3586d13d616d7cc4c1ab58efd589b570_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3586d13d616d7cc4c1ab58efd589b570_JaffaCakes118
Size

91KB
MD5

3586d13d616d7cc4c1ab58efd589b570
SHA1

53f23e9aee669aae719f4de13c29abdca9172320
SHA256

bd9d8443586ec87a0d7da4fd47fe3812967d6e16062232ae57b77042b11f4a35
SHA512

9c998db95aea02c72d95a27cbbb1fb2a7b6174142dd8305a41ffa808e5e0f9cd8f6626b6b81ee3c92892817c156ea8e8c994415a7b2fb5ef7afea5d60c0d7736
SSDEEP

1536:+VQd1sYYbwmwRX+JlY2J1PUB387qP9l2TwT+vq8ua/5S/ROLkgYsFyJT+W:+6RYuXWt1sx87Sc35SzgYsFKT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3586d13d616d7cc4c1ab58efd589b570_JaffaCakes118

Files

3586d13d616d7cc4c1ab58efd589b570_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d22718f76606578ecabfa817fe59ad19

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

adsldpc

ADsEnumClasses

kernel32

GetSystemDirectoryA
lstrcpyW
TlsGetValue
GetProcAddress
GetUserDefaultLCID
GlobalAddAtomW
DuplicateHandle
WaitForSingleObject
lstrcatW
SetEvent
lstrcmpiA
FormatMessageW
DeleteCriticalSection
EnterCriticalSection
MultiByteToWideChar
LockResource
GetVolumeInformationW
SearchPathW
UnlockFile
InitializeCriticalSection
FindFirstFileW
Sleep
lstrcpynA
VirtualQuery
GlobalFlags
GetThreadLocale
FileTimeToSystemTime
GetVersion
WideCharToMultiByte
GlobalHandle
ResumeThread
lstrcmpiW
TerminateProcess
GetSystemInfo
InterlockedCompareExchange
InterlockedIncrement
SizeofResource
WriteFile
GetDiskFreeSpaceW
FindClose
GetModuleFileNameW
OutputDebugStringW
GetFullPathNameW
lstrlenW
FindNextFileW
GlobalLock
GetFileTime
GetProcessVersion
CreateMutexW
LocalFree
LocalFileTimeToFileTime
WritePrivateProfileStringW
LoadResource
MulDiv
SetThreadPriority
VirtualProtect
IsDBCSLeadByte
SetFileAttributesW
SetErrorMode
GetFileSize
SetFilePointer
SetFileTime
LeaveCriticalSection
GetShortPathNameW
lstrcmpW
FileTimeToLocalFileTime
LocalReAlloc
GetCurrentThread
GetTickCount
lstrlenA
ReadFile
LocalUnlock
GetFileAttributesW
LoadLibraryA
TlsAlloc
GetCurrentProcess
CloseHandle
GlobalFindAtomW
ReleaseSemaphore
GlobalReAlloc
CreateSemaphoreW
GetModuleHandleW
SetUnhandledExceptionFilter
lstrcmpA
VirtualAlloc
lstrcpynW
SystemTimeToFileTime
LockFile
GetVersionExW
GetProfileIntW
SetLastError
TlsSetValue
GlobalUnlock
LoadLibraryW
lstrcpyA
GlobalAlloc
LoadLibraryExA
CopyFileW
MoveFileW
GetModuleHandleA
FreeResource
TlsFree
FindResourceExW
FindResourceW
GetVersionExA
CreateFileW
FlushFileBuffers
GetTempPathW
FreeLibrary
SuspendThread
GetSystemTimeAsFileTime
GlobalSize
GlobalGetAtomNameW
DelayLoadFailureHook
GetPrivateProfileStringW
GlobalDeleteAtom
lstrcatA
LocalLock
InterlockedDecrement
GetPrivateProfileIntW
CreateEventW
GetStringTypeExW
SetEndOfFile
UnhandledExceptionFilter
LocalAlloc
GetTempFileNameW
GlobalFree
GetCurrentThreadId
DeleteFileW
WaitForMultipleObjects
GetCurrentProcessId
QueryPerformanceCounter
ReleaseMutex
GetCurrentDirectoryW
GetLastError

