414c83e5022e1d4033823c06c6df2a11_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

414c83e5022e1d4033823c06c6df2a11_JaffaCakes118
Size

61KB
MD5

414c83e5022e1d4033823c06c6df2a11
SHA1

144b4b685dce0b5698c40968d38004c8312a4145
SHA256

9f5ac325e62e3933ab8dc34ab422977c52f7782657208e55a22d298de1aae5b4
SHA512

db4844384e0b25f9a936bc58ec960164578a16e4466273e167b496a9b463e5d255fc7d82a3f3780236a526680d5fc26fe15129d08ce983782588b8ff53b8fc2f
SSDEEP

1536:jkLhJI2ctR/H1c6bKyPepwYXBxFcYc1GT0ki:jkdJI2crdUCExrZT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
414c83e5022e1d4033823c06c6df2a11_JaffaCakes118

Files

414c83e5022e1d4033823c06c6df2a11_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d0ef57edb8f72d82950ffe392a7b0603

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueW
RegEnumKeyW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegDeleteKeyW
RegOpenKeyW
SetFileSecurityW
RegDeleteValueW
RegQueryValueW
GetFileSecurityW
RegCreateKeyW
RegOpenKeyExW

ws2_32

WSAGetLastError

msvcrt

wcsncpy
__argc
localtime
realloc
wcstol
_wcsnicmp
free
wcsspn
memmove
fread
_CxxThrowException
_itow
_msize
malloc
wcsncmp
wcschr
_ultow
_onexit
fseek
wcslen
_get_osfhandle
_endthreadex
_snwprintf
_wcsrev
wcscpy
fclose
wcsstr
ftell
fflush
iswdigit
_wcsdup
__CxxFrameHandler
modf
__dllonexit
clearerr
_initterm
__wargv
abort
wcsftime
_wcslwr
_wsplitpath
__doserrno
wcscmp
floor
vswprintf
_expand
_ltow
_wtoi
wcscspn
fwrite
swprintf
wcstoul
_wfullpath
calloc
fgetws
_open_osfhandle
ceil
_fdopen
_purecall
fputws
wcstod
wcsrchr
_wcsupr
gmtime
iswspace
_wtol
time
wcspbrk
_beginthreadex
mktime
_adjust_fdiv
_except_handler3

adsldpc

ADsEnumClasses

kernel32

InterlockedDecrement
lstrlenW
lstrcatA
GetTempFileNameW
UnhandledExceptionFilter
ReleaseMutex
VirtualAlloc
ReleaseSemaphore
SuspendThread
TlsGetValue
WritePrivateProfileStringW
GetTickCount
CopyFileW
VirtualQuery
GlobalSize
LoadLibraryW
FileTimeToLocalFileTime
FreeLibrary
GetCurrentDirectoryW
GetPrivateProfileIntW
GetVersionExW
InterlockedCompareExchange
LockResource
SystemTimeToFileTime
CreateFileW
SetUnhandledExceptionFilter
OutputDebugStringW
GetLastError
GlobalDeleteAtom
WriteFile
lstrcpynA
GetProfileIntW
FindNextFileW
IsDBCSLeadByte
GetFullPathNameW
SetLastError
WaitForSingleObject
LocalLock
GetCurrentThread
LocalFree
EnterCriticalSection
DeleteCriticalSection
GetThreadLocale
lstrcmpiW
SetFilePointer
lstrcatW
InterlockedIncrement
DuplicateHandle
GlobalFindAtomW
CreateMutexW
WaitForMultipleObjects
LoadLibraryExA
GlobalUnlock
GetFileSize
GetTempPathW
GetVersion
VirtualProtect
GlobalHandle
GetCurrentProcessId
CreateEventW
GetModuleHandleW
GetSystemDirectoryA
FileTimeToSystemTime
GlobalReAlloc
LocalUnlock
GetSystemTimeAsFileTime
lstrlenA
FreeResource
GetVolumeInformationW
GetStringTypeExW
LeaveCriticalSection
LocalAlloc
GetProcAddress
lstrcpyW
GetProcessVersion
TlsAlloc
Sleep
SetFileAttributesW
GetFileAttributesW
LocalReAlloc
FormatMessageW
SetFileTime
SetEvent
FindResourceW
lstrcmpW
FlushFileBuffers
TerminateProcess
GetUserDefaultLCID
lstrcpyA
lstrcpynW
InitializeCriticalSection
GetVersionExA
GetCurrentProcess
GlobalAddAtomW
LocalFileTimeToFileTime
CreateSemaphoreW
DelayLoadFailureHook
FindResourceExW
TlsSetValue
UnlockFile
MoveFileW
WideCharToMultiByte
DeleteFileW
lstrcmpiA
SizeofResource
GlobalGetAtomNameW
GetFileTime
GlobalAlloc
GlobalLock
GetCurrentThreadId
SetErrorMode
SetEndOfFile
GetPrivateProfileStringW
FindClose
GetDiskFreeSpaceW
QueryPerformanceCounter
GetShortPathNameW
GlobalFlags
TlsFree
LoadResource
SetThreadPriority
MulDiv
ResumeThread
FindFirstFileW
GetModuleHandleA
MultiByteToWideChar
GetSystemInfo
ReadFile
LockFile
lstrcmpA
GlobalFree
CloseHandle
SearchPathW
GetModuleFileNameW
LoadLibraryA

