3383313034eb582cf2f4a8a3d3f9de44_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3383313034eb582cf2f4a8a3d3f9de44_JaffaCakes118
Size

332KB
MD5

3383313034eb582cf2f4a8a3d3f9de44
SHA1

139e7f691b1a992a3169b0e352b91d99bf4a5ebf
SHA256

9f130fe49c16414b1ddb916e0717ef63af96406ebda3bf5df254566adbab0712
SHA512

b82ee284582d1e3ae6276222764e23caff65926b0d9d1aebce2012f4d6c689e6fdf6621124dcf81a2d31c6275a74b0b7b58d23656c5835c8f14d15b614c6a73d
SSDEEP

6144:9raxbhDAYyAhXHPg+o1iLR4HSdODVlbn4arIsJjfj4ovB7vexuauXg5lS5jAtLb:9axbhDCAa+o10IuOJqMd4ovB7vKuau8p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3383313034eb582cf2f4a8a3d3f9de44_JaffaCakes118

Files

3383313034eb582cf2f4a8a3d3f9de44_JaffaCakes118
.exe windows:5 windows x86 arch:x86

34bc12563a2a93dc0988809e169e0908

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetProcessImageFileNameW

shell32

SHBrowseForFolderW
SHCreateShellItem
SHGetFileInfoW
SHGetPathFromIDListA
SHGetFolderPathAndSubDirW
SHGetDesktopFolder
ShellExecuteA
SHFileOperationW
Shell_NotifyIconW
Shell_NotifyIconA
ExtractAssociatedIconExW
SHGetFolderLocation
SHSetLocalizedName
SHAppBarMessage
SHChangeNotify
ShellExecuteExW
ShellAboutW
SHGetFolderPathW
SHGetInstanceExplorer
SHGetSpecialFolderPathW
SHBindToParent
ExtractIconExW
SHGetPathFromIDListW
SHGetDataFromIDListW
SHGetSpecialFolderLocation
SHPathPrepareForWriteW
DragQueryFileW
ExtractIconW
ShellExecuteW

uxtheme

IsAppThemed
IsThemeActive
GetThemePartSize
GetThemeBackgroundContentRect
GetThemeBackgroundExtent
GetThemeColor
CloseThemeData
DrawThemeParentBackground
DrawThemeBackground
GetThemeFont
GetThemeMargins
GetThemeAppProperties
OpenThemeData
SetWindowTheme
GetThemeMetric

advapi32

TraceMessage
RegOpenKeyW
RegCreateKeyA
GetLengthSid
IsTextUnicode
SetThreadToken
RegQueryValueExA
RegCreateKeyExA
OpenProcessToken
GetTraceLoggerHandle
RegEnumKeyExW
RegisterTraceGuidsW
RegOpenKeyExA
CryptCreateHash
RegSetValueExW
RegDeleteValueA
RegOpenKeyExW
ConvertStringSidToSidW
RegOpenCurrentUser
DuplicateTokenEx
CryptDestroyHash
GetTokenInformation
CryptReleaseContext
ConvertSidToStringSidW
RegDeleteValueW
RegEnumValueW
CreateProcessAsUserW
RegQueryValueExW
RegQueryInfoKeyW
RegDeleteKeyA
RegEnumValueA
TraceEvent
RegCloseKey
CryptGetHashParam
RegSetValueExA
RegEnumKeyW
RegCreateKeyExW
SetTokenInformation
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetTraceEnableFlags
UnregisterTraceGuids
GetTraceEnableLevel
GetUserNameW
OpenThreadToken
ImpersonateSelf
RegQueryValueW
CryptHashData
RegDeleteKeyW
CryptAcquireContextW

