471db5a1bd8a71c07c518bcf989ab1f7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

471db5a1bd8a71c07c518bcf989ab1f7_JaffaCakes118
Size

332KB
MD5

471db5a1bd8a71c07c518bcf989ab1f7
SHA1

0f0f5cf9f54d5298c4e6c1da6e0a88856edba7ff
SHA256

cf9f1bd69c26ab2cabb359a67ea3521e3b43faffc707c2227f89e3c720a2c3ef
SHA512

fc6974189cef7e08051b74802bdf5ee7294f1c7c4fac94ee980ea1976b0422524e7248ed82ce9fa524cbffbfeb2058e9b9975c56806e9fef105bbbbb4a397ea3
SSDEEP

6144:gfU6Igd3rtkavMYHfbbIXCoi6Hag/rUPfd3aCiXHbZ+RNyMz9:g8dgPksXbIXCore9iXgRr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
471db5a1bd8a71c07c518bcf989ab1f7_JaffaCakes118

Files

471db5a1bd8a71c07c518bcf989ab1f7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

409f3b5373e0097757eead8b9e985f1a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

TraceMessage
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetTraceLoggerHandle
RegQueryValueExA
SetTokenInformation
ImpersonateSelf
RegEnumKeyW
RegCloseKey
IsTextUnicode
RegCreateKeyExW
RegQueryInfoKeyW
UnregisterTraceGuids
RegEnumKeyExW
RegisterTraceGuidsW
OpenProcessToken
GetLengthSid
CryptDestroyHash
RegDeleteKeyW
RegOpenKeyW
RegOpenKeyExA
RegQueryValueW
ConvertSidToStringSidW
CryptReleaseContext
GetUserNameW
RegEnumValueA
ConvertStringSidToSidW
CreateProcessAsUserW
CryptCreateHash
CryptGetHashParam
RegCreateKeyExA
GetTraceEnableFlags
RegSetValueExA
OpenThreadToken
RegOpenKeyExW
CryptHashData
RegDeleteValueW
SetThreadToken
GetTraceEnableLevel
CryptAcquireContextW
RegDeleteValueA
RegEnumValueW
TraceEvent
GetTokenInformation
RegDeleteKeyA
RegOpenCurrentUser
RegCreateKeyA
RegSetValueExW
RegQueryValueExW
DuplicateTokenEx

