487cd31c3f7629d3c23c245495499f7a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

487cd31c3f7629d3c23c245495499f7a_JaffaCakes118
Size

196KB
MD5

487cd31c3f7629d3c23c245495499f7a
SHA1

456366dbf417abc9e36a62f7ed8b38f674173efc
SHA256

98b9d16b2a4cbfb58bb1fcf24c42af64d23f63c146b503fa34a2549f2e7aa5b0
SHA512

90153ceda42dfdd8ea13a26a8b8485fa521838edd6cbfd6e986557891254c3b34f4f2dff4c1ea57ad6195c2d1330ca3de397b36db7b63d2fe03b56be4b11ebe2
SSDEEP

3072:hC9Ydj7rPitaBfDdXhtaSPagT1NxcRlysbtHzxm39E/ZFFUMMnMMMMMX7I7DCwaT:aYdjH0ift7VxgEqyO+MMnMMMMMavlX4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
487cd31c3f7629d3c23c245495499f7a_JaffaCakes118

Files

487cd31c3f7629d3c23c245495499f7a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7bf6db475a82412f5726b86f5ca465f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumThreadWindows
SubtractRect
CharUpperA
DdeConnect
SetScrollPos
GetMenuState
SendDlgItemMessageA
DeferWindowPos
DdeClientTransaction
RegisterClipboardFormatA
GetMenuItemID
CopyAcceleratorTableA
SetWindowPos
IsCharAlphaA
GetCapture
GetDlgItem
SetForegroundWindow
GetMenu
keybd_event
DdeFreeDataHandle
ClientToScreen
MessageBeep
SetRect
DdeAbandonTransaction
DdeCreateStringHandleA
ShowScrollBar
GetDCEx
DrawTextA
MessageBoxIndirectA
GetWindowTextLengthA
CreatePopupMenu
AdjustWindowRectEx
KillTimer
RegisterClassA
GetClassNameA
GetWindow
InvalidateRect
GetQueueStatus
WindowFromPoint
GetCursorPos
DdeCmpStringHandles
CreateCaret
SetWindowContextHelpId
DdeFreeStringHandle
ShowCursor
GetLastActivePopup
GetClientRect
UnhookWindowsHookEx
DrawFrameControl
GetClipboardData
WaitForInputIdle
SetKeyboardState
GetSubMenu
IsWindowVisible
OpenClipboard
DestroyMenu
WinHelpA
SetFocus
DdeCreateDataHandle
MsgWaitForMultipleObjects
DestroyCursor
SetActiveWindow
EnableWindow
CreateIcon
SetCursorPos
SetWindowsHookExW
CharLowerA
GetSystemMetrics
InvalidateRgn
SetWindowTextA
UpdateWindow
ModifyMenuA
SetClipboardData
RemovePropA
GetMenuStringA
DispatchMessageA
PostMessageA
SetCursor
CharToOemBuffA
GetFocus
GetMessagePos
BeginDeferWindowPos
EndPaint
GetCaretBlinkTime
TranslateMDISysAccel
FrameRect
PtInRect
DdeGetData
AdjustWindowRect
CreateDialogParamA
IsClipboardFormatAvailable
GetDC
EqualRect
EndDeferWindowPos
CreateAcceleratorTableA
PeekMessageW
GetWindowThreadProcessId
DdeSetUserHandle
CheckMenuItem
WaitMessage
CloseClipboard
ReleaseCapture
CharLowerBuffA
CallWindowProcA
SendMessageA
GetIconInfo
IsIconic
SetParent
DefMDIChildProcA
GetClassInfoA
GetUpdateRgn
LoadImageA
GetSysColor
GetKeyState
UnregisterClassA
EnableMenuItem
OemToCharA
GetTabbedTextExtentA
DdeQueryConvInfo
GetParent
CreateMenu
DestroyWindow
ReleaseDC
FindWindowW
GetKeyboardState
GetMenuItemInfoA
CharPrevA
GetScrollInfo
IsDialogMessageA
AppendMenuA
CharLowerBuffW
RegisterClassExA
BeginPaint
GetDesktopWindow
DestroyIcon
DdeQueryStringA
GetScrollPos
SetPropA
SetCapture
SetDlgItemTextA
DialogBoxParamA
GetWindowLongA
VkKeyScanW
InflateRect
BringWindowToTop
GetCursor
MoveWindow
InsertMenuA
CreateCursor
GetPropA
AttachThreadInput
GetClipboardFormatNameA
OffsetRect
LoadStringA
SetMenu
DestroyAcceleratorTable
MapWindowPoints
SystemParametersInfoA
SetWindowsHookExA
CharNextA
SetCaretPos
GetUpdateRect
ClipCursor
SetWindowLongA
DrawIcon
CallNextHookEx
SetMenuItemInfoA
SetWindowRgn
EnumClipboardFormats
DdeDisconnect
EndDialog
GetDoubleClickTime
VkKeyScanA
GetKeyboardLayout
ShowCaret
GetWindowRgn
FindWindowA
GetSystemMenu
GetClassInfoExA
ToAscii
RemoveMenu
DdeInitializeA
DefFrameProcA
LoadIconA
TranslateMessage
GetAsyncKeyState
EmptyClipboard
SetMenuDefaultItem
PeekMessageA
TrackPopupMenu
ShowWindow
GetActiveWindow
CopyRect
DdeGetLastError
CharToOemA
GetMessageTime
DdeNameService
SetTimer
LoadCursorA
PostThreadMessageA
SetScrollInfo
CharUpperBuffW
IntersectRect
PostMessageW
IsChild
IsRectEmpty
CreateWindowExA
GetWindowRect
CharUpperBuffA
GetForegroundWindow
ScreenToClient
DefWindowProcA
GetCaretPos
GetMenuItemCount
DdePostAdvise
FillRect
DrawMenuBar
HideCaret
LoadBitmapA
LoadAcceleratorsA
DestroyCaret
DrawFocusRect
DdeUninitialize
DeleteMenu
LockWindowUpdate
wsprintfA
IsWindowEnabled
IsWindow
SetScrollRange
GetWindowTextA
PostQuitMessage
IsZoomed
TabbedTextOutA
GetWindowDC
MessageBoxA