gdi32

GetDeviceCaps
DeleteMetaFile
CreateBitmap
CreateCompatibleDC
GetBkColor
ExtCreatePen
SelectClipRgn
SetWindowExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SaveDC
SetMapMode
CreateMetaFileW
GetCurrentPositionEx
PolyBezierTo
SetBkColor
GetMapMode
CreatePatternBrush
GetNearestColor
GetTextColor
SetMapperFlags
MoveToEx
CreateFontIndirectW
CreatePalette
SetBkMode
Escape
SetBrushOrgEx
GetTextFaceW
CreateRectRgn
EnumFontFamiliesExW
GetViewportExtEx
GetTextExtentPoint32W
SetArcDirection
ExcludeClipRect
GetPaletteEntries
GetBkMode
AbortDoc
GetStretchBltMode
OffsetRgn
SetROP2
RealizePalette
CopyMetaFileW
GetROP2
ScaleViewportExtEx
CreateFontW
DeleteObject
GetTextAlign
PolylineTo
SetTextCharacterExtra
GetClipRgn
StartPage
GetWindowExtEx
LPtoDP
StartDocW
PtVisible
GetPolyFillMode
SetWindowOrgEx
GetClipBox
GetObjectW
SelectPalette
GetObjectType
PlayMetaFile
ScaleWindowExtEx
SelectClipPath
SetViewportExtEx
SetTextColor
SetTextAlign
SetRectRgn
SetColorAdjustment
SelectObject
Rectangle
CreateHatchBrush
GetWindowOrgEx
GetCharWidthW
GetTextExtentPoint32A
SetViewportOrgEx
EnumMetaFile
SetStretchBltMode
OffsetClipRgn
DPtoLP
CreateCompatibleBitmap
ExtTextOutW
CreateDIBPatternBrushPt
CombineRgn
CreateSolidBrush
GetStockObject
EnumFontFamiliesW
EndDoc
IntersectClipRect
CloseMetaFile
ArcTo
ExtSelectClipRgn
UnrealizeObject
CreateDCW
GetTextMetricsW
LineTo
PlayMetaFileRecord
DeleteDC
RectVisible
EndPage
SetTextJustification
CreatePen
TextOutW
BitBlt
PolyDraw
RestoreDC
GetViewportOrgEx
SetPolyFillMode
StretchDIBits
PatBlt
GetPixel
SetAbortProc
CreateRectRgnIndirect

msvcrt

malloc
_wtoi
ceil
__dllonexit
_open_osfhandle
wcsrchr
gmtime
_wfullpath
calloc
_adjust_fdiv
vswprintf
_except_handler3
_wcsnicmp
fread
_msize
wcsstr
mktime
_CxxThrowException
wcsncmp
_wcsupr
_snwprintf
_itow
modf
wcslen
wcsncpy
_expand
wcscspn
abort
wcscpy
iswspace
floor
wcstod
wcsspn
_ltow
fclose
fflush
ftell
_wsplitpath
time
_fdopen
_purecall
_wcslwr
realloc
wcschr
wcscmp
__wargv
_initterm
free
_beginthreadex
iswdigit
_endthreadex
_onexit
clearerr
_wcsdup
wcsftime
localtime
_get_osfhandle
memmove
fseek
_wcsrev
fgetws
_ultow
swprintf
fputws
wcspbrk
fwrite
__doserrno
__argc
__CxxFrameHandler
wcstol
_wtol
wcstoul

