469393cb37dc195c57f4cd9e8167e21c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

469393cb37dc195c57f4cd9e8167e21c_JaffaCakes118
Size

552KB
MD5

469393cb37dc195c57f4cd9e8167e21c
SHA1

d6f1571e83d1ea73f2ed5a8908f45e6f4049ef6d
SHA256

1944c4a1f33a88a7d29c1d24652240a0d6046427cc7c232ab0f62ae049d3d100
SHA512

d7fe86a550af4758c27a3b5e43dcb676c6151643772b6411ea783f756ca713bd8918e2fa3aafa9e228922fc50f10a69343cd9dd325fe152d495ecebce693933b
SSDEEP

12288:SQwmD4IURSiuMMnMMMMMz8KN5wz2zYR21SAB470BVLUfT1Vo0R1f8qxNS:JD45fuMMnMMMMMz8KPwz2MROu0oTA4lI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
469393cb37dc195c57f4cd9e8167e21c_JaffaCakes118

Files

469393cb37dc195c57f4cd9e8167e21c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b5a660b81ea74f676abbf9a8f2e162a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAConnect

ole32

IsAccelerator
BindMoniker
OleDestroyMenuDescriptor
CLSIDFromProgID
OleCreateMenuDescriptor
ProgIDFromCLSID
RevokeDragDrop
OleInitialize
MkParseDisplayName
StringFromCLSID
OleUninitialize
OleCreateFromData
OleGetAutoConvert
OleGetIconOfClass
OleSave
StgCreateDocfile
CoMarshalInterface
CoRevokeClassObject
CoGetMalloc
OleQueryCreateFromData
OleLockRunning
OleCreateLink
OleDoAutoConvert
OleCreateLinkToFile
CoLockObjectExternal
ReleaseStgMedium
CoFreeUnusedLibraries
OleRegGetUserType
OleConvertOLESTREAMToIStorage
CoDisconnectObject
OleFlushClipboard
OleCreateLinkFromData
OleDuplicateData
StgIsStorageILockBytes
OleQueryLinkFromData
StringFromGUID2
CreateOleAdviseHolder
CLSIDFromString
OleTranslateAccelerator
CreateDataAdviseHolder
OleLoad
OleSaveToStream
StgOpenStorageOnILockBytes
ReadClassStm
OleIsCurrentClipboard
OleSetClipboard
OleRun
ReadClassStg
CreateBindCtx
OleConvertIStorageToOLESTREAM
WriteClassStg
StgOpenStorage
RegisterDragDrop
OleCreateFromFile
OleLoadFromStream
CoRegisterClassObject
CoGetClassObject
OleGetClipboard
IIDFromString
CreateStreamOnHGlobal
DoDragDrop
GetClassFile
CoRegisterMessageFilter
CoUnmarshalInterface
CoIsOle1Class
OleSetMenuDescriptor
CoCreateInstance
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleIsRunning

