3cf396949d3f61e2deeabff089beb75a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3cf396949d3f61e2deeabff089beb75a_JaffaCakes118
Size

556KB
MD5

3cf396949d3f61e2deeabff089beb75a
SHA1

e3643462e4895dc2f34197a4c987cd964f85ebbc
SHA256

3dfd47bd442040b347bd1f68c87d888299253ccafc3d34aafdf2998a7364363b
SHA512

488679f065e22b47ed74ee9f57c4b25d828b959dfaa6da5438fce72f0707ba005e130010d3fe8597ac3de80a065db2f9d3333bf1637252c2eebda38474ff4901
SSDEEP

12288:WMBFMMnMMMMMhAuoWBd0TPk0TxhJkEICDmxzSkH+zEevFStc:WMjMMnMMMMM6vWBOTPJhJlD14+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cf396949d3f61e2deeabff089beb75a_JaffaCakes118

Files

3cf396949d3f61e2deeabff089beb75a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0afb990169723fb6cdc0867c08254421

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAConnect

ole32

OleSetMenuDescriptor
ReadClassStm
RevokeDragDrop
CoGetClassObject
CoRevokeClassObject
WriteClassStg
OleDoAutoConvert
OleConvertIStorageToOLESTREAM
StgCreateDocfileOnILockBytes
OleTranslateAccelerator
GetClassFile
OleCreateMenuDescriptor
OleSave
OleCreateLinkFromData
CoRegisterMessageFilter
ProgIDFromCLSID
MkParseDisplayName
OleSetClipboard
OleGetClipboard
RegisterDragDrop
OleDestroyMenuDescriptor
OleRegGetUserType
CoLockObjectExternal
OleRun
OleInitialize
CreateBindCtx
StgIsStorageILockBytes
CoUnmarshalInterface
CreateILockBytesOnHGlobal
OleSaveToStream
OleCreateFromFile
OleConvertOLESTREAMToIStorage
OleDuplicateData
CoGetMalloc
OleGetAutoConvert
OleLockRunning
ReadClassStg
OleLoad
OleCreateLink
BindMoniker
StringFromGUID2
CoIsOle1Class
CoMarshalInterface
OleIsRunning
OleQueryCreateFromData
CoCreateInstance
StringFromCLSID
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal
CLSIDFromProgID
CreateOleAdviseHolder
OleUninitialize
OleLoadFromStream
OleIsCurrentClipboard
CLSIDFromString
CoDisconnectObject
IsAccelerator
OleGetIconOfClass
ReleaseStgMedium
CoRegisterClassObject
OleCreateFromData
StgOpenStorage
OleCreateLinkToFile
CreateDataAdviseHolder
OleQueryLinkFromData
DoDragDrop
OleFlushClipboard
CoFreeUnusedLibraries
IIDFromString
StgCreateDocfile

