3cd2bd5c33f1d7c990b096108dfacc18_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3cd2bd5c33f1d7c990b096108dfacc18_JaffaCakes118
Size

248KB
MD5

3cd2bd5c33f1d7c990b096108dfacc18
SHA1

97797ace074e6e8833a34c3e499ce3bbd04e2e73
SHA256

0df434992899e66dfccdf302dc431a9e107ada03acbd25f1e871665d701e47dd
SHA512

2e4564c7dedf9f9cd1a47b568de6cad6c3b3271cacea21fc7ffcc091524c98114fc531be14accade951d09badf50d8b4f2224ba642077a348a09f7a5c11c4788
SSDEEP

6144:hH17EhQynkcZd89X9MMnMMMMMaXzzIAQh7lLJVZKO/9B:hH17EzSNMMnMMMMMKXIAQh7FZB9B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cd2bd5c33f1d7c990b096108dfacc18_JaffaCakes118

Files

3cd2bd5c33f1d7c990b096108dfacc18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f02bccd1a3ad86f076fae1bd4bfa760a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawEnumerateA

advapi32

RegDeleteKeyW
InitializeSecurityDescriptor
RegCreateKeyW
RegDeleteValueA
RegCreateKeyA
RegEnumKeyA
RegQueryInfoKeyA
RegSetValueExA
OpenProcessToken
RegDeleteKeyA
RegEnumValueW
ReportEventA
RegSetValueA
RegQueryValueExA
DeregisterEventSource
RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegSetValueExW
RegQueryValueA
RegQueryValueExW
AdjustTokenPrivileges
RegEnumKeyW
SetSecurityDescriptorDacl
RegDeleteValueW
RegisterEventSourceA
RegOpenKeyW
LookupPrivilegeValueA
RegOpenKeyA

ws2_32

WSAConnect

ole32

CoRegisterMessageFilter
CreateStreamOnHGlobal
OleLockRunning
ReleaseStgMedium
OleCreateLinkToFile
OleGetClipboard
OleSetClipboard
StgOpenStorageOnILockBytes
CoMarshalInterface
CoGetMalloc
OleDuplicateData
OleGetIconOfClass
OleFlushClipboard
IsAccelerator
OleSaveToStream
IIDFromString
OleSetMenuDescriptor
CoRevokeClassObject
OleCreateFromFile
OleDoAutoConvert
RevokeDragDrop
CLSIDFromProgID
OleRegGetUserType
OleGetAutoConvert
OleLoad
MkParseDisplayName
OleCreateFromData
CreateDataAdviseHolder
GetClassFile
CreateOleAdviseHolder
OleQueryLinkFromData
CoDisconnectObject
OleQueryCreateFromData
OleCreateLinkFromData
CoGetClassObject
CLSIDFromString
StgCreateDocfile
CreateBindCtx
CoFreeUnusedLibraries
WriteClassStg
StgIsStorageILockBytes
StgOpenStorage
BindMoniker
OleCreateLink
OleLoadFromStream
OleConvertOLESTREAMToIStorage
OleSave
OleIsCurrentClipboard
DoDragDrop
CoIsOle1Class
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleIsRunning
ReadClassStm
ProgIDFromCLSID
CoRegisterClassObject
CoLockObjectExternal
OleInitialize
RegisterDragDrop
ReadClassStg
OleRun
CoUnmarshalInterface
CoCreateInstance
OleConvertIStorageToOLESTREAM
StringFromGUID2
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StringFromCLSID
OleTranslateAccelerator
OleUninitialize

