410467d2bccfa952515e8d7949426b95_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

410467d2bccfa952515e8d7949426b95_JaffaCakes118
Size

332KB
MD5

410467d2bccfa952515e8d7949426b95
SHA1

bf1d0463e9666bd7545ecd2f8aba0b693dd5e063
SHA256

a06466e7541d28d01df3f577fd7275d5c3a77dcbf0440c9c5a7ee9808caafd03
SHA512

21ec5514d54dcca6dae06de608d66e50de287b48bba5c109443aff1b612a2b30c26a1cf0d4bc81e799a22441590539ff600444b175092de0421821db33c0f53f
SSDEEP

6144:n0J5+hws7VNRGzJb9NCDn3JJT+R63Ssi+PPL9pinCXhOG8rqmjqYF+RyB:nSYhnNS9NE+RaSGp+CxPIFtB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
410467d2bccfa952515e8d7949426b95_JaffaCakes118

Files

410467d2bccfa952515e8d7949426b95_JaffaCakes118
.exe windows:5 windows x86 arch:x86

817747f28a2681f6b61bb057f7b3ee8e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostMessageW
ReleaseCapture
EqualRect
CreatePopupMenu
DdeConnect
WinHelpW
SendNotifyMessageW
GetScrollInfo
GetClassLongW
RemovePropW
GetDlgItem
SetForegroundWindow
SetTimer
MessageBoxIndirectA
DrawEdge
RegisterClassExW
GetForegroundWindow
AnimateWindow
DeleteMenu
GetClassNameW
SendMessageW
RemovePropA
SetWindowsHookExW
SetCursorPos
GetCursor
CopyRect
EnumThreadWindows
ChildWindowFromPoint
HideCaret
ShowCaret
GetNextDlgTabItem
GetSystemMetrics
GetWindowTextLengthW
GetMonitorInfoW
DispatchMessageA
SendMessageTimeoutW
GetProcessWindowStation
GetWindow
SetParent
SetRect
AdjustWindowRectEx
GetShellWindow
MoveWindow
GetMenuItemID
CallMsgFilterW
DrawFocusRect
SetClipboardData
SetWindowPlacement
LockSetForegroundWindow
LoadIconW
GetKeyState
SendMessageTimeoutA
GetMenuItemInfoW
GetWindowInfo
PtInRect
IsRectEmpty
GetWindowRgnBox
EnableMenuItem
DestroyAcceleratorTable
SystemParametersInfoW
MapDialogRect
SetClipboardViewer
InvalidateRect
MsgWaitForMultipleObjects
BeginPaint
FindWindowW
SetMenuItemBitmaps
FillRect
CharLowerBuffW
SetFocus
TrackPopupMenu
IsDialogMessageW
EnumWindows
DrawFrameControl
CharUpperW
ReleaseDC
GetWindowLongW
wsprintfW
GetWindowThreadProcessId
TrackPopupMenuEx
SetPropW
MessageBeep
GetMessagePos
EndPaint
VkKeyScanExW
GetMessageW
GetLastActivePopup
RegisterClipboardFormatA
SetPropA
GetSysColor
EnableWindow
GetMessageA
IsMenu
DdeUninitialize
SetWindowLongA
SetMenuItemInfoW
CreateDialogParamW
OffsetRect
IsWindowVisible
RegisterClassW
IsDlgButtonChecked
MonitorFromWindow
RegisterWindowMessageA
GetIconInfo
DdeDisconnect
EndDeferWindowPos
AppendMenuW
GetCursorPos
CharPrevW
AttachThreadInput
DdeClientTransaction
GetPropW
CheckDlgButton
MonitorFromPoint
GetDoubleClickTime
DispatchMessageW
GetDlgItemTextW
ScreenToClient
MessageBoxExA
MessageBoxIndirectW
GetPropA
LoadStringW
DdeFreeStringHandle
DialogBoxParamW
CopyIcon
SendMessageA
GetMenuStringW
CharNextA
LoadAcceleratorsW
IsIconic
GetParent
IsWindow
DdeInitializeW
GetDC
GetClipboardData
MessageBoxW
LoadMenuW
UpdateLayeredWindow
MapVirtualKeyW
LoadCursorA
PostThreadMessageW
CallNextHookEx
ClientToScreen
GetMenuItemCount
DrawIconEx
GetClipboardFormatNameW
DialogBoxIndirectParamW
CreateWindowExW
UpdateWindow
GetClientRect
EnumDisplaySettingsW
GetKeyboardLayout
SetCursor
CharLowerW
DdeQueryStringW
SetMenuDefaultItem
IsChild
GetClassWord
CheckMenuItem
IsWindowUnicode
TranslateAcceleratorW
IsWindowEnabled
IsCharAlphaNumericW
GetMenuState
GetComboBoxInfo
CharPrevA
AdjustWindowRect
PeekMessageW
SetScrollPos
GetWindowLongA
UnregisterClassW
EmptyClipboard
MessageBoxExW
GetMessageTime
UnhookWindowsHookEx
DrawTextExW
SetCapture
SetActiveWindow
GetWindowDC
CreateIconIndirect
SetWindowTextW
TrackMouseEvent
RemoveMenu
IsHungAppWindow
SetWindowRgn
DdeCreateDataHandle
TranslateMessage
SetRectEmpty
InsertMenuItemW
GetActiveWindow
AllowSetForegroundWindow
GetDesktopWindow
FindWindowA
EndMenu
PostMessageA
DialogBoxParamA
GetAsyncKeyState
GetDialogBaseUnits
DialogBoxIndirectParamA
EnumChildWindows
DestroyMenu
ShowOwnedPopups
LoadImageW
IntersectRect
CallWindowProcW
SystemParametersInfoA
GetLastInputInfo
SetScrollInfo
LoadBitmapW
InflateRect
ChangeClipboardChain
InsertMenuW
GetMenuItemInfoA
GetMenuDefaultItem
EnumDesktopWindows
SetDlgItemInt
GetFocus
GetClassInfoW
GetSysColorBrush
DdeCreateStringHandleW
WindowFromPoint
DestroyIcon
SetWindowLongW
CharNextW
MonitorFromRect
CheckRadioButton
RegisterWindowMessageW
GetKeyNameTextW
DdeNameService
EndDialog
DestroyWindow
SetDlgItemTextW
ShowScrollBar
KillTimer
FindWindowExW
ShowWindow
BeginDeferWindowPos
WaitForInputIdle
RedrawWindow
NotifyWinEvent
PostThreadMessageA
PeekMessageA
UnionRect
OpenClipboard
MapWindowPoints
SendDlgItemMessageW
GetAncestor
GetTopWindow
CloseClipboard
CopyImage
GetWindowRect
GetWindowTextW
LoadStringA
GetWindowPlacement
GetCapture
DdeFreeDataHandle
LoadCursorW
DefWindowProcA
DdeGetData
DrawTextW
GetDlgCtrlID
GetSubMenu
CheckMenuRadioItem
MsgWaitForMultipleObjectsEx
GetSystemMenu
SetWindowPos
CreateMenu
DeferWindowPos
DefWindowProcW
GetClassInfoExW
SetMenu
PostQuitMessage
WaitMessage
RegisterClipboardFormatW