user32

GetWindowThreadProcessId
DdeClientTransaction
CharLowerBuffW
ClipCursor
InvalidateRect
SetParent
GetCursorPos
GetCapture
CreateAcceleratorTableA
GetMenuItemID
DispatchMessageA
GetMenuStringA
CreateMenu
SetMenuItemInfoA
RegisterClassExA
CreateCaret
OpenClipboard
EnumThreadWindows
PeekMessageW
MessageBeep
wsprintfA
GetWindowTextLengthA
GetCaretPos
ModifyMenuA
MoveWindow
DestroyAcceleratorTable
CharToOemBuffA
GetKeyState
ShowCursor
OemToCharA
EnableMenuItem
DestroyIcon
IsIconic
EnableWindow
RemovePropA
IsCharAlphaA
CheckMenuItem
UnhookWindowsHookEx
ReleaseCapture
GetDlgItem
AppendMenuA
CharUpperA
GetScrollPos
SetMenu
GetClipboardFormatNameA
DdeQueryStringA
BeginPaint
DestroyMenu
DdeUninitialize
EqualRect
GetWindowTextA
PostMessageW
SetScrollRange
DeleteMenu
IsWindow
ScreenToClient
GetUpdateRect
EndPaint
LockWindowUpdate
UnregisterClassA
DdeGetData
DdeSetUserHandle
GetSysColor
IsZoomed
SetClipboardData
CharUpperBuffW
keybd_event
GetActiveWindow
IsRectEmpty
SetCaretPos
SystemParametersInfoA
InsertMenuA
IsWindowVisible
IsChild
SetWindowPos
IsWindowEnabled
GetTabbedTextExtentA
HideCaret
WaitMessage
ShowCaret
DefFrameProcA
PostMessageA
DrawMenuBar
SendMessageA
DrawIcon
SetPropA
SetWindowRgn
EndDialog
GetQueueStatus
CharLowerA
CreateCursor
MessageBoxA
GetClassInfoA
EndDeferWindowPos
CharToOemA
DdeInitializeA
SetKeyboardState
GetUpdateRgn
InflateRect
GetClipboardData
ClientToScreen
SetScrollPos
GetSubMenu
DdeFreeStringHandle
CloseClipboard
GetMenuItemInfoA
LoadIconA
SetWindowTextA
GetMenuState
FindWindowW
DdeAbandonTransaction
GetCaretBlinkTime
GetSystemMenu
ShowScrollBar
LoadBitmapA
SetMenuDefaultItem
SetForegroundWindow
AdjustWindowRectEx
PostThreadMessageA
CharUpperBuffA
UpdateWindow
SetWindowContextHelpId
GetMenu
GetScrollInfo
SetCapture
MsgWaitForMultipleObjects
SetCursorPos
DdeQueryConvInfo
TabbedTextOutA
InvalidateRgn
GetWindowRgn
DefWindowProcA
DestroyCaret
DdePostAdvise
CreateDialogParamA
DdeDisconnect
DrawFocusRect
DdeCreateDataHandle
SetWindowsHookExA
RemoveMenu
DdeFreeDataHandle
GetClientRect
GetWindowRect
MessageBoxIndirectA
SetScrollInfo
WinHelpA
ToAscii
TrackPopupMenu
CreatePopupMenu
GetClassInfoExA
EmptyClipboard
ShowWindow
GetDesktopWindow
AdjustWindowRect
SetWindowsHookExW
ReleaseDC
GetWindow
GetMessageTime
TranslateMDISysAccel
CallWindowProcA
GetKeyboardState
GetDC
SetRect
DrawTextA
GetWindowDC
WaitForInputIdle
GetMenuItemCount
PostQuitMessage
DeferWindowPos
CreateIcon
GetAsyncKeyState
DestroyWindow
GetIconInfo
FrameRect
VkKeyScanA
AttachThreadInput
DrawFrameControl
CreateWindowExA
DdeConnect
GetKeyboardLayout
SetActiveWindow
GetMessagePos
GetLastActivePopup
IsClipboardFormatAvailable
DdeNameService
EnumClipboardFormats
DdeCmpStringHandles
SetCursor
GetCursor
IsDialogMessageA
WindowFromPoint
PtInRect
SetDlgItemTextA
RegisterClassA
GetDCEx
SubtractRect
TranslateMessage
CharLowerBuffA
LoadAcceleratorsA
DefMDIChildProcA
GetClassNameA
LoadCursorA
GetPropA
MapWindowPoints
CallNextHookEx
GetSystemMetrics
SetWindowLongA
SetFocus
GetForegroundWindow
VkKeyScanW
CharNextA
DialogBoxParamA
OffsetRect
FindWindowA
BringWindowToTop
CopyAcceleratorTableA
LoadImageA
DdeCreateStringHandleA
GetFocus
RegisterClipboardFormatA
DdeGetLastError
CopyRect
LoadStringA
BeginDeferWindowPos
GetDoubleClickTime
IntersectRect
KillTimer
SendDlgItemMessageA
FillRect
GetWindowLongA
SetTimer
DestroyCursor
CharPrevA
PeekMessageA
GetParent