kernel32

GlobalAlloc
CompareStringA
TerminateProcess
FindFirstFileA
GlobalHandle
GetEnvironmentStringsW
VirtualAlloc
lstrcmpiA
CreateDirectoryA
GetSystemDirectoryA
InterlockedIncrement
MultiByteToWideChar
SetFileAttributesA
Sleep
WriteFile
CompareStringW
GetSystemDefaultLCID
LoadResource
CreateThread
GlobalFree
GetExitCodeProcess
MoveFileA
GetFileTime
GetVersion
SystemTimeToFileTime
GetLocaleInfoA
FindResourceA
DeleteFileA
_lread
_lwrite
GlobalLock
TlsGetValue
GetShortPathNameA
CreateSemaphoreA
FlushFileBuffers
SetHandleCount
LockFile
CreateProcessA
SearchPathA
LeaveCriticalSection
SetErrorMode
FreeEnvironmentStringsA
LockResource
DuplicateHandle
GetCurrentDirectoryA
GetModuleHandleA
GetLastError
LCMapStringW
SetStdHandle
WaitForSingleObject
GetLocalTime
HeapCreate
GetWindowsDirectoryA
GetTempFileNameA
GetCurrentProcess
GetStartupInfoA
CloseHandle
FileTimeToSystemTime
SetLocalTime
InitializeCriticalSection
ReleaseSemaphore
SetEnvironmentVariableA
FormatMessageA
lstrcpynA
GlobalReAlloc
GetProfileStringA
GetSystemInfo
GetFileAttributesA
lstrcmpA
LoadLibraryA
GetSystemDefaultLangID
GetFileType
GetStringTypeW
lstrcmpiW
GetCurrentProcessId
GlobalSize
GetOEMCP
SetLastError
WideCharToMultiByte
HeapSize
DeleteCriticalSection
GetStringTypeExA
FindClose
FreeEnvironmentStringsW
HeapFree
CreateProcessW
HeapAlloc
ResetEvent
GlobalUnlock
VirtualProtect
GetTempPathA
FileTimeToLocalFileTime
_lclose
GetCommandLineA
GetModuleFileNameW
FindNextFileA
GetStdHandle
VirtualFree
GetStringTypeA
HeapReAlloc
GetFullPathNameA
IsDBCSLeadByte
GetSystemTime
GetVolumeInformationA
SetFilePointer
WinExec
FreeLibrary
GetTimeZoneInformation
GetDateFormatA
GetACP
lstrlenA
GetTickCount
RaiseException
FreeResource
GetUserDefaultLCID
RtlUnwind
lstrcpyA
GetModuleFileNameA
GetDriveTypeA
CreateEventA
GlobalDeleteAtom
EnterCriticalSection
GetProcAddress
SetEvent
GetUserDefaultLangID
VirtualQuery
SetEndOfFile
_llseek
CreateFileA
ReadFile
ResumeThread
MulDiv
FlushInstructionCache
ExitThread
lstrcatA
LoadLibraryExA
GetEnvironmentStrings
UnlockFile
UnhandledExceptionFilter
IsBadCodePtr
GetCPInfo
RemoveDirectoryA
GetVersionExA
SetCurrentDirectoryA
HeapDestroy
GlobalAddAtomA
FormatMessageW
GetCurrentThreadId
ExitProcess
SizeofResource
IsBadReadPtr
TlsAlloc
TlsFree
LCMapStringA
SetFileTime
InterlockedDecrement
TlsSetValue

