44a589c36d17639b73c6e37c4f96451d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44a589c36d17639b73c6e37c4f96451d_JaffaCakes118
Size

200KB
MD5

44a589c36d17639b73c6e37c4f96451d
SHA1

f8fb2107d106e259d7d332d9f2691ddc40243dc6
SHA256

92788c8a33d0c8fa5e1fed0f9b19904434a626a911d8ce726ddf86f39ba75cc8
SHA512

a9d69a5c7daa2984048c09404ebbf33648944ba88b25386cb895ec6062fe9849ca321a228fe8fbc8fb5856d1c08d7cbf0664a91b0d18b04abc54d803553aab50
SSDEEP

6144:E/ICDINMMnMMMMMaadD+7jiq7yXPHg+faiV8Bho7W:VNMMnMMMMM/di7jhmoIaiVEi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44a589c36d17639b73c6e37c4f96451d_JaffaCakes118

Files

44a589c36d17639b73c6e37c4f96451d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

093ad7a151abf6cb22e002e6737d893e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAAccept
WSAConnect

olecli32

OleEqual

user32

SubtractRect
AdjustWindowRect
DdeDisconnect
SetScrollInfo
GetCaretPos
DestroyIcon
DeferWindowPos
CloseClipboard
ShowScrollBar
GetMenuState
GetForegroundWindow
TrackPopupMenu
GetQueueStatus
DeleteMenu
SetMenuDefaultItem
GetFocus
WindowFromPoint
LoadAcceleratorsA
WinHelpA
CharUpperBuffA
SetCapture
SetWindowsHookExW
TranslateMessage
CreateAcceleratorTableA
CharLowerBuffA
UnhookWindowsHookEx
DdeFreeDataHandle
GetClassInfoExA
GetWindowLongA
InflateRect
RegisterClassA
FindWindowW
CharLowerA
EmptyClipboard
RemoveMenu
LoadBitmapA
DdeSetUserHandle
GetIconInfo
DrawFocusRect
CreateCursor
DdeAbandonTransaction
PeekMessageW
GetClipboardData
GetAsyncKeyState
DestroyAcceleratorTable
IsRectEmpty
SendDlgItemMessageA
CallWindowProcA
SendMessageA
PostThreadMessageA
SetCaretPos
UpdateWindow
VkKeyScanA
FillRect
GetSubMenu
CharNextA
GetMessagePos
TranslateMDISysAccel
HideCaret
ReleaseDC
DestroyCursor
CharToOemA
GetCapture
GetUpdateRect
SetFocus
FrameRect
DrawMenuBar
BeginDeferWindowPos
EqualRect
GetKeyboardLayout
GetMenuItemInfoA
IsChild
GetClassInfoA
CreateDialogParamA
ClipCursor
DrawTextA
ShowCursor
CreateWindowExA
GetLastActivePopup
AdjustWindowRectEx
DefMDIChildProcA
SetKeyboardState
GetCaretBlinkTime
VkKeyScanW
PostMessageW
MapWindowPoints
MsgWaitForMultipleObjects
DestroyMenu
PeekMessageA
OpenClipboard
DefFrameProcA
DdeQueryStringA
GetDC
DdeCreateStringHandleA
IsClipboardFormatAvailable
BringWindowToTop
SetWindowPos
DrawFrameControl
IsDialogMessageA
IsWindow
LoadCursorA
CharLowerBuffW
EndDialog
IntersectRect
CreateCaret
PostQuitMessage
CreateMenu
EnumClipboardFormats
InvalidateRect
keybd_event
EnumThreadWindows
IsWindowVisible
GetScrollPos
GetWindowTextA
TabbedTextOutA
ReleaseCapture
IsCharAlphaA
GetCursorPos
DdeGetData
LoadIconA
CharPrevA
GetKeyboardState
SetCursorPos
PtInRect
RegisterClassExA
UnregisterClassA
DdeFreeStringHandle
wsprintfA
SetDlgItemTextA
MessageBeep
SetWindowsHookExA
OemToCharA
SetTimer
WaitMessage
GetPropA
GetDCEx
LoadImageA
CharToOemBuffA
GetMenuItemID
CreateIcon
BeginPaint
DdeConnect
MoveWindow
DispatchMessageA
CheckMenuItem
SetMenuItemInfoA
GetClassNameA
DdeQueryConvInfo
IsIconic
ScreenToClient
SetRect
GetMenuItemCount
ShowCaret
CopyAcceleratorTableA
GetSystemMetrics
GetClipboardFormatNameA
DdeNameService
CallNextHookEx
DdeCreateDataHandle
IsZoomed
GetParent
DdeGetLastError
EnableWindow
CharUpperA
GetActiveWindow
DdeCmpStringHandles
AttachThreadInput
OffsetRect
GetUpdateRgn
SetWindowRgn
DialogBoxParamA
SetPropA
CharUpperBuffW
FindWindowA
SetMenu
DdeClientTransaction
EndPaint
SetParent
RemovePropA
SetForegroundWindow
GetClientRect
GetWindowRgn
SetScrollPos
DrawIcon
GetWindowRect
SetWindowTextA
EndDeferWindowPos
AppendMenuA
DdePostAdvise
SetWindowLongA
GetTabbedTextExtentA
GetWindowDC
DestroyWindow
InvalidateRgn
RegisterClipboardFormatA
DestroyCaret
SetClipboardData
ToAscii
GetMessageTime
ModifyMenuA
GetWindow
KillTimer
GetKeyState
GetScrollInfo
SetActiveWindow
DefWindowProcA
GetSysColor
GetWindowThreadProcessId
CreatePopupMenu
DdeInitializeA
ShowWindow
GetMenu
GetWindowTextLengthA
GetCursor
WaitForInputIdle
EnableMenuItem
LoadStringA
GetSystemMenu
CopyRect
MessageBoxIndirectA
SetWindowContextHelpId
GetDoubleClickTime
SystemParametersInfoA
GetDesktopWindow
ClientToScreen
DdeUninitialize
PostMessageA
SetCursor
GetMenuStringA
SetScrollRange
LockWindowUpdate
MessageBoxA
IsWindowEnabled
InsertMenuA
GetDlgItem