wininet

InternetConnectW
InternetGetCookieW
HttpSendRequestW
InternetFindNextFileW
HttpAddRequestHeadersW
InternetSetOptionExW
HttpOpenRequestW
InternetWriteFile
InternetSetCookieW
GopherFindFirstFileW
InternetOpenUrlW
FtpPutFileW
FtpFindFirstFileW
GopherGetAttributeW
FtpCreateDirectoryW
FtpOpenFileW
HttpEndRequestW
HttpSendRequestExW
FtpRenameFileW
InternetCloseHandle
InternetSetStatusCallbackW
InternetErrorDlg
FtpSetCurrentDirectoryW
GopherCreateLocatorW
FtpGetCurrentDirectoryW
HttpQueryInfoW
FtpGetFileW
InternetOpenW
InternetQueryDataAvailable
InternetReadFile
InternetSetFilePointer
GopherOpenFileW
FtpDeleteFileW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetGetLastResponseInfoW
FtpRemoveDirectoryW
InternetQueryOptionW

user32

MapWindowPoints
DrawTextW
SetPropW
GetTabbedTextExtentA
WindowFromDC
SetDlgItemInt
CallNextHookEx
InvalidateRect
TranslateAcceleratorW
IsWindowVisible
GetTopWindow
WindowFromPoint
CheckDlgButton
GetMenuItemID
GetSubMenu
GetClassNameW
GetDC
CopyAcceleratorTableW
GetAsyncKeyState
GetFocus
SetWindowTextW
SetScrollInfo
GetMenuItemCount
ShowWindow
GetSystemMetrics
UnhookWindowsHookEx
SendDlgItemMessageW
EndDeferWindowPos
EndPaint
SetWindowPlacement
EnumChildWindows
SetCursorPos
InflateRect
SystemParametersInfoA
ShowScrollBar
DrawEdge
DestroyMenu
BeginDeferWindowPos
DefMDIChildProcW
DeferWindowPos
SetWindowPos
RedrawWindow
OffsetRect
PtInRect
ReleaseDC
GetNextDlgGroupItem
GetNextDlgTabItem
SetScrollPos
PostThreadMessageW
MessageBeep
GetLastActivePopup
RegisterWindowMessageW
GetWindowDC
GetKeyState
SetWindowLongW
ReuseDDElParam
GetMessagePos
LoadIconW
GetDlgItem
InvertRect
GetSysColorBrush
MoveWindow
ModifyMenuW
LoadStringW
SetDlgItemTextW
CallWindowProcW
GetForegroundWindow
PostMessageW
AppendMenuW
UnionRect
MessageBoxA
BeginPaint
SetMenuItemBitmaps
TrackPopupMenu
ScrollWindowEx
CreateMenu
RegisterClipboardFormatW
DestroyCursor
GetTabbedTextExtentW
EnableWindow
DestroyWindow
KillTimer
SetRect
TranslateMDISysAccel
GetWindowRect
TranslateMessage
GetWindowThreadProcessId
wvsprintfW
GetDlgItemTextW
UnregisterClassW
CreateDialogIndirectParamW
GetParent
SetActiveWindow
GetActiveWindow
RegisterClassW
InsertMenuW
SendMessageW
DefWindowProcW
LoadAcceleratorsW
SetTimer
IsRectEmpty
GetMenuStringW
GetMessageW
GetWindowTextLengthW
IsWindowEnabled
GetDlgCtrlID
GetDlgItemInt
SetParent
GetMenuState
EqualRect
FillRect
DefFrameProcW
SetMenu
SystemParametersInfoW
GetDialogBaseUnits
EnableMenuItem
DrawMenuBar
IsDlgButtonChecked
