45279cb66df8e205247ec9493eefa6f0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45279cb66df8e205247ec9493eefa6f0_JaffaCakes118
Size

45KB
MD5

45279cb66df8e205247ec9493eefa6f0
SHA1

40726638ddccf1b37251efb171146a310055e2ad
SHA256

eb3befe86f8de9c8b5c20555fe736618155306ecb4cfa0564c036e09aef74888
SHA512

e2bb5d36bba5ba7654ffb0b1b2e4705de36e3b6b712171c7eacff13d5cc0b56cf322751d52644220f26ae0bc162ab0d311a946ad03ec4e57e4da57ad8878921e
SSDEEP

768:IhNSZUO+6yUG/buRclo1ylPAylZQvf5W4CAXjl8SnHRIi5LWSztFf9P+qMEXvbE:Ih+o/aa+1ylPAyzUxyAhrHRIi5LRNPPw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45279cb66df8e205247ec9493eefa6f0_JaffaCakes118

Files

45279cb66df8e205247ec9493eefa6f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2814c2da70cdb30365ca48a1ed17d3db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextAlign
TextOutW
DeleteObject
ScaleViewportExtEx
Escape
RealizePalette
Rectangle
DeleteDC
CreateMetaFileW
PtVisible
CreateSolidBrush
GetTextColor
CreateBitmap
GetViewportOrgEx
CreatePatternBrush
SetWindowExtEx
SelectPalette
EnumFontFamiliesExW
SetArcDirection
SetTextJustification
SetViewportExtEx
DPtoLP
GetWindowOrgEx
CreateRectRgnIndirect
GetROP2
OffsetWindowOrgEx
GetTextMetricsW
SaveDC
EndDoc
AbortDoc
GetBkMode
GetWindowExtEx
StartDocW
SetViewportOrgEx
UnrealizeObject
EnumMetaFile
RestoreDC
EndPage
GetTextAlign
PlayMetaFileRecord
SetStretchBltMode
ExcludeClipRect
GetDeviceCaps
PolyDraw
GetViewportExtEx
SelectObject
ExtTextOutW
ExtCreatePen
OffsetClipRgn
GetTextFaceW
ScaleWindowExtEx
GetCurrentPositionEx
DeleteMetaFile
CombineRgn
StartPage
GetClipRgn
CreateDIBPatternBrushPt
GetPaletteEntries
CreateCompatibleDC
GetMapMode
GetCharWidthW
CreateDCW
SelectClipRgn
CreatePalette
OffsetViewportOrgEx
SetMapperFlags
CopyMetaFileW
LineTo
GetPixel
CloseMetaFile
StretchDIBits
CreateRectRgn
PatBlt
SetColorAdjustment
GetObjectW
GetNearestColor
SetROP2
ExtSelectClipRgn
CreateFontW
OffsetRgn
SelectClipPath
CreatePen
CreateHatchBrush
PolylineTo
PlayMetaFile
LPtoDP
EnumFontFamiliesW
MoveToEx
GetClipBox
PolyBezierTo
SetWindowOrgEx
SetBrushOrgEx
GetStockObject
SetRectRgn
CreateCompatibleBitmap
IntersectClipRect
GetTextExtentPoint32W
SetMapMode
GetBkColor
GetPolyFillMode
ArcTo
GetStretchBltMode
SetBkMode
SetPolyFillMode
SetBkColor
SetTextColor
BitBlt
SetTextCharacterExtra
GetTextExtentPoint32A
SetAbortProc
RectVisible
CreateFontIndirectW
GetObjectType

