47ec4fce84ff24a232cec6cac7cc7485_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

47ec4fce84ff24a232cec6cac7cc7485_JaffaCakes118
Size

2.2MB
MD5

47ec4fce84ff24a232cec6cac7cc7485
SHA1

a3d30ac6d34d1fe9533e17a7d8f500d9d16c71e2
SHA256

d9bf527e8dff0dd8cb43c3ac20b79a093a8c3276e26fc590ce1f802edc10b89e
SHA512

60d7b78bb1304943a9e7e3929cbf2bb3f05ce61a6c0b8cdfa1c888ccf4f5e860880aa9a484995b918732e9a7f76a6aa897bf962dc154f7f020b7c6a02e93f470
SSDEEP

24576:/den1I02kD/AcAeEEpHCh1Pzm3r/XG1jkseY5EQEMeqrwdU9TPDNRMWHSjRTJRAh:Vlkkcajh1BeCE4odeTPDNRMWytTu2hv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47ec4fce84ff24a232cec6cac7cc7485_JaffaCakes118

Files

47ec4fce84ff24a232cec6cac7cc7485_JaffaCakes118
.exe windows:4 windows x86 arch:x86

66578486d02f9b792a67b1ad56b533ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext
RegEnumKeyA
GetUserNameA
InitiateSystemShutdownA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegQueryInfoKeyA
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyA
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
DeregisterEventSource
ReportEventA
RegisterEventSourceA
RegCreateKeyA
ControlService
DeleteService
StartServiceA
CreateServiceA
QueryServiceStatus
RegOpenKeyA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegDeleteValueA
RegQueryValueA

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
ScaleWindowExtEx
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateRectRgnIndirect
GetRgnBox
CreateDIBSection
CreateSolidBrush
GetObjectA
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
CreateRectRgn
CombineRgn
OffsetRgn
DeleteObject
SetWindowExtEx
GetStockObject
CreatePolygonRgn

kernel32

FindCloseChangeNotification
FindFirstFileW
SetCurrentDirectoryW
GetLongPathNameA
GetLongPathNameW
GetFullPathNameW
FindFirstChangeNotificationA
FindFirstChangeNotificationW
GetModuleFileNameW
CopyFileW
CreateDirectoryW
DeleteFileW
RemoveDirectoryW
GetTempFileNameW
GetShortPathNameA
MoveFileExW
MoveFileW
SetFileAttributesA
SetFileAttributesW
ResetEvent
DeviceIoControl
GetTimeZoneInformation
GetWindowsDirectoryA
VerLanguageNameA
GetSystemDefaultLangID
GlobalMemoryStatus
GetVolumeInformationA
GetDriveTypeA
SetCommState
GetCommTimeouts
SetCommTimeouts
BuildCommDCBA
GetCommState
CommConfigDialogA
ReadConsoleA
WriteConsoleA
GetStdHandle
GetConsoleTitleA
GetConsoleTitleW
SetConsoleTitleW
GetFileAttributesA
FlushFileBuffers
LockFileEx
GetSystemTimeAsFileTime
GlobalFree
DuplicateHandle
lstrcpy
SetThreadPriority
GetTickCount
lstrcmpW
lstrcat
GlobalDeleteAtom
GlobalFindAtomA
FindNextFileW
GlobalGetAtomNameA
FreeResource
EnumResourceLanguagesA
ConvertDefaultLocale
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
SetErrorMode
GetOEMCP
GetCurrentDirectoryA
VirtualAlloc
TerminateProcess
HeapReAlloc
GetStartupInfoA
RtlUnwind
ExitThread
CreateThread
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
LockResource
GetFileType
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
FlushConsoleInputBuffer
lstrcmp
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
HeapAlloc
GetProcessHeap
HeapFree
FlushInstructionCache
IsDBCSLeadByteEx
GetFileSize
UnlockFile
LockFile
SetEndOfFile
ReadFile
GetCPInfo
LoadLibraryExW
LoadLibraryW
GetSystemInfo
VirtualProtect
FormatMessageA
LocalFree
FormatMessageW
SetUnhandledExceptionFilter
GetExitCodeProcess
CreateProcessA
GetComputerNameA
SetConsoleTitleA
AllocConsole
GetCommandLineA
GetCurrentThread
CreateEventA
lstrcpyn
IsDBCSLeadByte
FreeLibrary
LoadLibraryExA
SetEvent
GetCurrentProcess
GetSystemTime
SuspendThread
ReadFileEx
VirtualQuery
WritePrivateProfileStringA
GetPrivateProfileStringA
ExitProcess
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
LoadLibraryA
QueryPerformanceCounter
GetCurrentProcessId
WinExec
QueryPerformanceFrequency
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
ReleaseSemaphore
CreateSemaphoreA
WaitForSingleObject
FileTimeToLocalFileTime
Sleep
SleepEx
QueueUserAPC
WriteFileEx
ResumeThread
InterlockedExchangeAdd
MoveFileA
CopyFileA
DeleteFileA
RemoveDirectoryA
FindNextFileA
FindClose
FindFirstFileA
FileTimeToSystemTime
GetFileTime
SetCurrentDirectoryA
SystemTimeToFileTime
GetModuleFileNameA
FindResourceExA
SetConsoleCtrlHandler
LockResource
CreateFileW
SetLastError
SetFilePointer
WriteFile
CreateDirectoryA
GetSystemDirectoryA
GetTempFileNameA
GetTempPathA
CreateFileA
SizeofResource
LoadResource
FindResourceA
GetFullPathNameA
LeaveCriticalSection
EnterCriticalSection
CloseHandle
InterlockedDecrement
InterlockedIncrement
GetLastError
InterlockedExchange
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
GetThreadLocale
GetVersion
CompareStringW
CompareStringA
WideCharToMultiByte
RaiseException
lstrcmpi
lstrlenW
lstrlen
GetVersionExA
GetLocaleInfoA
GlobalAddAtomA
GetACP