kernel32

lstrcpynA
SetHandleCount
lstrlenA
GetSystemTime
CreateFileA
lstrcpyA
GlobalAddAtomA
FindClose
GetUserDefaultLCID
GetTimeZoneInformation
lstrcmpiW
GetVersionExA
GetSystemInfo
SetErrorMode
GlobalSize
MulDiv
TlsSetValue
LoadLibraryA
SetFileAttributesA
GetDriveTypeA
FormatMessageW
FlushInstructionCache
SetEndOfFile
GetCommandLineA
TlsAlloc
GetWindowsDirectoryA
InterlockedDecrement
ReadFile
EnterCriticalSection
DeleteCriticalSection
TlsGetValue
GlobalDeleteAtom
FlushFileBuffers
FreeEnvironmentStringsW
IsBadReadPtr
ReleaseSemaphore
RaiseException
GetDateFormatA
FileTimeToSystemTime
SetCurrentDirectoryA
LCMapStringA
GetVersion
GetStringTypeW
GetProcAddress
InitializeCriticalSection
lstrcmpA
GlobalLock
FileTimeToLocalFileTime
CloseHandle
VirtualFree
_llseek
GetLocalTime
GetACP
MultiByteToWideChar
GetEnvironmentStrings
CompareStringW
HeapDestroy
_lclose
ExitThread
GetStringTypeExA
FreeLibrary
WaitForSingleObject
GetFullPathNameA
FreeEnvironmentStringsA
RtlUnwind
Sleep
GlobalAlloc
HeapSize
VirtualAlloc
GetLocaleInfoA
FindResourceA
GetVolumeInformationA
GetOEMCP
CreateSemaphoreA
InterlockedIncrement
CreateThread
IsDBCSLeadByte
ResumeThread
UnhandledExceptionFilter
lstrcatA
GetFileAttributesA
GlobalUnlock
GetTickCount
FindFirstFileA
GlobalReAlloc
ResetEvent
TlsFree
CreateProcessW
HeapReAlloc
ExitProcess
RemoveDirectoryA
SetFileTime
SizeofResource
GetStartupInfoA
GlobalFree
LoadResource
CreateDirectoryA
HeapAlloc
CompareStringA
SetEvent
GetSystemDefaultLangID
GetCurrentDirectoryA
TerminateProcess
FormatMessageA
GlobalHandle
SetLastError
GetFileType
SystemTimeToFileTime
WriteFile
GetEnvironmentStringsW
LockResource
GetExitCodeProcess
WideCharToMultiByte
SetEnvironmentVariableA
UnlockFile
GetModuleFileNameA
VirtualQuery
FreeResource
LoadLibraryExA
GetCurrentThreadId
_lwrite
DuplicateHandle
GetModuleHandleA
GetCurrentProcessId
SearchPathA
SetFilePointer
MoveFileA
DeleteFileA
GetFileTime
HeapCreate
FindNextFileA
CreateEventA
GetProfileStringA
LeaveCriticalSection
LockFile
GetSystemDefaultLCID
GetShortPathNameA
lstrcmpiA
GetStdHandle
GetUserDefaultLangID
HeapFree
GetCurrentProcess
SetStdHandle
GetTempPathA
CreateProcessA
LCMapStringW
GetStringTypeA
GetSystemDirectoryA
VirtualProtect
_lread
GetModuleFileNameW
GetLastError
IsBadCodePtr
SetLocalTime
WinExec
GetCPInfo
GetTempFileNameA

ddraw

DirectDrawEnumerateA

advapi32

RegEnumValueW
InitializeSecurityDescriptor
RegDeleteKeyA
RegCreateKeyW
RegQueryValueA
RegDeleteValueW
SetSecurityDescriptorDacl
RegSetValueA
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyW
RegSetValueExW
RegQueryValueExA
DeregisterEventSource
RegEnumKeyA
ReportEventA
OpenProcessToken
RegEnumValueA
AdjustTokenPrivileges
RegOpenKeyA
RegisterEventSourceA
RegSetValueExA
RegDeleteValueA
RegQueryInfoKeyA
RegQueryValueExW
LookupPrivilegeValueA
RegCloseKey
RegCreateKeyA
RegOpenKeyExA

olecli32

OleClone

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 348KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6b5a660b81ea74f676abbf9a8f2e162a

Headers

File Characteristics

Imports

ws2_32

ole32

user32

kernel32

ddraw

advapi32

olecli32

Sections

.text Size: 4KB - Virtual size: 1KB

.rdata Size: 96KB - Virtual size: 95KB

.idata Size: 16KB - Virtual size: 12KB

.rsrc Size: 84KB - Virtual size: 83KB

.data Size: 348KB - Virtual size: 2.0MB

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 96KB - Virtual size: 95KB

.idata
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 84KB - Virtual size: 83KB

.data
Size: 348KB - Virtual size: 2.0MB