ntdll

LdrGetDllHandle
RtlUshortByteSwap
NtAllocateVirtualMemory

user32

GetParent
SetDlgItemTextW
GetWindowThreadProcessId
GetForegroundWindow
IsWindow
CopyImage
GetAsyncKeyState
GetWindowPlacement
SetActiveWindow
GetFocus
GetDlgItem
GetDoubleClickTime
GetProcessWindowStation
EnumDisplaySettingsW
DialogBoxParamA
CreateIconIndirect
VkKeyScanExW
MapWindowPoints
IsIconic
SetPropA
CheckDlgButton
PostThreadMessageA
CharLowerBuffW
SetScrollPos
GetSysColor
GetDialogBaseUnits
CharNextA
IntersectRect
ScreenToClient
ChangeClipboardChain
CheckMenuItem
GetWindowDC
DdeUninitialize
GetMenuItemCount
DdeFreeStringHandle
GetIconInfo
IsWindowVisible
MessageBoxIndirectW
DrawEdge
SendMessageA
InsertMenuItemW
GetNextDlgTabItem
DdeCreateStringHandleW
EmptyClipboard
CheckRadioButton
SetParent
GetWindowLongA
DrawIconEx
GetSubMenu
LoadCursorW
MonitorFromWindow
UnionRect
GetKeyboardLayout
PeekMessageA
TranslateAcceleratorW
IsCharAlphaNumericW
RegisterClipboardFormatA
TranslateMessage
CreateWindowExW
PostQuitMessage
DestroyMenu
GetDC
EndMenu
CharPrevA
GetComboBoxInfo
LoadBitmapW
DdeInitializeW
GetCursorPos
MsgWaitForMultipleObjects
IsMenu
SendMessageTimeoutA
GetClassInfoExW
DdeNameService
SetCursor
SetRectEmpty
SendMessageW
GetWindowInfo
GetSystemMenu
GetClassLongW
EnableWindow
DeferWindowPos
ShowOwnedPopups
GetWindowLongW
GetMessagePos
RemovePropW
GetKeyState
PostThreadMessageW
AdjustWindowRectEx
CallNextHookEx
EnumDesktopWindows
SendNotifyMessageW
DdeCreateDataHandle
DefWindowProcW
OpenClipboard
MessageBoxW
TrackPopupMenu
SetCursorPos
DestroyWindow
TrackMouseEvent
FindWindowW
SetCapture
GetWindow
KillTimer
InvalidateRect
GetMenuItemID
SetWindowTextW
DrawFocusRect
SetWindowLongW
RemovePropA
DdeClientTransaction
FindWindowA
SetWindowRgn
DispatchMessageW
SystemParametersInfoW
GetCursor
UnregisterClassW
GetLastActivePopup
ClientToScreen
GetDlgItemTextW
LoadStringA
MonitorFromRect
SetWindowLongA
GetMenuItemInfoA
IsRectEmpty
SetScrollInfo
SendDlgItemMessageW
CreateDialogParamW
CharUpperW
GetMenuState
GetMenuDefaultItem
RemoveMenu
GetPropA
DestroyAcceleratorTable
WinHelpW
UnhookWindowsHookEx
IsDialogMessageW
ReleaseCapture
AllowSetForegroundWindow
UpdateLayeredWindow
RegisterWindowMessageW
EnumThreadWindows
AdjustWindowRect
ReleaseDC
GetKeyNameTextW
RegisterClipboardFormatW
GetWindowTextW
ShowWindow
SetDlgItemInt
SetTimer
GetClassWord
CallMsgFilterW
InflateRect
ChildWindowFromPoint
EnableMenuItem
RegisterWindowMessageA
GetScrollInfo
DdeConnect
GetLastInputInfo
NotifyWinEvent
LoadAcceleratorsW
SetRect
LoadStringW
SystemParametersInfoA
WaitForInputIdle
GetActiveWindow
GetAncestor
EndDialog
LoadCursorA
RegisterClassW
CharLowerW
EndDeferWindowPos
CreateMenu
GetShellWindow
SendMessageTimeoutW
WindowFromPoint
MessageBoxIndirectA
CopyIcon
SetPropW
DefWindowProcA
SetWindowPos
CheckMenuRadioItem
DialogBoxIndirectParamA
EndPaint
PtInRect
DialogBoxIndirectParamW
RegisterClassExW
OffsetRect
CloseClipboard
ShowCaret
LoadImageW
LoadIconW
DialogBoxParamW
FillRect
MapDialogRect
EqualRect
MonitorFromPoint
GetClassInfoW
GetClipboardFormatNameW
IsDlgButtonChecked
EnumChildWindows
BeginPaint
GetDesktopWindow
wsprintfW
GetTopWindow
GetMonitorInfoW
SetMenuDefaultItem
SetClipboardData
CharNextW
DispatchMessageA
DdeQueryStringW
AttachThreadInput
GetWindowRgnBox
MapVirtualKeyW
GetWindowRect
GetClipboardData
PostMessageA
CharPrevW
GetSysColorBrush
PeekMessageW
MoveWindow
TrackPopupMenuEx
GetSystemMetrics
MessageBoxExW
DrawTextW
DdeFreeDataHandle
IsChild
LockSetForegroundWindow
MessageBeep
DdeGetData
ShowScrollBar
CreatePopupMenu
BeginDeferWindowPos
DrawTextExW
GetMessageW
DestroyIcon
WaitMessage
MsgWaitForMultipleObjectsEx
GetDlgCtrlID
GetCapture
HideCaret
DdeDisconnect
AnimateWindow
SetWindowsHookExW
SetWindowPlacement
SetMenu
IsWindowUnicode
SetForegroundWindow
MessageBoxExA
CallWindowProcW
IsWindowEnabled
UpdateWindow
GetMenuItemInfoW
FindWindowExW
GetMessageA
SetMenuItemBitmaps
LoadMenuW
RedrawWindow
InsertMenuW
GetClassNameW
SetMenuItemInfoW
SetFocus
EnumWindows
AppendMenuW
GetWindowTextLengthW
GetMenuStringW
GetClientRect
SetClipboardViewer
PostMessageW
GetPropW
DeleteMenu
GetMessageTime
CopyRect
IsHungAppWindow
DrawFrameControl