shell32

SHGetFolderPathAndSubDirW
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHPathPrepareForWriteW
SHGetFolderLocation
SHCreateShellItem
Shell_NotifyIconW
SHFileOperationW
ShellExecuteW
ExtractIconW
SHChangeNotify
ExtractAssociatedIconExW
SHGetInstanceExplorer
SHAppBarMessage
SHGetPathFromIDListW
ExtractIconExW
SHGetPathFromIDListA
DragQueryFileW
SHBindToParent
ShellAboutW
SHSetLocalizedName
SHGetDataFromIDListW
SHGetFolderPathW
SHGetDesktopFolder
SHGetSpecialFolderPathW
Shell_NotifyIconA
SHGetFileInfoW
ShellExecuteExW
ShellExecuteA

advapi32

RegQueryValueExW
RegDeleteKeyA
ConvertStringSidToSidW
RegEnumKeyW
RegEnumValueW
GetUserNameW
RegQueryValueExA
TraceMessage
GetTraceEnableFlags
RegSetValueExA
UnregisterTraceGuids
CryptReleaseContext
CryptDestroyHash
RegSetValueExW
ImpersonateSelf
RegOpenKeyExW
CryptGetHashParam
CryptAcquireContextW
RegCreateKeyExA
SetTokenInformation
RegQueryInfoKeyW
RegEnumKeyExW
OpenProcessToken
RegDeleteValueW
OpenThreadToken
RegCreateKeyExW
RegOpenCurrentUser
IsTextUnicode
GetLengthSid
RegDeleteKeyW
RegOpenKeyExA
TraceEvent
GetTokenInformation
RegCreateKeyA
RegOpenKeyW
CryptCreateHash
RegCloseKey
GetTraceEnableLevel
RegDeleteValueA
RegisterTraceGuidsW
CryptHashData
ConvertSidToStringSidW
CreateProcessAsUserW
SetThreadToken
DuplicateTokenEx
RegQueryValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegEnumValueA
GetTraceLoggerHandle