user32

GetSubMenu
IsCharAlphaA
OpenClipboard
GetScrollInfo
DrawMenuBar
CopyAcceleratorTableA
DispatchMessageA
IsClipboardFormatAvailable
AppendMenuA
SetCapture
EndDeferWindowPos
DdeAbandonTransaction
GetTabbedTextExtentA
DdeFreeStringHandle
WindowFromPoint
SetRect
PeekMessageW
CharLowerBuffW
CloseClipboard
GetClassInfoA
ReleaseDC
GetWindowThreadProcessId
TranslateMDISysAccel
PostQuitMessage
CallWindowProcA
LoadStringA
DrawFocusRect
DefMDIChildProcA
DrawIcon
wsprintfA
DdeGetLastError
MessageBoxA
CreateWindowExA
RemovePropA
CharPrevA
GetClientRect
ShowWindow
GetSystemMenu
DefWindowProcA
SetWindowPos
SetWindowTextA
CharLowerA
EmptyClipboard
DdeCreateStringHandleA
InflateRect
GetWindowRect
SetMenuItemInfoA
VkKeyScanA
CreateAcceleratorTableA
CreateCaret
KillTimer
UpdateWindow
LoadAcceleratorsA
WaitForInputIdle
DestroyCursor
GetUpdateRgn
SetWindowLongA
SetForegroundWindow
GetWindow
GetWindowTextLengthA
ScreenToClient
MsgWaitForMultipleObjects
CharToOemA
ToAscii
IsIconic
GetKeyboardLayout
DdePostAdvise
GetDoubleClickTime
CreateMenu
SetMenuDefaultItem
WaitMessage
GetDlgItem
CharUpperBuffW
EnableWindow
GetKeyState
PostThreadMessageA
GetWindowRgn
DdeClientTransaction
RegisterClipboardFormatA
GetCaretPos
CharNextA
FindWindowW
CheckMenuItem
TrackPopupMenu
SetWindowsHookExW
GetMessagePos
RegisterClassA
SetWindowRgn
PostMessageA
GetScrollPos
InvalidateRect
GetActiveWindow
GetMenuItemInfoA
IsWindowVisible
CopyRect
GetDesktopWindow
SetCaretPos
DestroyMenu
SetDlgItemTextA
SendMessageA
SystemParametersInfoA
FrameRect
DestroyWindow
GetFocus
DestroyAcceleratorTable
ModifyMenuA
SetWindowsHookExA
TabbedTextOutA
PtInRect
DrawFrameControl
GetCaretBlinkTime
GetIconInfo
CharLowerBuffA
DdeUninitialize
GetSystemMetrics
SetScrollRange
EnumClipboardFormats
WinHelpA
LockWindowUpdate
ShowCursor
MessageBeep
DdeCreateDataHandle
DdeCmpStringHandles
SetScrollInfo
AdjustWindowRectEx
EnableMenuItem
DdeInitializeA
DeleteMenu
VkKeyScanW
DdeQueryStringA
MoveWindow
GetClipboardFormatNameA
IsRectEmpty
GetWindowLongA
GetMenu
IsWindow
DdeNameService
GetMessageTime
SetTimer
SetClipboardData
IntersectRect
RemoveMenu
GetPropA
AdjustWindowRect
EndDialog
DdeFreeDataHandle
keybd_event
MapWindowPoints
GetMenuItemCount
MessageBoxIndirectA
FillRect
IsDialogMessageA
SetKeyboardState
CreateDialogParamA
IsChild
GetUpdateRect
CreatePopupMenu
GetDCEx
CreateIcon
EnumThreadWindows
GetForegroundWindow
ClipCursor
DialogBoxParamA
CharUpperBuffA
OemToCharA
SetCursorPos
ShowScrollBar
SetPropA
CharUpperA
SetParent
SendDlgItemMessageA
GetDC
DrawTextA
DdeSetUserHandle
TranslateMessage
CallNextHookEx
SetWindowContextHelpId
RegisterClassExA
ShowCaret
SetFocus
LoadBitmapA
DdeGetData
SetActiveWindow
GetAsyncKeyState
EqualRect
DestroyIcon
IsWindowEnabled
GetCapture
GetMenuState
InvalidateRgn
GetQueueStatus
DestroyCaret
FindWindowA
LoadImageA
InsertMenuA
ClientToScreen
HideCaret
EndPaint
DdeQueryConvInfo
DeferWindowPos
GetLastActivePopup
GetClassNameA
CharToOemBuffA
GetCursor
BeginPaint
DdeConnect
PeekMessageA
OffsetRect
GetMenuStringA
GetWindowTextA
GetClipboardData
UnhookWindowsHookEx
GetCursorPos
CreateCursor
SetMenu
PostMessageW
BeginDeferWindowPos
GetKeyboardState
UnregisterClassA
SubtractRect
DefFrameProcA
AttachThreadInput
GetSysColor
GetClassInfoExA
LoadIconA
DdeDisconnect
SetCursor
GetMenuItemID
LoadCursorA
GetParent
GetWindowDC
IsZoomed
ReleaseCapture
SetScrollPos
BringWindowToTop

olecli32

OleClone

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 348KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f02bccd1a3ad86f076fae1bd4bfa760a

Headers

File Characteristics

Imports

ddraw

advapi32

ws2_32

ole32

kernel32

user32

olecli32

Sections

.text Size: 4KB - Virtual size: 1KB

.rdata Size: 96KB - Virtual size: 95KB

.idata Size: 16KB - Virtual size: 12KB

.rsrc Size: 84KB - Virtual size: 83KB

.data Size: 348KB - Virtual size: 2.0MB

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 96KB - Virtual size: 95KB

.idata
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 84KB - Virtual size: 83KB

.data
Size: 348KB - Virtual size: 2.0MB