ws2_32

WSAGetLastError

ole32

ReleaseStgMedium
OleRegGetUserType
OleIsRunning
CreateBindCtx
OleSetContainedObject
StgCreateDocfile
OleLoad
OleSave
CoRegisterClassObject
OleUninitialize
OleCreateMenuDescriptor
RevokeDragDrop
StringFromCLSID
OleDestroyMenuDescriptor
OleSetMenuDescriptor
OleSetClipboard
WriteClassStg
OleCreate
GetHGlobalFromILockBytes
OleCreateLinkToFile
OleLoadFromStream
OleCreateLinkFromData
StgIsStorageFile
ReadFmtUserTypeStg
CLSIDFromProgID
CoUninitialize
CoTreatAsClass
OleCreateFromFile
OleGetClipboard
CreateILockBytesOnHGlobal
StgOpenStorage
OleQueryLinkFromData
OleLockRunning
ReadClassStm
GetRunningObjectTable
CoRevokeClassObject
RegisterDragDrop
DoDragDrop
CoLockObjectExternal
IsAccelerator
WriteClassStm
CoGetMalloc
OleCreateFromData
OleTranslateAccelerator
OleInitialize
StgCreateDocfileOnILockBytes
SetConvertStg
OleQueryCreateFromData
CLSIDFromString
GetClassFile
OleRegEnumVerbs
CoRegisterMessageFilter
CreateStreamOnHGlobal
OleRun
ReadClassStg
CreateOleAdviseHolder
OleSaveToStream
CoGetClassObject
CoInitialize
OleRegGetMiscStatus
CreateFileMoniker
CoCreateInstance
CoDisconnectObject
OleIsCurrentClipboard
CreateDataCache
CreateDataAdviseHolder
CoFreeUnusedLibraries
CoTaskMemAlloc
OleGetIconOfClass
OleDuplicateData
WriteFmtUserTypeStg
StgOpenStorageOnILockBytes
CreateGenericComposite
CreateItemMoniker
OleCreateStaticFromData
OleFlushClipboard
CoTaskMemFree
StringFromGUID2

ntdll

NtCreateKey

user32

RemovePropW
GetCapture
TrackPopupMenu
PtInRect
GetMenuState
CreateWindowExW
GetTopWindow
GetNextDlgTabItem
DrawEdge
GetDlgItemTextW
InsertMenuW
GetActiveWindow
MapWindowPoints
CharUpperW
SystemParametersInfoA
MoveWindow
GetCursorPos
ModifyMenuW
GetNextDlgGroupItem
IsWindowEnabled
wsprintfW
GetScrollPos
ClientToScreen
RedrawWindow
EndPaint
PostMessageW
GetClientRect
SendMessageW
FrameRect
RegisterClassW
FindWindowW
SetWindowTextW
DefWindowProcW
UnionRect
SetActiveWindow
UnhookWindowsHookEx
WindowFromDC
DestroyCursor
GetSubMenu
InSendMessage
TranslateMDISysAccel
IsClipboardFormatAvailable
GetDialogBaseUnits
GetParent
IsIconic
KillTimer
GetTabbedTextExtentW
GetWindowDC
EndDialog
CallNextHookEx
BeginDeferWindowPos
DestroyWindow
CharNextW
GetDesktopWindow
DeferWindowPos
GetAsyncKeyState
SetMenu
PostThreadMessageW
CheckRadioButton
OffsetRect
WinHelpW
SetWindowPlacement
UpdateWindow
CopyRect
CheckMenuItem
SetScrollPos
GetMenu
GetDlgCtrlID
AppendMenuW
EnumChildWindows
FillRect
DrawFocusRect
SystemParametersInfoW
GetMessagePos
DrawTextW
SetFocus
GetWindow
GetWindowLongW
GetDlgItemInt
IsChild
GrayStringW
InvertRect
GetWindowTextW
GetTabbedTextExtentA
SetDlgItemInt
SetDlgItemTextW
GetForegroundWindow
ReuseDDElParam
GetDCEx
ShowScrollBar
GetWindowThreadProcessId
DefFrameProcW
SetCursor
SetWindowPos
LoadBitmapW
ClipCursor
GetWindowTextLengthW
DestroyMenu
EqualRect
SetTimer
CreateMenu
CopyAcceleratorTableW
GetDlgItem
EnableMenuItem
BringWindowToTop
LoadMenuW
PostQuitMessage
SetMenuItemBitmaps
MsgWaitForMultipleObjects
SetCursorPos
CheckDlgButton
ReleaseCapture
DeleteMenu
RegisterWindowMessageW
ScrollWindow
GetMenuCheckMarkDimensions
SetForegroundWindow
GetWindowRect
wvsprintfW
WaitMessage
GetMenuItemCount
GetLastActivePopup
SetScrollRange
CallWindowProcW
EnableWindow
ShowOwnedPopups
IsZoomed
DrawMenuBar
CountClipboardFormats
GetSysColorBrush
GetMessageW
AdjustWindowRectEx
SetScrollInfo
ScreenToClient
GetKeyState
CreateDialogIndirectParamW
MessageBeep
SetParent
GetDC
GetSystemMetrics
UnpackDDElParam
IsWindow
IsRectEmpty
ValidateRect
LoadCursorW
RegisterClipboardFormatW
GetMenuStringW
DispatchMessageW
IsWindowVisible
LockWindowUpdate
IsDlgButtonChecked
LoadAcceleratorsW
ShowWindow
SetWindowsHookExW
GetClassNameW
GetMenuItemID
DestroyIcon
TabbedTextOutW
LoadIconW
InflateRect
SetCapture
SetRectEmpty
IsDialogMessageW
ReleaseDC
TranslateMessage
InvalidateRect
WindowFromPoint
GetScrollRange
GetFocus
GetWindowPlacement
GetSystemMenu
SendDlgItemMessageW
RemoveMenu
EndDeferWindowPos
MessageBoxW
SetWindowLongW
InvalidateRgn
GetSysColor
SendDlgItemMessageA
SetWindowContextHelpId
GetPropW
TranslateAcceleratorW
IntersectRect
GetScrollInfo
LoadStringW
BeginPaint
ScrollWindowEx
GetMessageTime
SetPropW
SetRect
DefMDIChildProcW
PeekMessageW
UnregisterClassW
MapDialogRect
MessageBoxA
GetClassInfoW