ddraw

DirectDrawEnumerateA

kernel32

FindFirstFileA
GetVersionExA
ReleaseSemaphore
GlobalUnlock
lstrcmpA
TlsSetValue
GetCPInfo
lstrcpyA
GetVersion
lstrcatA
GetSystemDefaultLangID
SetFilePointer
InterlockedDecrement
LoadLibraryExA
WaitForSingleObject
GetEnvironmentStrings
_lread
GetFullPathNameA
GetACP
FlushFileBuffers
GetLastError
LCMapStringW
CreateEventA
Sleep
GetExitCodeProcess
DeleteCriticalSection
VirtualAlloc
GetFileTime
FreeEnvironmentStringsW
VirtualQuery
MulDiv
lstrlenA
EnterCriticalSection
GetVolumeInformationA
IsDBCSLeadByte
WriteFile
FindNextFileA
GlobalAlloc
GetTickCount
GetDriveTypeA
GlobalReAlloc
CompareStringW
MultiByteToWideChar
GetStdHandle
InterlockedIncrement
MoveFileA
SetFileTime
CreateProcessA
LoadResource
GetCurrentProcessId
GlobalDeleteAtom
CompareStringA
CreateSemaphoreA
FreeEnvironmentStringsA
GetProfileStringA
SetHandleCount
SetStdHandle
HeapReAlloc
GetFileAttributesA
GetStringTypeA
GetProcAddress
GetLocaleInfoA
GetCommandLineA
IsBadReadPtr
WideCharToMultiByte
CreateFileA
TlsAlloc
lstrcmpiA
WinExec
FormatMessageA
FindClose
LockResource
HeapDestroy
CloseHandle
SetLocalTime
InitializeCriticalSection
SizeofResource
GlobalHandle
SetErrorMode
GetCurrentProcess
GlobalLock
SetEvent
_lclose
CreateThread
FileTimeToSystemTime
UnlockFile
FreeResource
ExitThread
TerminateProcess
GlobalFree
SetEndOfFile
RemoveDirectoryA
LockFile
lstrcpynA
GlobalAddAtomA
GetLocalTime
FreeLibrary
GetDateFormatA
HeapFree
GetWindowsDirectoryA
GetStartupInfoA
GetCurrentThreadId
LeaveCriticalSection
SetFileAttributesA
LoadLibraryA
GlobalSize
VirtualProtect
SetLastError
GetEnvironmentStringsW
FormatMessageW
ExitProcess
GetModuleFileNameW
FileTimeToLocalFileTime
RaiseException
GetTempFileNameA
GetTimeZoneInformation
VirtualFree
ResumeThread
GetTempPathA
UnhandledExceptionFilter
GetUserDefaultLCID
SetEnvironmentVariableA
TlsFree
_llseek
DuplicateHandle
IsBadCodePtr
ReadFile
GetSystemDirectoryA
GetShortPathNameA
DeleteFileA
GetFileType
SearchPathA
CreateDirectoryA
GetModuleFileNameA
SetCurrentDirectoryA
SystemTimeToFileTime
GetStringTypeW
GetModuleHandleA
GetSystemDefaultLCID
HeapSize
GetCurrentDirectoryA
GetSystemTime
TlsGetValue
CreateProcessW
RtlUnwind
ResetEvent
_lwrite
GetSystemInfo
GetOEMCP
GetStringTypeExA
HeapCreate
GetUserDefaultLangID
FlushInstructionCache
lstrcmpiW
FindResourceA
LCMapStringA
HeapAlloc