olecli32

OleClone

user32

BringWindowToTop
GetClassInfoExA
InsertMenuA
CreateAcceleratorTableA
CreateDialogParamA
IsRectEmpty
DdeUninitialize
GetWindowRect
LoadImageA
EmptyClipboard
ToAscii
IsChild
SetScrollInfo
CreatePopupMenu
GetCursorPos
SetForegroundWindow
GetWindowRgn
MsgWaitForMultipleObjects
GetIconInfo
ShowCaret
SetParent
GetWindowThreadProcessId
ModifyMenuA
DestroyCaret
GetCaretBlinkTime
AdjustWindowRect
MessageBeep
MessageBoxIndirectA
GetScrollInfo
DdeInitializeA
DdeCreateDataHandle
PostQuitMessage
GetCapture
UpdateWindow
LoadAcceleratorsA
GetTabbedTextExtentA
PostThreadMessageA
GetPropA
CopyAcceleratorTableA
GetMessagePos
CharToOemBuffA
DefMDIChildProcA
RegisterClipboardFormatA
EnumClipboardFormats
SetScrollPos
EndDeferWindowPos
wsprintfA
GetClientRect
IsClipboardFormatAvailable
EnableMenuItem
CreateMenu
GetMenuState
GetKeyboardLayout
GetActiveWindow
GetClassInfoA
AdjustWindowRectEx
WindowFromPoint
EndDialog
SetWindowsHookExW
LoadBitmapA
LockWindowUpdate
FillRect
GetUpdateRect
SetWindowRgn
DdeGetData
IntersectRect
CreateCaret
RemoveMenu
SetWindowsHookExA
GetFocus
GetMenuItemCount
DdeQueryConvInfo
FindWindowW
HideCaret
ShowCursor
DdePostAdvise
ShowWindow
PtInRect
WaitForInputIdle
PostMessageW
DdeDisconnect
CharNextA
VkKeyScanA
CharUpperBuffW
GetLastActivePopup
GetDlgItem
GetClipboardData
MessageBoxA
DdeConnect
CharPrevA
DialogBoxParamA
SystemParametersInfoA
InvalidateRgn
DdeCreateStringHandleA
SetMenuDefaultItem
GetKeyboardState
DefWindowProcA
CharLowerA
OpenClipboard
DeleteMenu
DrawFrameControl
RemovePropA
IsWindowEnabled
RegisterClassA
DrawMenuBar
GetWindowTextA
GetWindow
IsCharAlphaA
RegisterClassExA
SendDlgItemMessageA
GetCaretPos
DdeSetUserHandle
SetRect
SetKeyboardState
GetForegroundWindow
DdeGetLastError
InvalidateRect
DeferWindowPos
DefFrameProcA
DestroyWindow
GetCursor
UnregisterClassA
CharLowerBuffA
GetQueueStatus
DrawFocusRect
GetClipboardFormatNameA
WinHelpA
TranslateMDISysAccel
SetPropA
PeekMessageW
CreateIcon
SetActiveWindow
GetUpdateRgn
MapWindowPoints
GetDC
DispatchMessageA
AttachThreadInput
CallNextHookEx
CallWindowProcA
IsDialogMessageA
UnhookWindowsHookEx
SetCaretPos
IsZoomed
SetCursor
OemToCharA
LoadStringA
BeginPaint
CreateWindowExA
DdeFreeStringHandle
GetWindowDC
GetSubMenu
GetParent
CheckMenuItem
GetMenuItemID
GetScrollPos
IsWindowVisible
IsIconic
ScreenToClient
PostMessageA
GetAsyncKeyState
DdeNameService
GetSysColor
ShowScrollBar
ReleaseCapture
DdeCmpStringHandles
TranslateMessage
SetWindowLongA
IsWindow
GetDCEx
ClientToScreen
DdeQueryStringA
EnableWindow
LoadIconA
GetKeyState
MoveWindow
OffsetRect
TabbedTextOutA
CharUpperA
GetMenu
CharToOemA
BeginDeferWindowPos
EndPaint
InflateRect
SetWindowTextA
FindWindowA
CopyRect
keybd_event
SetWindowContextHelpId
SetMenuItemInfoA
DdeAbandonTransaction
TrackPopupMenu
DestroyMenu
GetDoubleClickTime
CharUpperBuffA
AppendMenuA
CreateCursor
DdeClientTransaction
SetClipboardData
EnumThreadWindows
SetCapture
EqualRect
GetMenuItemInfoA
GetMessageTime
SetTimer
ClipCursor
SetScrollRange
CloseClipboard
DestroyCursor
FrameRect
SetFocus
DestroyAcceleratorTable
SetWindowPos
KillTimer
CharLowerBuffW
ReleaseDC
GetSystemMenu
PeekMessageA
DdeFreeDataHandle
SetDlgItemTextA
GetDesktopWindow
WaitMessage
GetWindowTextLengthA
DestroyIcon
SendMessageA
GetWindowLongA
GetSystemMetrics
GetMenuStringA
DrawIcon
DrawTextA
GetClassNameA
LoadCursorA
VkKeyScanW
SetCursorPos
SetMenu
SubtractRect

advapi32

RegQueryValueA
RegQueryInfoKeyA
RegOpenKeyA
RegSetValueExW
ReportEventA
RegCreateKeyW
RegCreateKeyA
InitializeSecurityDescriptor
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExA
RegEnumKeyA
RegCloseKey
RegSetValueA
RegDeleteKeyW
RegDeleteValueA
SetSecurityDescriptorDacl
RegEnumKeyW
LookupPrivilegeValueA
RegEnumValueA
RegOpenKeyW
RegEnumValueW
AdjustTokenPrivileges
RegDeleteKeyA
RegSetValueExA
RegisterEventSourceA
OpenProcessToken
RegDeleteValueW
DeregisterEventSource