kernel32

IsWow64Process
CreateFileMappingW
CreateActCtxW
CreateEventA
GetPrivateProfileStringA
QueryPerformanceFrequency
GlobalFree
GetModuleFileNameA
DisableThreadLibraryCalls
FindClose
CreateFileMappingA
ReleaseMutex
GetVersionExW
ActivateActCtx
SystemTimeToFileTime
QueryPerformanceCounter
FreeLibraryAndExitThread
InitializeCriticalSectionAndSpinCount
GetDateFormatW
GlobalAlloc
OutputDebugStringA
FreeLibrary
GetLongPathNameW
GetFileAttributesExW
ReleaseSemaphore
CloseHandle
SetEndOfFile
SetCurrentDirectoryW
GetShortPathNameW
GlobalDeleteAtom
GetFileInformationByHandle
SetThreadPriority
QueueUserWorkItem
DebugBreak
CompareStringA
GetSystemInfo
LocalFree
MulDiv
GetNumberFormatW
UnlockFileEx
HeapCreate
CopyFileW
lstrcmpiW
GlobalReAlloc
GetThreadLocale
FindResourceExW
GetProcessHeap
TryEnterCriticalSection
CreateFileA
VirtualAlloc
MoveFileExW
LoadLibraryExW
ReplaceFileW
lstrcmpA
OpenProcess
InterlockedDecrement
SetThreadExecutionState
Process32FirstW
GetCurrentProcess
SetEnvironmentVariableW
GetTempFileNameW
VirtualFree
CreateThread
SetProcessWorkingSetSize
Sleep
GetCurrentThread
DuplicateHandle
SetFileTime
GetACP
GetPrivateProfileSectionW
GetCPInfo
DeleteAtom
InitializeCriticalSection
SizeofResource
Process32NextW
GetProcAddress
GetCurrentThreadId
GetThreadContext
CreateTimerQueueTimer
SetLastError
TlsSetValue
SetFilePointerEx
GetFullPathNameW
InterlockedIncrement
MapViewOfFile
GetTempPathW
GetSystemTime
FileTimeToLocalFileTime
SetProcessShutdownParameters
ResumeThread
GetAtomNameW
HeapDestroy
CreateDirectoryA
QueryDosDeviceW
GetModuleHandleW
FindFirstFileW
FlushInstructionCache
CreateMutexA
RemoveDirectoryW
ResetEvent
ReadFile
SetUnhandledExceptionFilter
InterlockedCompareExchange
GetTimeFormatW
GetModuleHandleA
IsDBCSLeadByte
ExitProcess
CreateToolhelp32Snapshot
GetModuleFileNameW
SearchPathW
SetEvent
WaitForSingleObjectEx
MultiByteToWideChar
GetPrivateProfileSectionNamesW
LocalFileTimeToFileTime
TerminateThread
GetLocalTime
CreateFileW
LCMapStringW
GetEnvironmentVariableW
GetTickCount
SuspendThread
OpenMutexA
HeapFree
TlsGetValue
GetCurrentProcessId
lstrcmpiA
GetLogicalDriveStringsW
CreateSemaphoreW
TlsFree
FindResourceW
SetErrorMode
LoadLibraryA
OpenEventW
GlobalSize
ReleaseActCtx
LockResource
HeapReAlloc
FindAtomW
ExpandEnvironmentStringsW
GetFileSizeEx
GetFileSize
LocalReAlloc
TlsAlloc
CreateEventW
VirtualQuery
LocalAlloc
LeaveCriticalSection
DeleteTimerQueueTimer
GetSystemDirectoryA
CompareFileTime
HeapAlloc
GetModuleHandleExW
EnterCriticalSection
WideCharToMultiByte
LockFileEx
GetVersion
ExpandEnvironmentStringsA
GlobalFlags
EnumUILanguagesW
GetThreadPriority
GlobalAddAtomW
LoadLibraryW
GetUserDefaultUILanguage
CreateMutexW
LocalSize
GetSystemDefaultUILanguage
GetCurrentDirectoryW
GetSystemTimeAsFileTime
SetFilePointer
SetCurrentDirectoryA
CreateDirectoryW
OpenMutexW
WritePrivateProfileSectionW
WaitForMultipleObjects
UnmapViewOfFile
SetFileAttributesW
GetSystemDefaultLCID
GetWindowsDirectoryW
GetExitCodeThread
CompareStringW
GlobalLock
TerminateProcess
MoveFileW
lstrcmpW
GlobalAddAtomA
RaiseException
GetFileAttributesA
WritePrivateProfileStringW
lstrlenW
DeactivateActCtx
GetFileAttributesW
FormatMessageW
GlobalUnlock
DeleteCriticalSection
LoadResource
GetLastError
UnhandledExceptionFilter
GetVersionExA
DeleteFileW
SetThreadContext
InterlockedExchange
WriteFile
FindNextFileW
GetSystemDirectoryW
GetUserDefaultLCID
VirtualProtect
WaitForSingleObject
lstrlenA
GetSystemWow64DirectoryW
AddAtomW
GetModuleHandleExA
GetLocaleInfoW
FileTimeToSystemTime
CreateProcessW
GetPrivateProfileStringW