gdi32

SetPixelV
SetBkColor
SelectClipRgn
GetROP2
StretchDIBits
CreatePenIndirect
PathToRegion
GetClipBox
CreateFontIndirectA
EndPath
CreateBitmap
AbortDoc
StretchBlt
SaveDC
MoveToEx
PlayMetaFile
GetWindowOrgEx
BeginPath
CreateHalftonePalette
SelectPalette
CombineRgn
CreateCompatibleDC
CreateEnhMetaFileA
CreateCompatibleBitmap
SetWindowOrgEx
SetBkMode
DeleteEnhMetaFile
DeleteObject
GetViewportExtEx
SetTextColor
SetMapMode
ExcludeClipRect
SetBrushOrgEx
RestoreDC
GetSystemPaletteEntries
SetStretchBltMode
GetWindowExtEx
LineTo
UnrealizeObject
CreatePalette
GetStockObject
CopyEnhMetaFileA
GetPixel
GetPaletteEntries
RealizePalette
CloseMetaFile
EndDoc
ExtCreateRegion
ResetDCA
CloseEnhMetaFile
ScaleWindowExtEx
CreateRectRgnIndirect
GetBkColor
SetAbortProc
DeleteDC
IntersectClipRect
StartPage
EnumFontsA
GetCurrentObject
GetEnhMetaFileHeader
CreatePatternBrush
GetTextExtentPoint32A
Pie
GetTextExtentPointA
PlayEnhMetaFile
CreateDCA
GetTextColor
BitBlt
GetDeviceCaps
GetObjectA
SetROP2
OffsetWindowOrgEx
WidenPath
CreateDIBSection
GetObjectType
CreateBrushIndirect
Ellipse
GetTextMetricsA
Rectangle
GetDIBits
EndPage
GetMapMode
SetViewportOrgEx
SelectObject
CreateDIBitmap
Escape
CreateHatchBrush
TextOutA
ExtTextOutA
SetWindowExtEx
CreateICA
CreateSolidBrush
DeleteMetaFile
CreateRoundRectRgn
CreateMetaFileA
CreateRectRgn
RoundRect
PatBlt
TranslateCharsetInfo
SetViewportExtEx
SetRectRgn
OffsetRgn
CreatePen
StartDocA
ScaleViewportExtEx
CreateEllipticRgnIndirect
Arc
GetNearestColor
GetBitmapBits
CopyMetaFileA
SetDIBColorTable
PtInRegion

ws2_32

WSAConnect

advapi32

RegEnumKeyA
RegSetValueA
DeregisterEventSource
RegDeleteValueA
RegQueryInfoKeyA
RegSetValueExW
AdjustTokenPrivileges
RegCreateKeyW
RegCreateKeyA
RegDeleteValueW
RegEnumValueA
RegEnumKeyW
SetSecurityDescriptorDacl
RegOpenKeyW
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegQueryValueA
OpenProcessToken
InitializeSecurityDescriptor
RegDeleteKeyW
RegQueryValueExW
RegEnumValueW
RegOpenKeyExA
ReportEventA
LookupPrivilegeValueA
RegisterEventSourceA
RegDeleteKeyA
RegOpenKeyA

