveObject
VariantTimeToSystemTime
VariantCopy
VariantClear
VariantChangeType
VarWeekdayName
VarUdateFromDate
VarUI4FromUI2
VarUI4FromUI1
VarUI4FromR4
VarUI4FromI4
VarUI4FromI2
VarUI4FromI1
VarUI4FromDec
VarUI4FromDate
VarUI4FromCy
VarUI4FromBool
VarUI2FromUI1
RegisterTypeLi
VarUI2FromStr
VarUI2FromR8
VarUI2FromR4
VarUI2FromI4
VarUI2FromI2
VarUI2FromDec
VarUI1FromStr
VarUI1FromI2
VarUI1FromI1
VarUI1FromDisp
VarUI1FromCy
VarUI1FromBool
VarTokenizeFormatString
VarRound
VarR8FromUI4
VarR8FromUI1
VarR8FromR4
VarR8FromI2
VarR8FromI1
VarR8FromDisp
VarR8FromDec
VarR8FromCy
VarR4FromUI4
VarR4FromR8
VarR4FromI2
VarR4FromI1
VarR4FromCy
VarR4FromBool
VarR4CmpR8
VarPow
VarParseNumFromStr
VarI1FromUI4
VarNeg
VarMul
VarMonthName
VarMod
VarInt
VarImp
VarI4FromUI2
VarI4FromUI1
VarI4FromR4
VarI4FromDisp
VarI4FromDec
VarI4FromDate
VarI4FromBool
VarI2FromUI2
VarI2FromR8
VarI2FromR4
VarI2FromI4
VarI2FromI1
VarI2FromDisp
VarI2FromDec
VarI2FromDate
VarI2FromCy
VarI2FromBool
BSTR_UserFree
BSTR_UserMarshal
BSTR_UserSize
BstrFromVector
CreateErrorInfo
DispGetParam
DosDateTimeToVariantTime
GetActiveObject
GetAltMonthNames
GetErrorInfo
GetRecordInfoFromTypeInfo
LHashValOfNameSysA
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserSize
LoadTypeLi
LoadTypeLibEx
OACreateTypeLib2
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPictureEx
OleLoadPictureFile
OleLoadPictureFileEx
OleLoadPicturePath
OleSavePictureFile
QueryPathOfRegTypeLi
RegisterActiveObject

msvcrt

memcpy

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mm1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36939b8c29f15add42e4c34804907d6f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

oleaut32

msvcrt

Sections

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 728B

.mm1 Size: 1024B - Virtual size: 1000B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 728B

.mm1
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 2KB