advapi32

RegEnumValueW
RegCreateKeyW
RegDeleteKeyA
RegQueryValueExA
RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyA
LookupPrivilegeValueA
RegCreateKeyA
RegEnumValueA
RegisterEventSourceA
RegEnumKeyW
RegEnumKeyA
OpenProcessToken
RegQueryValueA
RegOpenKeyA
DeregisterEventSource
RegCloseKey
RegSetValueA
RegDeleteValueW
ReportEventA
RegOpenKeyW
InitializeSecurityDescriptor
RegQueryValueExW
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
AdjustTokenPrivileges
SetSecurityDescriptorDacl

ole32

OleGetIconOfClass
ReadClassStg
CoFreeUnusedLibraries
CLSIDFromProgID
OleCreateLinkToFile
OleConvertOLESTREAMToIStorage
OleDoAutoConvert
DoDragDrop
CLSIDFromString
OleInitialize
OleCreateLinkFromData
CoLockObjectExternal
OleQueryLinkFromData
IIDFromString
MkParseDisplayName
CoUnmarshalInterface
OleSetClipboard
OleDuplicateData
CoGetClassObject
ReleaseStgMedium
RegisterDragDrop
RevokeDragDrop
CoRevokeClassObject
OleRun
OleLoadFromStream
OleUninitialize
OleCreateLink
CoGetMalloc
CreateBindCtx
BindMoniker
StgIsStorageILockBytes
OleDestroyMenuDescriptor
OleSave
CoRegisterMessageFilter
OleCreateMenuDescriptor
OleCreateFromData
StringFromGUID2
ProgIDFromCLSID
CreateDataAdviseHolder
OleFlushClipboard
CreateOleAdviseHolder
OleLoad
OleRegGetUserType
OleGetClipboard
OleConvertIStorageToOLESTREAM
CoCreateInstance
StgCreateDocfileOnILockBytes
CoMarshalInterface
CoRegisterClassObject
OleTranslateAccelerator
OleIsCurrentClipboard
ReadClassStm
OleSetMenuDescriptor
WriteClassStg
OleLockRunning
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
OleQueryCreateFromData
StringFromCLSID
CoDisconnectObject
StgOpenStorage
OleGetAutoConvert
IsAccelerator
GetClassFile
StgCreateDocfile
OleCreateFromFile
CreateILockBytesOnHGlobal
CoIsOle1Class
OleIsRunning
OleSaveToStream

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

093ad7a151abf6cb22e002e6737d893e

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

olecli32

user32

ddraw

kernel32

advapi32

ole32

Sections

.text Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 360KB

.idata Size: 16KB - Virtual size: 12KB

.reloc Size: 4KB - Virtual size: 64B

.rsrc Size: 164KB - Virtual size: 160KB

.rdata Size: 4KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 360KB

.idata
Size: 16KB - Virtual size: 12KB

.reloc
Size: 4KB - Virtual size: 64B

.rsrc
Size: 164KB - Virtual size: 160KB

.rdata
Size: 4KB - Virtual size: 1KB