30c82cf5ab290dd0516d47d8766c4945_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30c82cf5ab290dd0516d47d8766c4945_JaffaCakes118
Size

89KB
MD5

30c82cf5ab290dd0516d47d8766c4945
SHA1

c05686b6405c8cd84723c492240ecaadfa065ef4
SHA256

c1de18d1fd347cc7745ef1b738309566e7a42d7fcad0daf9558c67f17fb88af4
SHA512

8dd536b03319d88f07ceaf37f0998ee471873730e363d5a02d889bb4c9157915b9e060846736e77dce2985d71d16976a48a000c7752a0d661d9aa94025994bdb
SSDEEP

1536:pQSePy6tBrXazTRgmiNVv2kfph8CXV2r3nxmQ10IP4E9NWVWcR2B8dG5pQE08hC0:H6tGtDiT+hCl2jxmQnP4+YVWccOdAdh/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30c82cf5ab290dd0516d47d8766c4945_JaffaCakes118

Files

30c82cf5ab290dd0516d47d8766c4945_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e57177fda3437b8d3a7605f3e91a67f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsUNCW
SHRegDeleteEmptyUSKeyA
HashData
PathFindExtensionW
SHQueryValueExW
PathSetDlgItemPathW
SHEnumKeyExA
PathIsDirectoryW
PathIsSameRootW
StrCmpNA
PathGetDriveNumberA
SHDeleteEmptyKeyA
PathMakeSystemFolderA
PathUnmakeSystemFolderA
SHRegGetBoolUSValueA
SHEnumValueA
StrDupA
ColorRGBToHLS
StrIsIntlEqualW
PathIsDirectoryEmptyA
PathIsRelativeA
PathFindSuffixArrayW
StrRChrIA
SHCreateStreamOnFileW
PathCompactPathExW
PathRenameExtensionW
AssocQueryStringW
StrFormatKBSizeA
SHRegEnumUSKeyA
PathCreateFromUrlA
StrChrIA
PathUnquoteSpacesW
UrlHashA
UrlIsOpaqueA
SHOpenRegStreamA
SHCopyKeyW
PathGetArgsW
StrFromTimeIntervalA
PathIsUNCA
PathCommonPrefixW
StrChrA
SHDeleteValueW
ChrCmpIW
SHSkipJunction
UrlIsA
PathAppendA
PathSkipRootA
StrRChrIW
PathIsURLA
PathIsContentTypeW
UrlUnescapeA
AssocQueryStringByKeyW
PathMatchSpecW
StrRetToBufA
StrFormatByteSizeW
PathIsPrefixA
PathParseIconLocationA
UrlCombineA
StrNCatW
PathIsSystemFolderW
StrCatBuffW
PathAddBackslashW
SHRegOpenUSKeyW
SHQueryInfoKeyW
PathGetCharTypeA
StrPBrkW

ole32

WriteStringStream
CoLoadLibrary
FreePropVariantArray
OleDraw
OleSave
OleCreateLinkFromDataEx
OleConvertIStorageToOLESTREAMEx
CoUnmarshalHresult
CreateClassMoniker
CoCreateInstance
OleQueryLinkFromData
CoGetClassObject
CoGetTreatAsClass
CoInitializeEx
StringFromIID
OleCreateStaticFromData
CoGetStandardMarshal
CoRegisterChannelHook
PropVariantClear
CoLockObjectExternal
UpdateDCOMSettings
CoUnmarshalInterface
CoSetProxyBlanket
CreateILockBytesOnHGlobal
UtGetDvtd32Info
OleLoad
OleTranslateAccelerator
OleCreateFromData
CoQueryAuthenticationServices
CoFileTimeNow
StgOpenAsyncDocfileOnIFillLockBytes
OleCreateFromFileEx
StgGetIFillLockBytesOnILockBytes
ReadOleStg
CoRegisterPSClsid
CoReleaseServerProcess
OleGetIconOfClass
OleCreateLinkToFileEx
CoMarshalInterThreadInterfaceInStream
CoCreateInstanceEx
OleSaveToStream
CoSuspendClassObjects
CreateOleAdviseHolder
CoInitialize
CoGetMalloc
CoMarshalInterface
CreatePointerMoniker
OleQueryCreateFromData
OleDestroyMenuDescriptor
CoGetInstanceFromFile
CoGetPSClsid
CoGetObject
CoTaskMemFree
OleIsRunning
GetHookInterface
CoCopyProxy
OleRun
CoTaskMemRealloc
CreateBindCtx
WriteClassStm
CoCreateFreeThreadedMarshaler
CoGetInstanceFromIStorage
StgOpenStorageOnILockBytes
OleFlushClipboard
OleUninitialize
UtGetDvtd16Info
CreateDataCache
CoFreeLibrary
OleCreateFromDataEx
CoRevokeClassObject
OleDoAutoConvert
OleNoteObjectVisible