uxtheme

GetThemeAppProperties
GetThemeBackgroundExtent
IsAppThemed
GetThemeColor
OpenThemeData
GetThemeBackgroundContentRect
DrawThemeBackground
CloseThemeData
IsThemeActive
GetThemeFont
SetWindowTheme
DrawThemeParentBackground
GetThemeMargins
GetThemeMetric
GetThemePartSize

gdi32

CreateFontIndirectW
GetTextColor
StretchBlt
CreateRectRgn
SetBrushOrgEx
CreateFontW
CreateHalftonePalette
GetPaletteEntries
CreateEnhMetaFileA
OffsetWindowOrgEx
CreateCompatibleDC
MoveToEx
CreateSolidBrush
RectVisible
CloseMetaFile
CloseEnhMetaFile
GetTextCharset
DeleteObject
RealizePalette
GetObjectA
LineTo
GetBkMode
GetRegionData
BitBlt
TextOutA
SetRectRgn
GetSystemPaletteEntries
SetMapMode
GetDCOrgEx
SetBkColor
PatBlt
CombineRgn
CreateCompatibleBitmap
SetViewportExtEx
DeleteDC
CreateDIBSection
Rectangle
SetTextColor
GetTextAlign
GetClipBox
SetDCPenColor
LPtoDP
GetGlyphIndicesW
TextOutW
GetLayout
SetTextAlign
CreateDCA
GetStockObject
GetTextExtentExPointI
SelectObject
CreatePolygonRgn
GetObjectW
EqualRgn
GetBrushOrgEx
ExtTextOutW
SetViewportOrgEx
GetTextExtentPoint32W
SaveDC
CreateDCW
GetTextMetricsW
RestoreDC
CreatePatternBrush
CreateRectRgnIndirect
SetWindowOrgEx
SetLayout
CreateBitmap
SetBkMode
GetPixel
IntersectClipRect
ExtCreateRegion
GetTextExtentPointW
GetRgnBox
PlayEnhMetaFile
GetTextExtentPoint32A
DeleteEnhMetaFile
SetWindowExtEx
SelectPalette
SetPaletteEntries
CreateMetaFileW
CreateFontIndirectA
GetDIBits
StretchDIBits
OffsetRgn
GetBkColor
CreatePen
GetDeviceCaps
SetStretchBltMode
CreateDIBPatternBrushPt
CreatePalette