shell32

SHGetFolderLocation
SHGetInstanceExplorer
ExtractIconExW
ExtractAssociatedIconExW
ShellExecuteA
SHPathPrepareForWriteW
Shell_NotifyIconA
SHAppBarMessage
SHGetSpecialFolderPathW
SHGetFileInfoW
SHBindToParent
DragQueryFileW
SHChangeNotify
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
SHGetPathFromIDListA
SHBrowseForFolderW
SHGetDataFromIDListW
SHGetFolderPathW
SHSetLocalizedName
SHCreateShellItem
ExtractIconW
SHGetFolderPathAndSubDirW
SHFileOperationW
Shell_NotifyIconW
ShellExecuteExW
ShellAboutW
SHGetDesktopFolder

gdi32

SelectObject
GetLayout
CreateSolidBrush
GetTextExtentPointW
CreateRectRgnIndirect
LPtoDP
GetBkColor
GetStockObject
CreateRectRgn
SetWindowExtEx
CreateFontW
CreateDIBSection
CreatePatternBrush
CreateCompatibleDC
RectVisible
SetWindowOrgEx
EqualRgn
GetObjectA
CreateBitmap
TextOutW
SetRectRgn
CreateCompatibleBitmap
SetViewportExtEx
IntersectClipRect
SetBkColor
CloseEnhMetaFile
CreateEnhMetaFileA
SetPaletteEntries
GetClipBox
GetDCOrgEx
GetDIBits
GetGlyphIndicesW
SetBkMode
SetTextAlign
CombineRgn
GetTextExtentExPointI
SaveDC
ExtCreateRegion
OffsetRgn
CreateDIBPatternBrushPt
DeleteDC
RestoreDC
GetDeviceCaps
GetRegionData
OffsetWindowOrgEx
GetTextCharset
CreatePolygonRgn
GetPaletteEntries
GetBrushOrgEx
CreateDCA
CreatePalette
CreateDCW
CreateHalftonePalette
GetTextExtentPoint32W
Rectangle
CreatePen
SetLayout
StretchDIBits
SetTextColor
SetViewportOrgEx
GetSystemPaletteEntries
GetTextAlign
SetStretchBltMode
PatBlt
DeleteEnhMetaFile
SetBrushOrgEx
SetDCPenColor
SetMapMode
ExtTextOutW
GetBkMode
GetPixel
CreateMetaFileW
CreateFontIndirectW
LineTo
GetTextExtentPoint32A
StretchBlt
RealizePalette
PlayEnhMetaFile
CloseMetaFile
DeleteObject
GetObjectW
MoveToEx
GetTextMetricsW
SelectPalette
GetRgnBox
GetTextColor
CreateFontIndirectA
TextOutA
BitBlt

uxtheme

GetThemeMargins
GetThemeBackgroundContentRect
CloseThemeData
IsThemeActive
GetThemeFont
GetThemeBackgroundExtent
GetThemePartSize
DrawThemeBackground
IsAppThemed
OpenThemeData
GetThemeColor
GetThemeAppProperties
SetWindowTheme
GetThemeMetric
DrawThemeParentBackground