ole32

StgCreateDocfile
StgCreateDocfileOnILockBytes
CLSIDFromProgID
OleConvertIStorageToOLESTREAM
WriteClassStg
CoMarshalInterface
OleIsRunning
OleQueryCreateFromData
ReleaseStgMedium
CoIsOle1Class
RevokeDragDrop
OleRegGetUserType
BindMoniker
CoLockObjectExternal
IIDFromString
OleCreateLink
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleConvertOLESTREAMToIStorage
OleCreateMenuDescriptor
OleLoadFromStream
StgOpenStorage
OleSaveToStream
OleGetClipboard
StringFromGUID2
CreateBindCtx
OleRun
CoGetClassObject
OleGetIconOfClass
RegisterDragDrop
StringFromCLSID
ReadClassStg
CreateOleAdviseHolder
OleDestroyMenuDescriptor
ProgIDFromCLSID
OleLoad
OleDuplicateData
OleDoAutoConvert
CoGetMalloc
CreateILockBytesOnHGlobal
OleCreateLinkToFile
OleLockRunning
OleQueryLinkFromData
OleCreateFromData
OleGetAutoConvert
OleInitialize
CoDisconnectObject
ReadClassStm
OleCreateLinkFromData
CoUnmarshalInterface
GetClassFile
OleCreateFromFile
CoRevokeClassObject
CreateStreamOnHGlobal
OleSetClipboard
CLSIDFromString
StgIsStorageILockBytes
OleSave
MkParseDisplayName
CreateDataAdviseHolder
OleUninitialize
OleSetMenuDescriptor
CoRegisterClassObject
OleFlushClipboard
DoDragDrop
CoCreateInstance
StgOpenStorageOnILockBytes
OleTranslateAccelerator
OleIsCurrentClipboard
IsAccelerator

kernel32

FreeResource
GlobalFree
CloseHandle
GetSystemDirectoryA
FormatMessageW
CreateDirectoryA
GetShortPathNameA
FindFirstFileA
ResumeThread
HeapReAlloc
MulDiv
SetStdHandle
SetHandleCount
DeleteCriticalSection
WideCharToMultiByte
GetStringTypeExA
VirtualAlloc
FlushFileBuffers
SetCurrentDirectoryA
GetLocalTime
LCMapStringW
TerminateProcess
LoadResource
GlobalSize
FindNextFileA
HeapDestroy
VirtualProtect
FlushInstructionCache
GetDateFormatA
WriteFile
TlsGetValue
GlobalAddAtomA
lstrcmpA
ResetEvent
TlsFree
CreateProcessW
lstrcpynA
HeapAlloc
FindClose
DuplicateHandle
GetVolumeInformationA
FindResourceA
MoveFileA
RemoveDirectoryA
GetUserDefaultLangID
GetSystemTime
InitializeCriticalSection
ExitThread
GetCurrentThreadId
GetProcAddress
FreeEnvironmentStringsA
HeapFree
GetVersionExA
_llseek
GetEnvironmentStringsW
GlobalDeleteAtom
lstrcpyA
GetUserDefaultLCID
InterlockedDecrement
CreateProcessA
GetTimeZoneInformation
FileTimeToLocalFileTime
LoadLibraryExA
GetEnvironmentStrings
UnlockFile
SetLastError
CreateSemaphoreA
GetFileAttributesA
SetFilePointer
TlsAlloc
GlobalUnlock
_lwrite
GetLastError
GetWindowsDirectoryA
MultiByteToWideChar
GlobalAlloc
CreateThread
SetEndOfFile
GetProfileStringA
SetLocalTime
GetFullPathNameA
GlobalHandle
SetFileAttributesA
lstrcmpiA
GetStartupInfoA
_lclose
FreeLibrary
ExitProcess
GetSystemDefaultLCID
VirtualFree
_lread
RaiseException
IsDBCSLeadByte
lstrcatA
InterlockedIncrement
GetOEMCP
HeapCreate
SizeofResource
GetStringTypeA
Sleep
EnterCriticalSection
HeapSize
GetCurrentDirectoryA
TlsSetValue
SetEvent
IsBadCodePtr
LeaveCriticalSection
GetStdHandle
FormatMessageA
GetModuleHandleA
WaitForSingleObject
GetFileType
GetSystemDefaultLangID
VirtualQuery
LCMapStringA
GetVersion
GetLocaleInfoA
IsBadReadPtr
ReadFile
GetStringTypeW
ReleaseSemaphore
SetEnvironmentVariableA
CompareStringA
LockFile
FileTimeToSystemTime
WinExec
GetCPInfo
RtlUnwind
CompareStringW
SetErrorMode
SystemTimeToFileTime
GetCurrentProcess
LockResource
GetSystemInfo
GetCommandLineA
lstrcmpiW
GetDriveTypeA
SearchPathA
CreateEventA
CreateFileA
GetModuleFileNameA
DeleteFileA
GlobalReAlloc
SetFileTime
GlobalLock
GetTempPathA
FreeEnvironmentStringsW
GetTickCount
UnhandledExceptionFilter
GetFileTime
lstrlenA
GetTempFileNameA
GetModuleFileNameW
LoadLibraryA
GetCurrentProcessId
GetACP
GetExitCodeProcess

olecli32

OleClone

ddraw

DirectDrawEnumerateA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bf6db475a82412f5726b86f5ca465f9

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

ws2_32

advapi32

ole32

kernel32

olecli32

ddraw

Sections

.text Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 56B

.idata Size: 16KB - Virtual size: 15KB

.rdata Size: 112KB - Virtual size: 111KB

.data Size: 4KB - Virtual size: 360KB

.rsrc Size: 52KB - Virtual size: 51KB

.text
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 56B

.idata
Size: 16KB - Virtual size: 15KB

.rdata
Size: 112KB - Virtual size: 111KB

.data
Size: 4KB - Virtual size: 360KB

.rsrc
Size: 52KB - Virtual size: 51KB