gdi32

GetGlyphIndicesW
SetLayout
CreateMetaFileW
SetViewportExtEx
SelectPalette
OffsetWindowOrgEx
SetViewportOrgEx
GetBrushOrgEx
GetTextExtentPointW
CreateDIBPatternBrushPt
BitBlt
GetTextExtentPoint32A
TextOutW
DeleteEnhMetaFile
SetStretchBltMode
GetRgnBox
SetDCPenColor
GetBkColor
CreateCompatibleDC
SetMapMode
SelectObject
GetLayout
GetDCOrgEx
SetBkColor
CreateFontIndirectA
CreateRectRgnIndirect
MoveToEx
CreateCompatibleBitmap
GetTextExtentExPointI
CreateHalftonePalette
CreatePolygonRgn
TextOutA
RestoreDC
GetDeviceCaps
SetBrushOrgEx
CreateDCA
ExtCreateRegion
CreateDIBSection
CreateSolidBrush
CreateBitmap
SetWindowExtEx
LPtoDP
CreatePatternBrush
Rectangle
StretchBlt
GetClipBox
GetObjectA
SetRectRgn
GetRegionData
CreateFontIndirectW
ExtTextOutW
GetTextColor
CreateDCW
GetTextMetricsW
GetTextAlign
RectVisible
CreatePalette
CloseMetaFile
SetWindowOrgEx
GetSystemPaletteEntries
StretchDIBits
DeleteDC
CreateRectRgn
PatBlt
RealizePalette
OffsetRgn
GetPaletteEntries
GetBkMode
SetTextAlign
GetPixel
EqualRgn
DeleteObject
CreateFontW
GetObjectW
GetTextExtentPoint32W
PlayEnhMetaFile
IntersectClipRect
CreatePen
SaveDC
SetPaletteEntries
GetStockObject
LineTo
SetBkMode
SetTextColor
GetTextCharset
CreateEnhMetaFileA
GetDIBits
CombineRgn
CloseEnhMetaFile