kernel32

DeleteCriticalSection
GlobalAlloc
InterlockedExchange
SetProcessShutdownParameters
GetPrivateProfileSectionW
GetTempFileNameW
InitializeCriticalSection
CreateTimerQueueTimer
SizeofResource
GetVersionExA
ExpandEnvironmentStringsA
GetSystemInfo
LocalSize
ReadFile
CreateActCtxW
GetFileAttributesW
ReleaseMutex
FindNextFileW
EnumUILanguagesW
Sleep
GetSystemDirectoryA
LeaveCriticalSection
GetCPInfo
SetLastError
UnmapViewOfFile
CreateEventW
TlsFree
SetUnhandledExceptionFilter
GetLogicalDriveStringsW
SearchPathW
DeleteFileW
WriteFile
FileTimeToSystemTime
LoadLibraryW
SuspendThread
GetFileInformationByHandle
EnterCriticalSection
CreateSemaphoreW
GlobalLock
TerminateThread
GetProcAddress
GetFileSizeEx
SetFileTime
GetModuleFileNameA
GetModuleHandleExA
LoadResource
CreateDirectoryA
TlsAlloc
GetTempPathW
ResumeThread
ExpandEnvironmentStringsW
DeactivateActCtx
GetSystemDirectoryW
WaitForSingleObjectEx
MoveFileExW
GetModuleHandleW
CreateMutexW
VirtualProtect
HeapFree
LockResource
ReleaseActCtx
GetThreadLocale
SetErrorMode
CopyFileW
HeapAlloc
GetLongPathNameW
lstrcmpiA
GetCurrentProcessId
HeapReAlloc
IsWow64Process
WaitForSingleObject
GetTimeFormatW
GetVersionExW
CreateFileA
FileTimeToLocalFileTime
SetCurrentDirectoryW
SetProcessWorkingSetSize
ActivateActCtx
GetSystemDefaultUILanguage
WaitForMultipleObjects
GetFileAttributesA
CreateMutexA
QueueUserWorkItem
GlobalAddAtomW
GetSystemDefaultLCID
GetFileSize
DebugBreak
GlobalDeleteAtom
GetTickCount
MultiByteToWideChar
FreeLibraryAndExitThread
OutputDebugStringA
SetEndOfFile
ReplaceFileW
SetThreadContext
TlsGetValue
LCMapStringW
GetModuleHandleExW
GetThreadPriority
CompareStringA
GetCurrentDirectoryW
TerminateProcess
OpenMutexW
GlobalFlags
RemoveDirectoryW
Process32FirstW
CreateFileW
OpenMutexA
LoadLibraryExW
FindResourceExW
SetEnvironmentVariableW
SetFilePointer
CloseHandle
SetFilePointerEx
ExitProcess
QueryDosDeviceW
lstrlenW
CreateEventA
FreeLibrary
QueryPerformanceCounter
GetCurrentThread
WritePrivateProfileStringW
lstrcmpW
LocalReAlloc
ReleaseSemaphore
GetVersion
HeapCreate
GlobalSize
CreateProcessW
CreateToolhelp32Snapshot
CreateThread
MulDiv
InterlockedDecrement
WideCharToMultiByte
FindAtomW
GetPrivateProfileStringA
MapViewOfFile
AddAtomW
GetACP
GetFileAttributesExW
GetShortPathNameW
VirtualFree
GetThreadContext
GetEnvironmentVariableW
LoadLibraryA
OpenProcess
GetDateFormatW
SetFileAttributesW
GetExitCodeThread
GetWindowsDirectoryW
RaiseException
lstrcmpA
UnlockFileEx
FindClose
GetPrivateProfileStringW
InterlockedCompareExchange
GetLastError
FindResourceW
InterlockedIncrement
GetProcessHeap
CreateDirectoryW
GlobalAddAtomA
GetSystemTime
LocalAlloc
SetThreadPriority
GlobalFree
GetPrivateProfileSectionNamesW
GetModuleHandleA
HeapDestroy
DeleteAtom
LocalFileTimeToFileTime
FormatMessageW
WritePrivateProfileSectionW
FindFirstFileW
Process32NextW
DisableThreadLibraryCalls
GetFullPathNameW
GetSystemWow64DirectoryW
SetEvent
lstrcmpiW
GetCurrentProcess
lstrlenA
GlobalReAlloc
LockFileEx
ResetEvent
UnhandledExceptionFilter
GetUserDefaultLCID
CreateFileMappingA
GetNumberFormatW
GetUserDefaultUILanguage
GetLocalTime
CompareFileTime
DuplicateHandle
GetSystemTimeAsFileTime
SetCurrentDirectoryA
CompareStringW
QueryPerformanceFrequency
IsDBCSLeadByte
SetThreadExecutionState
VirtualQuery
GetAtomNameW
GetLocaleInfoW
LocalFree
FlushInstructionCache
GlobalUnlock
DeleteTimerQueueTimer
MoveFileW
VirtualAlloc
TryEnterCriticalSection
TlsSetValue
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
CreateFileMappingW
GetCurrentThreadId
SystemTimeToFileTime
OpenEventW

psapi

GetProcessImageFileNameW

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

409f3b5373e0097757eead8b9e985f1a

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

ntdll

user32

shell32

gdi32

uxtheme

kernel32

psapi

Sections

.text Size: 183KB - Virtual size: 183KB

.rdata Size: 88KB - Virtual size: 88KB

.rsrc Size: 21KB - Virtual size: 21KB

.data Size: 37KB - Virtual size: 1.4MB

.tls Size: 512B - Virtual size: 4KB

.text
Size: 183KB - Virtual size: 183KB

.rdata
Size: 88KB - Virtual size: 88KB

.rsrc
Size: 21KB - Virtual size: 21KB

.data
Size: 37KB - Virtual size: 1.4MB

.tls
Size: 512B - Virtual size: 4KB