advapi32

SetFileSecurityW
RegQueryValueExW
RegSetValueExW
RegQueryValueW
GetFileSecurityW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyW
RegCreateKeyW
RegSetValueW
RegEnumKeyW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey

wininet

HttpEndRequestW
FtpPutFileW
FtpGetCurrentDirectoryW
InternetFindNextFileW
InternetGetLastResponseInfoW
HttpSendRequestW
HttpOpenRequestW
GopherCreateLocatorW
FtpCreateDirectoryW
InternetGetCookieW
FtpDeleteFileW
HttpQueryInfoW
InternetSetFilePointer
FtpSetCurrentDirectoryW
HttpSendRequestExW
HttpAddRequestHeadersW
InternetConnectW
InternetSetStatusCallbackW
GopherFindFirstFileW
FtpRenameFileW
FtpGetFileW
InternetQueryDataAvailable
FtpRemoveDirectoryW
InternetQueryOptionW
InternetOpenW
GopherGetAttributeW
InternetReadFile
InternetCanonicalizeUrlW
InternetCloseHandle
FtpFindFirstFileW
FtpOpenFileW
InternetSetCookieW
InternetErrorDlg
InternetCrackUrlW
GopherOpenFileW
InternetWriteFile
InternetOpenUrlW
InternetSetOptionExW

Sections

.textbss
Size: - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d22718f76606578ecabfa817fe59ad19

Headers

DLL Characteristics

File Characteristics

Imports

adsldpc

kernel32

gdi32

msvcrt

ws2_32

ole32

ntdll

user32

advapi32

wininet

Sections

.textbss Size: - Virtual size: 656KB

.text Size: 512B - Virtual size: 448B

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 1024B - Virtual size: 772B

.idata Size: 88KB - Virtual size: 88KB

.textbss
Size: - Virtual size: 656KB

.text
Size: 512B - Virtual size: 448B

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 1024B - Virtual size: 772B

.idata
Size: 88KB - Virtual size: 88KB