msvcrt

__wargv
_purecall
iswspace
memmove
fclose
wcsftime
wcsncmp
_msize
_ltow
wcslen
wcstod
mktime
_get_osfhandle
wcsncpy
_except_handler3
wcspbrk
__CxxFrameHandler
_wtol
free
swprintf
_adjust_fdiv
fread
_wcsupr
_wcsdup
time
_wsplitpath
_expand
wcschr
iswdigit
_ultow
abort
__doserrno
_beginthreadex
wcstol
fseek
wcscmp
wcsstr
_snwprintf
_wtoi
_wcsrev
_CxxThrowException
wcscspn
_initterm
realloc
wcstoul
_open_osfhandle
floor
_wcsnicmp
__argc
_fdopen
vswprintf
localtime
gmtime
malloc
ftell
ceil
_onexit
_endthreadex
fflush
clearerr
__dllonexit
fgetws
wcscpy
fwrite
fputws
calloc
_itow
wcsrchr
modf
wcsspn
_wcslwr
_wfullpath

crypt32

RegEnumValueU

ole32

ReadClassStm
ReadClassStg
StgIsStorageFile
CoInitialize
OleCreateLinkFromData
OleInitialize
GetHGlobalFromILockBytes
StgCreateDocfile
CoTaskMemAlloc
RevokeDragDrop
OleDestroyMenuDescriptor
CoGetMalloc
CoTaskMemFree
OleLockRunning
CreateFileMoniker
GetRunningObjectTable
IsAccelerator
OleQueryCreateFromData
WriteClassStg
OleSave
OleUninitialize
GetClassFile
OleCreateStaticFromData
OleTranslateAccelerator
CreateDataCache
SetConvertStg
StgOpenStorage
CreateItemMoniker
OleSetClipboard
OleCreateMenuDescriptor
StringFromGUID2
CoDisconnectObject
CreateDataAdviseHolder
OleRegGetUserType
DoDragDrop
CreateStreamOnHGlobal
CreateBindCtx
OleLoadFromStream
WriteClassStm
OleQueryLinkFromData
CoRegisterMessageFilter
OleCreateFromFile
OleDuplicateData
OleSaveToStream
CoLockObjectExternal
StringFromCLSID
ReadFmtUserTypeStg
OleRun
OleFlushClipboard
CoRevokeClassObject
CoGetClassObject
StgOpenStorageOnILockBytes
OleIsRunning
WriteFmtUserTypeStg
CoUninitialize
StgCreateDocfileOnILockBytes
ReleaseStgMedium
CreateILockBytesOnHGlobal
OleLoad
CoRegisterClassObject
OleRegGetMiscStatus
OleSetMenuDescriptor
OleIsCurrentClipboard
CLSIDFromProgID
RegisterDragDrop
CoTreatAsClass
CoCreateInstance
OleGetClipboard
CreateGenericComposite
OleRegEnumVerbs
OleCreate
OleSetContainedObject
CoFreeUnusedLibraries
CLSIDFromString
OleCreateLinkToFile
CreateOleAdviseHolder
OleGetIconOfClass
OleCreateFromData