MsgWaitForMultipleObjects
AdjustWindowRectEx
ClipCursor
ScreenToClient
SetFocus
GetScrollRange
GetPropW
GetWindow
CopyRect
SetForegroundWindow
IsChild
IntersectRect
CreateWindowExW
GetCursorPos
SetCapture
SetScrollRange
WaitMessage
GetWindowLongW
PeekMessageW
PostQuitMessage
IsWindow
DeleteMenu
CheckRadioButton
GetClassInfoW
UpdateWindow
GrayStringW
BringWindowToTop
LoadBitmapW
TabbedTextOutW
IsDialogMessageW
CountClipboardFormats
CheckMenuItem
UnpackDDElParam
LockWindowUpdate
MessageBoxW
GetDCEx
MapDialogRect
GetCapture
GetScrollPos
CharNextW
DrawFocusRect
wsprintfW
SendDlgItemMessageA
EndDialog
SetRectEmpty
GetScrollInfo
SetWindowsHookExW
GetMenuCheckMarkDimensions
GetClientRect
RemoveMenu
DestroyIcon
DispatchMessageW
GetMessageTime
GetDesktopWindow
SetWindowContextHelpId
ShowOwnedPopups
InSendMessage
GetWindowTextW
GetWindowPlacement
IsZoomed
CharUpperW
FindWindowW
ScrollWindow
GetSystemMenu
ReleaseCapture
FrameRect
ClientToScreen
IsIconic
IsClipboardFormatAvailable
InvalidateRgn
LoadCursorW
RemovePropW
GetMenu
SetCursor
LoadMenuW
WinHelpW
GetSysColor
ValidateRect

ole32

ReadClassStg
OleCreateFromData
OleLockRunning
CoTaskMemAlloc
OleIsCurrentClipboard
OleInitialize
OleSetClipboard
SetConvertStg
CoTaskMemFree
OleRegGetMiscStatus
OleGetIconOfClass
WriteClassStm
OleCreateLinkToFile
CoCreateInstance
StgOpenStorageOnILockBytes
CreateOleAdviseHolder
GetClassFile
CreateDataAdviseHolder
CoRegisterClassObject
OleLoad
RegisterDragDrop
DoDragDrop
OleDestroyMenuDescriptor
WriteFmtUserTypeStg
OleTranslateAccelerator
OleSetContainedObject
CoGetMalloc
CoRegisterMessageFilter
OleFlushClipboard
CreateFileMoniker
GetRunningObjectTable
CLSIDFromString
ReadFmtUserTypeStg
CoTreatAsClass
IsAccelerator
StringFromGUID2
StgIsStorageFile
OleCreateFromFile
OleLoadFromStream
WriteClassStg
CreateDataCache
ReadClassStm
OleIsRunning
CoDisconnectObject
RevokeDragDrop
CoGetClassObject
OleSetMenuDescriptor
GetHGlobalFromILockBytes
OleRegGetUserType
CoFreeUnusedLibraries
OleCreateStaticFromData
OleCreateLinkFromData
CoUninitialize
OleGetClipboard
CoInitialize
CreateBindCtx
CreateILockBytesOnHGlobal
OleUninitialize
OleCreateMenuDescriptor
OleSaveToStream
OleDuplicateData
CreateGenericComposite
StgCreateDocfileOnILockBytes
OleRun
OleCreate
StgCreateDocfile
CreateStreamOnHGlobal
CLSIDFromProgID
OleQueryCreateFromData
StgOpenStorage
CreateItemMoniker
CoRevokeClassObject
ReleaseStgMedium
StringFromCLSID
CoLockObjectExternal
OleQueryLinkFromData
OleRegEnumVerbs
OleSave