oleaut32

SafeArrayCreate
SysAllocStringByteLen
SysAllocString
VariantCopy
VariantChangeType
VariantClear
SysFreeString
VariantInit
SysAllocStringLen
SafeArrayDestroy
SafeArrayLock
SafeArrayUnlock
SafeArrayRedim
VariantTimeToSystemTime
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SystemTimeToVariantTime
VariantCopyInd
VarUI4FromStr
SysStringLen
LHashValOfNameSys
OleCreateFontIndirect
LoadRegTypeLib
LoadTypeLib
OleLoadPicture
DispCallFunc
SysStringByteLen

user32

GetMenu
AdjustWindowRectEx
GetClassInfoA
GetDlgCtrlID
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
RegisterClipboardFormatA
SetWindowsHookExA
CallNextHookEx
GetKeyState
ValidateRect
GetMenuItemID
GetSubMenu
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetSystemMetrics
GetTopWindow
GetWindowThreadProcessId
RegisterClipboardFormatA
LoadIconA
CreateIconIndirect
CreateAcceleratorTableA
GetParent
GetClassNameA
RedrawWindow
DestroyAcceleratorTable
GetDlgItem
BeginPaint
EndPaint
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
FillRect
SetCapture
ReleaseCapture
GetSysColor
CallWindowProcA
RegisterClassExA
GetWindowTextLengthA
GetWindowTextA
EnableWindow
UpdateWindow
SetClassLongA
GetClassLongA
GetFocus
IsChild
GetActiveWindow
LoadCursorA
wsprintfA
GetClassInfoExA
IsWindow
SetWindowRgn
ShowScrollBar
SetFocus
SetActiveWindow
IsWindowEnabled
IsWindowVisible
GetClientRect
GetWindowRect
SetWindowPos
IsZoomed
IsIconic
CharUpperA
UnregisterClassA
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowTextA
ExitWindowsEx
GetForegroundWindow
ShowWindow
MessageBeep
PeekMessageA
CharNextA
MessageBoxA
PostThreadMessageA
PostQuitMessage
TrackPopupMenu
GetDoubleClickTime
SetForegroundWindow
GetCursorPos
DeleteMenu
GetMenuItemCount
SetMenuDefaultItem
InsertMenuA
EnableMenuItem
RegisterClassA
FindWindowA
DestroyCursor
DefWindowProcA
KillTimer
SetTimer
GetSystemMenu
PostMessageA
SendMessageA
DestroyWindow
CreateWindowExA
TranslateMessage
DispatchMessageA
GetMessageA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
DestroyMenu
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ClientToScreen
IsDialogMessage
GetSysColorBrush
SetCursor
WinHelpA
GetCapture
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetLastActivePopup
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetDesktopWindow

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

ole32

OleIsCurrentClipboard
CoRevokeClassObject
CoFreeUnusedLibraries
CoDisconnectObject
CoCreateGuid
OleFlushClipboard
WriteClassStm
OleUninitialize
OleInitialize
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
CoGetStandardMarshal
CoCreateFreeThreadedMarshaler
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
CLSIDFromProgID
CoCreateInstance
StringFromCLSID
CLSIDFromString
CoTaskMemFree
CoRegisterMessageFilter
ReadClassStm

Sections

.nsp0
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 596KB - Virtual size: 596KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

66578486d02f9b792a67b1ad56b533ac

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

oleaut32

user32

comdlg32

ole32

Sections

.nsp0 Size: 1.6MB - Virtual size: 1.6MB

.nsp1 Size: 596KB - Virtual size: 596KB

.nsp2 Size: 20KB - Virtual size: 20KB

.nsp0
Size: 1.6MB - Virtual size: 1.6MB

.nsp1
Size: 596KB - Virtual size: 596KB

.nsp2
Size: 20KB - Virtual size: 20KB