advapi32

OpenEventLogW
LogonUserW
ImpersonateNamedPipeClient
ConvertSecurityDescriptorToAccessNamedA
RegQueryMultipleValuesW
OpenServiceW
SetSecurityInfoExW
GetSidSubAuthorityCount
RegDeleteValueA
OpenSCManagerA
ConvertSecurityDescriptorToAccessW
SetThreadToken
GetMultipleTrusteeW
GetSecurityDescriptorControl
StartServiceCtrlDispatcherW
RegCreateKeyExW
RegSetValueW
CryptContextAddRef
LookupPrivilegeDisplayNameW
BuildSecurityDescriptorW
CryptVerifySignatureW
NotifyChangeEventLog
AdjustTokenPrivileges
BuildTrusteeWithNameW
InitiateSystemShutdownA
SetTokenInformation
CryptSetProviderA
SetSecurityDescriptorDacl
IsValidAcl
RegEnumKeyExA
CryptGenRandom
RegFlushKey
GetAce
EnumServicesStatusA
SetNamedSecurityInfoW
GetFileSecurityA
LookupAccountSidA
AddAccessAllowedAce
CopySid
LookupAccountNameW
CryptGetDefaultProviderA
GetSidIdentifierAuthority
ObjectOpenAuditAlarmA
CryptGetKeyParam
GetNamedSecurityInfoA
CryptSetKeyParam
RegDeleteKeyA
IsTextUnicode
GetTrusteeTypeA
PrivilegedServiceAuditAlarmW
GetAuditedPermissionsFromAclW
GetTrusteeTypeW
CryptSignHashW
CryptSetProviderExW
SetEntriesInAclA
CryptHashData
RegCreateKeyA
RegCreateKeyExA
RegEnumKeyA
GetLengthSid
SetSecurityInfo
CryptDuplicateHash
GetNamedSecurityInfoExA
CreateProcessAsUserA
MakeAbsoluteSD
BuildSecurityDescriptorA
ReadEventLogW
LookupAccountNameA
RegSetValueExA
AddAce
RegReplaceKeyA
OpenBackupEventLogW

kernel32

EnumResourceTypesA
DosDateTimeToFileTime
lstrcmpiW
GetCommModemStatus
GetAtomNameA
SwitchToThread
UnlockFileEx
CreateConsoleScreenBuffer
SetFileApisToOEM
CancelIo
GetPriorityClass
GetNamedPipeHandleStateA
FatalExit
ScrollConsoleScreenBufferA
GetLargestConsoleWindowSize
GlobalUnlock
OutputDebugStringW
IsBadStringPtrW
FindClose
GetProcessAffinityMask
FindFirstChangeNotificationW
SetThreadPriorityBoost
EnumSystemCodePagesW
BuildCommDCBW
CreateWaitableTimerA
GetSystemTimeAdjustment
GetEnvironmentStringsW
MulDiv
BuildCommDCBAndTimeoutsW
GetPrivateProfileStringW
LoadLibraryExA
LoadLibraryW
FileTimeToSystemTime
GetPrivateProfileStringA
SetProcessPriorityBoost
DeleteFileW
SetConsoleWindowInfo
LockResource
ClearCommError
WaitForSingleObjectEx
GlobalReAlloc
ResetEvent
GetStringTypeExW
PrepareTape
BuildCommDCBA
VirtualProtect
SetThreadLocale
FreeConsole
Toolhelp32ReadProcessMemory
FlushInstructionCache
FormatMessageW
GetDiskFreeSpaceExW
CreateSemaphoreW
FreeEnvironmentStringsA
OpenFileMappingA
SetThreadIdealProcessor
FindAtomA
BackupRead
CreateEventW
CallNamedPipeA
CreateDirectoryW
LoadLibraryA
CreateDirectoryExW
GetShortPathNameA
GetTapeStatus
lstrcpynW
IsBadCodePtr
GetDevicePowerState
SetSystemTime
LockFile
FormatMessageA
GetLongPathNameW
SetThreadContext
EndUpdateResourceA
FindFirstFileExA
FindResourceW
GetCommState
SetSystemTimeAdjustment
MoveFileA
lstrcatW
GetFileType
WriteConsoleOutputW
FindAtomW
GetPrivateProfileStructW
CreateDirectoryExA
OpenProcess
Process32Next
GetStringTypeA
CreateNamedPipeW
VirtualAlloc

user32

CharLowerW
GetWindowInfo
DrawAnimatedRects
IsWindowVisible
GetCaretBlinkTime
SetDlgItemTextA
IsMenu
ToAsciiEx
GetMenuState
EnableWindow
DdeAccessData
GetWindowModuleFileNameW
EnumThreadWindows
SendMessageW
SetCursor
EnumPropsW
ModifyMenuW
MessageBoxA
GetSubMenu
IsDialogMessage
CreateWindowExW
CreateDesktopW
FindWindowExA
SetWindowLongW
BroadcastSystemMessageA
IsCharAlphaA
IsCharUpperA
GetKeyboardLayoutList
RemovePropW
EnumClipboardFormats
SetWindowContextHelpId
TrackPopupMenu
GetDialogBaseUnits
GetClipCursor
SetScrollPos
GetWindowTextLengthW
InvalidateRect
LoadMenuIndirectW
ShowCaret
SetDebugErrorLevel
MoveWindow
GetInputDesktop
ScrollWindowEx
GetPriorityClipboardFormat
MonitorFromWindow
GetWindowPlacement
CreateDialogParamA
GetWindowWord
MonitorFromRect
FlashWindowEx
SetDoubleClickTime
LoadImageA
DlgDirListW
MessageBoxW
GetMenuItemRect
ExitWindowsEx
DrawTextExA
DialogBoxIndirectParamW
GetShellWindow
ChildWindowFromPointEx
ChangeDisplaySettingsW
ShowWindowAsync
DlgDirSelectComboBoxExA
MapVirtualKeyExW
GetDlgItem
DrawTextW
EndTask
SetMenuItemBitmaps
ChangeDisplaySettingsA
DestroyCaret
LoadIconW
GetFocus
GetActiveWindow
GetKeyboardLayoutNameW
UnionRect
SetClassLongA
ShowOwnedPopups

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7e57177fda3437b8d3a7605f3e91a67f

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

ole32

advapi32

kernel32

user32

Sections

.text Size: 75KB - Virtual size: 75KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 1KB - Virtual size: 16KB

.text
Size: 75KB - Virtual size: 75KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 1KB - Virtual size: 16KB