kernel32

GetVersionExW
TlsGetValue
GetCurrentProcess
GetPrivateProfileStringA
lstrlenA
CreateFileMappingA
GetLastError
GetLongPathNameW
CompareFileTime
GetSystemDefaultUILanguage
GetCurrentThreadId
GetUserDefaultUILanguage
FindResourceExW
GetProcessHeap
GetFileSize
lstrcmpiA
QueryPerformanceFrequency
ReadFile
AddAtomW
GetThreadLocale
GetSystemInfo
MapViewOfFile
OutputDebugStringA
InterlockedCompareExchange
LockFileEx
CreateFileA
OpenEventW
Sleep
FindClose
CompareStringA
HeapAlloc
MoveFileW
ReleaseMutex
OpenMutexA
TerminateThread
DeleteFileW
TerminateProcess
GetTickCount
MulDiv
FileTimeToSystemTime
WideCharToMultiByte
CreateFileMappingW
SetThreadExecutionState
InitializeCriticalSectionAndSpinCount
CloseHandle
CreateEventA
SetEndOfFile
GetModuleFileNameA
CompareStringW
ReleaseSemaphore
GetThreadContext
CreateProcessW
LocalAlloc
EnumUILanguagesW
IsWow64Process
LocalFileTimeToFileTime
GetAtomNameW
DeleteTimerQueueTimer
GlobalLock
FormatMessageW
GetTimeFormatW
InterlockedDecrement
GetShortPathNameW
GetSystemDefaultLCID
GetCPInfo
GlobalAddAtomW
GetFileInformationByHandle
GetSystemWow64DirectoryW
SetUnhandledExceptionFilter
GetEnvironmentVariableW
UnhandledExceptionFilter
GetModuleHandleA
IsDBCSLeadByte
CreateMutexW
GetModuleFileNameW
SystemTimeToFileTime
DebugBreak
GetPrivateProfileSectionW
MultiByteToWideChar
EnterCriticalSection
GetSystemDirectoryA
GetProcAddress
HeapReAlloc
FindResourceW
LoadResource
LocalSize
InterlockedExchange
WaitForSingleObject
LeaveCriticalSection
GetModuleHandleExW
LoadLibraryExW
SetCurrentDirectoryA
GlobalDeleteAtom
FreeLibraryAndExitThread
TryEnterCriticalSection
GetFileAttributesA
HeapCreate
GetSystemDirectoryW
GetTempPathW
Process32FirstW
SetEvent
ExpandEnvironmentStringsW
CreateActCtxW
OpenMutexW
CreateSemaphoreW
GetTempFileNameW
CreateMutexA
GetSystemTimeAsFileTime
SetThreadPriority
SetFileTime
GetVersion
OpenProcess
ReleaseActCtx
GetUserDefaultLCID
MoveFileExW
LockResource
SetFileAttributesW
SetProcessShutdownParameters
SetFilePointerEx
GetCurrentDirectoryW
InitializeCriticalSection
VirtualProtect
GetFileAttributesW
GetNumberFormatW
Process32NextW
ExitProcess
FlushInstructionCache
GetFileSizeEx
lstrcmpiW
LocalReAlloc
VirtualQuery
lstrcmpW
CopyFileW
DuplicateHandle
LocalFree
GlobalSize
WaitForMultipleObjects
TlsFree
CreateThread
GetLogicalDriveStringsW
RaiseException
ReplaceFileW
lstrcmpA
RemoveDirectoryW
HeapDestroy
SetLastError
UnlockFileEx
DeleteCriticalSection
WritePrivateProfileStringW
GetVersionExA
UnmapViewOfFile
WriteFile
GetExitCodeThread
SearchPathW
GlobalUnlock
FindFirstFileW
VirtualFree
GetPrivateProfileStringW
CreateDirectoryA
WritePrivateProfileSectionW
CreateFileW
GetModuleHandleExA
SetCurrentDirectoryW
SizeofResource
DisableThreadLibraryCalls
GetSystemTime
GetCurrentThread
FileTimeToLocalFileTime
GlobalAddAtomA
TlsSetValue
LoadLibraryA
HeapFree
SetErrorMode
GetFullPathNameW
GetModuleHandleW
GetThreadPriority
SuspendThread
GlobalFlags
VirtualAlloc
ActivateActCtx
GlobalAlloc
FindNextFileW
GetWindowsDirectoryW
WaitForSingleObjectEx
QueryDosDeviceW
DeleteAtom
ResumeThread
SetThreadContext
LCMapStringW
ResetEvent
GlobalFree
FreeLibrary
GetCurrentProcessId
ExpandEnvironmentStringsA
LoadLibraryW
GetACP
CreateToolhelp32Snapshot
SetFilePointer
CreateEventW
CreateTimerQueueTimer
QueryPerformanceCounter
GetLocaleInfoW
CreateDirectoryW
GetDateFormatW
lstrlenW
GetLocalTime
FindAtomW
GetFileAttributesExW
InterlockedIncrement
SetProcessWorkingSetSize
GetPrivateProfileSectionNamesW
QueueUserWorkItem
TlsAlloc
GlobalReAlloc
DeactivateActCtx
SetEnvironmentVariableW

ntdll

LdrGetDllHandle
RtlUshortByteSwap
NtAllocateVirtualMemory

psapi

GetProcessImageFileNameW

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

817747f28a2681f6b61bb057f7b3ee8e

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

advapi32

uxtheme

gdi32

kernel32

ntdll

psapi

Sections

.text Size: 183KB - Virtual size: 183KB

.rdata Size: 88KB - Virtual size: 88KB

.rsrc Size: 21KB - Virtual size: 21KB

.data Size: 37KB - Virtual size: 1.4MB

.tls Size: 512B - Virtual size: 4KB

.text
Size: 183KB - Virtual size: 183KB

.rdata
Size: 88KB - Virtual size: 88KB

.rsrc
Size: 21KB - Virtual size: 21KB

.data
Size: 37KB - Virtual size: 1.4MB

.tls
Size: 512B - Virtual size: 4KB