ddraw

DirectDrawEnumerateA

kernel32

FileTimeToSystemTime
GlobalDeleteAtom
CreateProcessA
RemoveDirectoryA
VirtualProtect
ReleaseSemaphore
GlobalUnlock
WinExec
HeapSize
GetStringTypeExA
ResumeThread
GetSystemDefaultLangID
GetCurrentProcessId
GetFullPathNameA
FreeLibrary
GetStdHandle
SizeofResource
WriteFile
HeapFree
GlobalAlloc
FlushInstructionCache
GetWindowsDirectoryA
WaitForSingleObject
VirtualFree
ReadFile
GetLocalTime
LoadResource
MulDiv
CreateSemaphoreA
GetDateFormatA
GetStartupInfoA
FreeEnvironmentStringsW
GetLocaleInfoA
GetCurrentDirectoryA
GetLastError
GetStringTypeA
TlsAlloc
GetProfileStringA
HeapDestroy
LeaveCriticalSection
ExitThread
GetVersionExA
TlsSetValue
GetModuleFileNameW
GetFileTime
IsBadReadPtr
UnlockFile
HeapAlloc
MoveFileA
CreateDirectoryA
GetSystemDefaultLCID
SetEnvironmentVariableA
FindClose
GetUserDefaultLCID
HeapReAlloc
CloseHandle
ExitProcess
DeleteCriticalSection
GetModuleFileNameA
GlobalAddAtomA
IsDBCSLeadByte
GetModuleHandleA
CreateEventA
SetCurrentDirectoryA
lstrcmpA
GetCurrentThreadId
SetEndOfFile
_lwrite
LoadLibraryExA
GlobalReAlloc
GetACP
InitializeCriticalSection
CreateProcessW
GetExitCodeProcess
FileTimeToLocalFileTime
RtlUnwind
FlushFileBuffers
SetEvent
UnhandledExceptionFilter
GetCommandLineA
FormatMessageW
LockFile
FreeResource
GetTempFileNameA
GetStringTypeW
EnterCriticalSection
DuplicateHandle
MultiByteToWideChar
CreateThread
_lread
GetUserDefaultLangID
lstrlenA
DeleteFileA
lstrcmpiA
SearchPathA
GetShortPathNameA
HeapCreate
GetTempPathA
_llseek
VirtualAlloc
SetStdHandle
lstrcpynA
GetTimeZoneInformation
VirtualQuery
Sleep
LCMapStringA
FindFirstFileA
GetDriveTypeA
TlsFree
InterlockedDecrement
LockResource
_lclose
TerminateProcess
InterlockedIncrement
GetSystemTime
LCMapStringW
FreeEnvironmentStringsA
GlobalFree
WideCharToMultiByte
IsBadCodePtr
CompareStringW
GlobalHandle
GlobalLock
GetProcAddress
TlsGetValue
GetCPInfo
SetFileTime
SetErrorMode
SetLastError
lstrcmpiW
CreateFileA
GetFileAttributesA
GetEnvironmentStrings
GetSystemDirectoryA
GetEnvironmentStringsW
GetOEMCP
GetVersion
SystemTimeToFileTime
ResetEvent
FindResourceA
RaiseException
lstrcatA
lstrcpyA
GetCurrentProcess
SetLocalTime
SetFileAttributesA
SetHandleCount
CompareStringA
GetSystemInfo
FormatMessageA
GetTickCount
GetVolumeInformationA
LoadLibraryA
SetFilePointer
GetFileType
GlobalSize
FindNextFileA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 388KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0afb990169723fb6cdc0867c08254421

Headers

File Characteristics

Imports

ws2_32

ole32

olecli32

user32

advapi32

ddraw

kernel32

Sections

.text Size: 4KB - Virtual size: 1KB

.idata Size: 16KB - Virtual size: 12KB

.rdata Size: 12KB - Virtual size: 10KB

.rsrc Size: 132KB - Virtual size: 128KB

.data Size: 388KB - Virtual size: 2.0MB

.text
Size: 4KB - Virtual size: 1KB

.idata
Size: 16KB - Virtual size: 12KB

.rdata
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 132KB - Virtual size: 128KB

.data
Size: 388KB - Virtual size: 2.0MB