user32

SetWindowPos
CharNextW
EndDialog
SetActiveWindow
SetTimer
IsWindowVisible
GetWindowRect
CreateMenu
ReleaseDC
DefWindowProcW
PostThreadMessageW
GetDC
SetScrollInfo
CallNextHookEx
GetDesktopWindow
DrawFocusRect
GetLastActivePopup
PostMessageW
RemoveMenu
ScreenToClient
InSendMessage
GetSubMenu
SetPropW
TranslateAcceleratorW
SetMenu
RegisterWindowMessageW
SetCursor
MessageBoxA
WindowFromDC
SetRectEmpty
GetCapture
WindowFromPoint
WaitMessage
IsWindowEnabled
DeferWindowPos
LoadStringW
SetFocus
LoadMenuW
RegisterClipboardFormatW
IntersectRect
InvalidateRect
FillRect
TranslateMDISysAccel
GetMenuItemID
SetDlgItemTextW
SetParent
GetTabbedTextExtentA
CheckRadioButton
UpdateWindow
InflateRect
DefMDIChildProcW
SetWindowTextW
GetWindow
ClientToScreen
ScrollWindow
GetDCEx
wvsprintfW
GetMessageTime
MoveWindow
GetMenu
GetWindowThreadProcessId
LoadAcceleratorsW
UnionRect
CheckMenuItem
GetMessagePos
SetForegroundWindow
OffsetRect
GetWindowLongW
CheckDlgButton
DispatchMessageW
GetFocus
InsertMenuW
EqualRect
SystemParametersInfoA
KillTimer
BringWindowToTop
GetNextDlgTabItem
GetDlgCtrlID
SetCursorPos
MsgWaitForMultipleObjects
GetDlgItemTextW
GetActiveWindow
DefFrameProcW
IsDlgButtonChecked
IsZoomed
RedrawWindow
RemovePropW
GetDialogBaseUnits
wsprintfW
IsRectEmpty
SetMenuItemBitmaps
IsDialogMessageW
ShowScrollBar
IsWindow
IsChild
SetDlgItemInt
GetPropW
GetSystemMetrics
UnregisterClassW
ScrollWindowEx
CreateWindowExW
TrackPopupMenu
GetWindowTextLengthW
DestroyCursor
CharUpperW
GetScrollRange
EndDeferWindowPos
CreateDialogIndirectParamW
SendDlgItemMessageW
GetMenuItemCount
FindWindowW
SetWindowsHookExW
FrameRect
GetClientRect
LoadIconW
GetKeyState
GetSystemMenu
LoadBitmapW
SystemParametersInfoW
IsClipboardFormatAvailable
GetMenuCheckMarkDimensions
SendDlgItemMessageA
InvertRect
SetWindowPlacement
GetTabbedTextExtentW
GetParent
GetScrollInfo
GetDlgItemInt
ReuseDDElParam
CountClipboardFormats
MessageBoxW
PostQuitMessage
PeekMessageW
TranslateMessage
MapDialogRect
DestroyMenu
DrawTextW
GetMenuState
CopyRect
GetMenuStringW
SetCapture
GetClassNameW
LoadCursorW
GetWindowTextW
IsIconic
InvalidateRgn
SetScrollRange
AppendMenuW
GetCursorPos
SetWindowLongW
PtInRect
GetMessageW
DrawMenuBar
WinHelpW
EndPaint
DestroyIcon
SetWindowContextHelpId
GetWindowDC
BeginDeferWindowPos
BeginPaint
GetTopWindow
GetDlgItem
RegisterClassW
EnableWindow
GetClassInfoW
SetRect
MessageBeep
GetWindowPlacement
EnableMenuItem
ShowWindow
ModifyMenuW
TabbedTextOutW
ValidateRect
AdjustWindowRectEx
SendMessageW
GetSysColorBrush
GetScrollPos
GetSysColor
DeleteMenu
GrayStringW
UnhookWindowsHookEx
UnpackDDElParam
EnumChildWindows
LockWindowUpdate
MapWindowPoints
ClipCursor
SetScrollPos
CallWindowProcW
GetForegroundWindow
ShowOwnedPopups
CopyAcceleratorTableW
GetNextDlgGroupItem
DrawEdge
DestroyWindow
ReleaseCapture
GetAsyncKeyState