ntdll

NtCreateKey

gdi32

CreateMetaFileW
LPtoDP
PolylineTo
EndDoc
GetViewportExtEx
IntersectClipRect
ArcTo
CreateCompatibleDC
GetViewportOrgEx
GetTextMetricsW
GetPixel
GetStockObject
CreateCompatibleBitmap
CreateRectRgnIndirect
GetTextFaceW
CreatePalette
GetCharWidthW
GetCurrentPositionEx
SetTextCharacterExtra
SetArcDirection
SetRectRgn
EnumMetaFile
GetTextAlign
SetAbortProc
CreateBitmap
MoveToEx
AbortDoc
EndPage
ExtTextOutW
CreateDIBPatternBrushPt
RectVisible
ScaleWindowExtEx
GetBkMode
GetObjectW
GetMapMode
CreateFontW
PlayMetaFileRecord
OffsetRgn
StartPage
PatBlt
GetBkColor
DeleteObject
GetDeviceCaps
Escape
SelectClipRgn
SetWindowOrgEx
ScaleViewportExtEx
SetTextAlign
SetTextJustification
GetClipRgn
UnrealizeObject
PlayMetaFile
GetNearestColor
SetPolyFillMode
OffsetClipRgn
LineTo
StartDocW
SetViewportOrgEx
DeleteDC
GetWindowOrgEx
SelectPalette
SetBrushOrgEx
SetROP2
GetObjectType
CreateFontIndirectW
DPtoLP
SetWindowExtEx
GetTextColor
EnumFontFamiliesExW
ExtSelectClipRgn
SelectClipPath
CombineRgn
RestoreDC
CreateRectRgn
RealizePalette
SetViewportExtEx
SetColorAdjustment
SetStretchBltMode
SetMapMode
PolyDraw
CloseMetaFile
SaveDC
GetClipBox
GetTextExtentPoint32W
EnumFontFamiliesW
GetWindowExtEx
CopyMetaFileW
Rectangle
CreateHatchBrush
GetTextExtentPoint32A
PtVisible
SelectObject
OffsetViewportOrgEx
ExtCreatePen
StretchDIBits
TextOutW
CreateDCW
BitBlt
GetROP2
GetPaletteEntries
GetPolyFillMode
ExcludeClipRect
SetTextColor
GetStretchBltMode
PolyBezierTo
OffsetWindowOrgEx
SetBkColor
CreateSolidBrush
DeleteMetaFile
SetBkMode
CreatePen
SetMapperFlags
CreatePatternBrush

Sections

.textbss
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d0ef57edb8f72d82950ffe392a7b0603

Headers

File Characteristics

Imports

advapi32

ws2_32

msvcrt

adsldpc

kernel32

wininet

user32

ole32

ntdll

gdi32

Sections

.textbss Size: 512B - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 448B

.rdata Size: 512B - Virtual size: 32B

.idata Size: 59KB - Virtual size: 58KB

.textbss
Size: 512B - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 448B

.rdata
Size: 512B - Virtual size: 32B

.idata
Size: 59KB - Virtual size: 58KB