ntdll

NtAllocateVirtualMemory
RtlUshortByteSwap
LdrGetDllHandle

user32

GetShellWindow
GetScrollInfo
EndDeferWindowPos
OffsetRect
SendNotifyMessageW
GetTopWindow
SetMenuItemBitmaps
TrackPopupMenu
MessageBoxExW
IsDialogMessageW
BeginPaint
IsChild
SetWindowPos
GetPropW
GetPropA
RedrawWindow
SetCursor
CheckDlgButton
MapDialogRect
CreatePopupMenu
LoadCursorW
GetDlgCtrlID
CharLowerW
AttachThreadInput
CharNextW
CheckMenuItem
SetMenuDefaultItem
TrackPopupMenuEx
GetClassInfoExW
CharPrevA
SetPropA
PostMessageA
IsMenu
DdeFreeDataHandle
UnhookWindowsHookEx
LoadCursorA
DialogBoxIndirectParamW
DeferWindowPos
NotifyWinEvent
PeekMessageA
DrawFrameControl
EnumThreadWindows
RegisterClipboardFormatW
AppendMenuW
GetSystemMetrics
VkKeyScanExW
EndDialog
ReleaseDC
GetDialogBaseUnits
GetAncestor
GetMessageW
GetWindowDC
GetWindowRgnBox
MessageBoxIndirectW
GetWindowLongW
WaitMessage
SetClipboardData
GetComboBoxInfo
GetClipboardFormatNameW
IsWindowEnabled
GetWindowInfo
EnableMenuItem
GetIconInfo
PostQuitMessage
DdeNameService
EnumChildWindows
CharNextA
CharUpperW
MonitorFromRect
MsgWaitForMultipleObjectsEx
GetKeyboardLayout
GetMessageA
GetForegroundWindow
GetWindowThreadProcessId
MapVirtualKeyW
CreateMenu
GetWindowRect
RegisterClassExW
DdeCreateDataHandle
GetWindow
MessageBoxExA
LoadIconW
GetSysColorBrush
InsertMenuW
DispatchMessageW
DdeFreeStringHandle
FindWindowA
CheckMenuRadioItem
SetDlgItemInt
SetFocus
ShowOwnedPopups
GetClassLongW
IsCharAlphaNumericW
IsWindow
LoadAcceleratorsW
SetClipboardViewer
SetWindowLongW
GetMenuStringW
EnumDesktopWindows
WaitForInputIdle
SendMessageTimeoutA
CharPrevW
MsgWaitForMultipleObjects
DrawTextExW
DefWindowProcA
WinHelpW
ScreenToClient
GetMonitorInfoW
GetDoubleClickTime
SetWindowLongA
GetCursor
LoadStringA
GetParent
GetNextDlgTabItem
DestroyWindow
SetParent
DestroyMenu
KillTimer
MonitorFromPoint
GetMenuItemInfoW
IsHungAppWindow
GetMenuItemCount
GetActiveWindow
TranslateAcceleratorW
ChildWindowFromPoint
SetRectEmpty
GetFocus
MessageBoxIndirectA
AllowSetForegroundWindow
SetWindowPlacement
SetWindowTextW
wsprintfW
BeginDeferWindowPos
GetMenuState
GetKeyState
SendMessageA
GetClientRect
ShowWindow
GetProcessWindowStation
DefWindowProcW
CallMsgFilterW
GetDesktopWindow
TranslateMessage
LoadMenuW
GetCapture
SetCapture
PostMessageW
GetDlgItem
HideCaret
RegisterWindowMessageA
DdeCreateStringHandleW
SetDlgItemTextW
PostThreadMessageA
GetMenuItemID
DrawTextW
GetWindowPlacement
IsRectEmpty
GetMessageTime
GetClassNameW
GetAsyncKeyState
GetSysColor
CreateIconIndirect
SystemParametersInfoA
DestroyAcceleratorTable
IsWindowVisible
DialogBoxParamW
CopyIcon
SetForegroundWindow
GetMenuDefaultItem
EnumWindows
SetActiveWindow
RemoveMenu
GetClipboardData
FillRect
GetLastInputInfo
MonitorFromWindow
LoadBitmapW
CheckRadioButton
MessageBeep
SetWindowsHookExW
CallWindowProcW
DdeClientTransaction
SetRect
ShowCaret
ClientToScreen
ReleaseCapture
SetTimer
GetClassWord
InflateRect
IsDlgButtonChecked
DrawFocusRect
CharLowerBuffW
GetDC
SetCursorPos
GetWindowTextLengthW
DeleteMenu
GetDlgItemTextW
TrackMouseEvent
GetMenuItemInfoA
DialogBoxParamA
IsIconic
CreateDialogParamW
GetClassInfoW
EnableWindow
InvalidateRect
LockSetForegroundWindow
SetScrollPos
SetMenu
AdjustWindowRectEx
RegisterWindowMessageW
DispatchMessageA
SetWindowRgn
DdeQueryStringW
DdeInitializeW
GetSubMenu
SetScrollInfo
UpdateWindow
FindWindowExW
EmptyClipboard
EndPaint
GetCursorPos
PeekMessageW
MoveWindow
PostThreadMessageW
DrawEdge
DdeGetData
EqualRect
ChangeClipboardChain
SetMenuItemInfoW
GetWindowLongA
GetWindowTextW
MessageBoxW
DdeDisconnect
MapWindowPoints
CreateWindowExW
InsertMenuItemW
SendMessageTimeoutW
LoadImageW
IsWindowUnicode
EndMenu
PtInRect
SendDlgItemMessageW
CloseClipboard
GetSystemMenu
GetMessagePos
ShowScrollBar
UnregisterClassW
RegisterClipboardFormatA
DialogBoxIndirectParamA
AdjustWindowRect
DrawIconEx
WindowFromPoint
CopyImage
EnumDisplaySettingsW
RemovePropA
RemovePropW
FindWindowW
SetPropW
DdeUninitialize
UpdateLayeredWindow
CopyRect
CallNextHookEx
AnimateWindow
RegisterClassW
SendMessageW
OpenClipboard
UnionRect
DestroyIcon
IntersectRect
LoadStringW
GetLastActivePopup
SystemParametersInfoW
GetKeyNameTextW
DdeConnect

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

34bc12563a2a93dc0988809e169e0908

Headers

DLL Characteristics

File Characteristics

Imports

psapi

shell32

uxtheme

advapi32

kernel32

gdi32

ntdll

user32

Sections

.text Size: 183KB - Virtual size: 183KB

.rdata Size: 88KB - Virtual size: 88KB

.rsrc Size: 21KB - Virtual size: 21KB

.data Size: 37KB - Virtual size: 1.4MB

.tls Size: 512B - Virtual size: 4KB

.text
Size: 183KB - Virtual size: 183KB

.rdata
Size: 88KB - Virtual size: 88KB

.rsrc
Size: 21KB - Virtual size: 21KB

.data
Size: 37KB - Virtual size: 1.4MB

.tls
Size: 512B - Virtual size: 4KB