activeds

FreeADsMem

kernel32

GetFileAttributesW
GlobalLock
GlobalReAlloc
GlobalGetAtomNameW
ReadFile
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LocalUnlock
lstrcmpiW
GlobalFindAtomW
LeaveCriticalSection
SizeofResource
TlsGetValue
lstrcpyA
GetTickCount
IsDBCSLeadByte
MultiByteToWideChar
CreateSemaphoreW
SetFilePointer
GlobalUnlock
GetModuleHandleW
SetThreadPriority
Sleep
CreateMutexW
LocalAlloc
GetFileSize
GetProcessVersion
FindNextFileW
SetLastError
SetErrorMode
WideCharToMultiByte
CloseHandle
GetShortPathNameW
InterlockedDecrement
GetSystemInfo
GetModuleHandleA
CreateEventW
GlobalSize
lstrlenW
DeleteCriticalSection
DuplicateHandle
TlsSetValue
GetCurrentThreadId
OutputDebugStringW
TerminateProcess
GetTempPathW
GetUserDefaultLCID
lstrcpynA
SetFileTime
InterlockedCompareExchange
MoveFileW
SearchPathW
FindResourceW
LockFile
VirtualQuery
ResumeThread
GetVersion
ReleaseSemaphore
GlobalDeleteAtom
GetProfileIntW
GetPrivateProfileStringW
WriteFile
CopyFileW
VirtualProtect
LocalLock
FreeConsole
lstrcatW
FreeLibrary
GlobalHandle
lstrcmpiA
FlushFileBuffers
GetStringTypeExW
GetCurrentDirectoryW
GlobalAddAtomW
LocalFileTimeToFileTime
lstrcpyW
WaitForSingleObject
GetPrivateProfileIntW
GetModuleFileNameW
GetCurrentProcessId
TlsAlloc
LocalFree
WritePrivateProfileStringW
ReleaseMutex
GetCurrentProcess
lstrcmpW
FileTimeToSystemTime
TlsFree
LoadLibraryExA
GetVersionExA
GetVersionExW
FileTimeToLocalFileTime
GetCurrentThread
WaitForMultipleObjects
SetFileAttributesW
GetSystemDirectoryA
InterlockedIncrement
SetEndOfFile
FindFirstFileW
GetVolumeInformationW
GetTempFileNameW
lstrcpynW
FreeResource
GetThreadLocale
SystemTimeToFileTime
QueryPerformanceCounter
EnterCriticalSection
FormatMessageW
SuspendThread
GetProcAddress
DelayLoadFailureHook
VirtualAlloc
LoadLibraryA
lstrlenA
FindClose
UnhandledExceptionFilter
InitializeCriticalSection
lstrcatA
GetFullPathNameW
GlobalAlloc
FindResourceExW
LoadResource
LocalReAlloc
SetEvent
LockResource
GetDiskFreeSpaceW
GetFileTime
GlobalFlags
CreateFileW
GetLastError
MulDiv
DeleteFileW
UnlockFile
GlobalFree
lstrcmpA

advapi32

RegDeleteKeyW
RegCloseKey
RegSetValueW
RegDeleteValueW
RegOpenKeyExW
RegCreateKeyExW
RegCreateKeyW
RegQueryValueExW
RegSetValueExW
GetFileSecurityW
RegQueryValueW
RegOpenKeyW
SetFileSecurityW
RegEnumKeyW

wininet

InternetGetLastResponseInfoW
InternetSetStatusCallbackW
HttpOpenRequestW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetQueryDataAvailable
FtpGetFileW
HttpEndRequestW
InternetOpenW
HttpAddRequestHeadersW
FtpSetCurrentDirectoryW
InternetCrackUrlW
FtpOpenFileW
FtpDeleteFileW
InternetSetOptionExW
HttpQueryInfoW
FtpFindFirstFileW
GopherCreateLocatorW
InternetErrorDlg
FtpCreateDirectoryW
InternetGetCookieW
FtpRemoveDirectoryW
InternetReadFile
FtpPutFileW
HttpSendRequestW
InternetSetFilePointer
InternetFindNextFileW
InternetSetCookieW
GopherFindFirstFileW
GopherGetAttributeW
InternetWriteFile
InternetCloseHandle
InternetOpenUrlW
GopherOpenFileW
FtpGetCurrentDirectoryW
InternetConnectW
FtpRenameFileW
HttpSendRequestExW

Sections

.textbss
Size: - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2814c2da70cdb30365ca48a1ed17d3db

Headers

File Characteristics

Imports

gdi32

msvcrt

crypt32

ole32

user32

activeds

kernel32

advapi32

wininet

Sections

.textbss Size: - Virtual size: 144KB

.text Size: 512B - Virtual size: 432B

.data Size: 26KB - Virtual size: 26KB

.rdata Size: 512B - Virtual size: 32B

.idata Size: 16KB - Virtual size: 16KB

.textbss
Size: - Virtual size: 144KB

.text
Size: 512B - Virtual size: 432B

.data
Size: 26KB - Virtual size: 26KB

.rdata
Size: 512B - Virtual size: 32B

.idata
Size: 16KB - Virtual size: 16KB