498ae2df1038ae28d2dc61add839f165_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

498ae2df1038ae28d2dc61add839f165_JaffaCakes118
Size

266KB
MD5

498ae2df1038ae28d2dc61add839f165
SHA1

9baba109ad863f0e5ccc419b60d86bd4bd7a306e
SHA256

1a6ff21d0f58b9c2d5a238ef2cd938492d07998e9b24b3f88649bc412abb5028
SHA512

9c655a064552141f7c1af0fbf0b302ace15204e89c930ca8963bf16490ce06a6cc2c411f3b43730e48e461b7a2461f3260e919df52c7f115962a9987acdba355
SSDEEP

6144:/CrDiSoMMnMMMMMaPvFKto/gtwuJNWCPwmihtqJRceYXA3Of:65oMMnMMMMMwvwto/iyComiocHXB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
498ae2df1038ae28d2dc61add839f165_JaffaCakes118

Files

498ae2df1038ae28d2dc61add839f165_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68f43e52f835cb7fa9a54951c4cd5154

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

olecli32

OleEqual

ws2_32

WSAAccept
WSAConnect

ole32

OleSave
OleCreateFromData
OleLoadFromStream
CLSIDFromProgID
ProgIDFromCLSID
ReleaseStgMedium
DoDragDrop
OleQueryLinkFromData
StgOpenStorageOnILockBytes
OleSetClipboard
WriteClassStg
OleConvertIStorageToOLESTREAM
OleGetClipboard
CoIsOle1Class
IsAccelerator
CreateStreamOnHGlobal
CreateDataAdviseHolder
RevokeDragDrop
StgCreateDocfile
OleDestroyMenuDescriptor
StgOpenStorage
CreateILockBytesOnHGlobal
OleSaveToStream
CoGetMalloc
OleCreateLinkToFile
OleRun
GetClassFile
OleSetMenuDescriptor
BindMoniker
CreateOleAdviseHolder
OleGetAutoConvert
StringFromGUID2
CoRevokeClassObject
OleCreateLink
CoMarshalInterface
RegisterDragDrop
IIDFromString
CoRegisterMessageFilter
OleRegGetUserType
ReadClassStg
OleUninitialize
StringFromCLSID
CoDisconnectObject
OleQueryCreateFromData
OleLoad
CreateBindCtx
OleDuplicateData
ReadClassStm
OleCreateFromFile
CoFreeUnusedLibraries
CoRegisterClassObject
MkParseDisplayName
StgIsStorageILockBytes
OleInitialize
OleTranslateAccelerator
CoCreateInstance
StgCreateDocfileOnILockBytes
CoGetClassObject
CLSIDFromString
OleLockRunning
CoUnmarshalInterface
OleCreateMenuDescriptor
OleIsRunning
OleCreateLinkFromData
OleFlushClipboard
OleConvertOLESTREAMToIStorage
OleIsCurrentClipboard
OleGetIconOfClass
OleDoAutoConvert
CoLockObjectExternal

advapi32

RegEnumValueW
RegisterEventSourceA
RegOpenKeyW
RegDeleteValueW
RegDeleteValueA
RegSetValueExW
RegCreateKeyW
DeregisterEventSource
RegDeleteKeyA
RegQueryValueA
InitializeSecurityDescriptor
RegDeleteKeyW
RegEnumValueA
RegQueryValueExW
RegQueryInfoKeyA
RegEnumKeyA
AdjustTokenPrivileges
ReportEventA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
OpenProcessToken
RegOpenKeyA
LookupPrivilegeValueA
RegSetValueA
RegCreateKeyA
RegEnumKeyW
SetSecurityDescriptorDacl
RegCloseKey

user32

EndDialog
CreatePopupMenu
GetMenuItemCount
wsprintfA
GetDC
GetActiveWindow
DdeAbandonTransaction
GetClassInfoA
SetFocus
ShowWindow
BeginPaint
BringWindowToTop
GetParent
PostQuitMessage
CharLowerBuffW
GetClipboardData
DdePostAdvise
GetWindowTextA
SetCursorPos
GetAsyncKeyState
RegisterClassExA
UpdateWindow
RegisterClipboardFormatA
CloseClipboard
ModifyMenuA
SetDlgItemTextA
WaitMessage
PeekMessageA
keybd_event
EnableWindow
CharLowerBuffA
GetScrollInfo
WinHelpA
GetPropA
DrawMenuBar
FindWindowA
PostMessageA
SetScrollInfo
ShowCursor
IsWindowEnabled
CharNextA
EndPaint
DestroyWindow
GetMenuState
SetMenuItemInfoA
SystemParametersInfoA
ClipCursor
SetKeyboardState
IsWindowVisible
DdeConnect
SubtractRect
GetDlgItem
SetCaretPos
SetWindowRgn
DdeCreateStringHandleA
GetCaretBlinkTime
SetWindowLongA
PtInRect
TranslateMessage
GetUpdateRect
GetMenu
HideCaret
CharPrevA
LoadStringA
SetCapture
GetCursor
LoadImageA
ShowCaret
MessageBoxA
GetFocus
WaitForInputIdle
DdeFreeStringHandle
GetSystemMenu
SetClipboardData
AttachThreadInput
VkKeyScanW
DrawTextA
GetCapture
CreateWindowExA
CopyRect
DdeClientTransaction
CharToOemBuffA
GetDesktopWindow
CheckMenuItem
CreateCaret
MsgWaitForMultipleObjects
GetClassInfoExA
TrackPopupMenu
EnableMenuItem
GetWindowTextLengthA
InsertMenuA
GetKeyState
CreateAcceleratorTableA
SetWindowContextHelpId
EqualRect
ToAscii
OemToCharA
GetWindowDC
CreateIcon
GetMenuItemID
InvalidateRect
RegisterClassA
GetDCEx
CreateMenu
SetParent
SendDlgItemMessageA
DrawFocusRect
DefMDIChildProcA
CopyAcceleratorTableA
GetTabbedTextExtentA
GetWindowThreadProcessId
ShowScrollBar
VkKeyScanA
DdeGetLastError
CreateDialogParamA
PostMessageW
CharUpperA
MoveWindow
GetSubMenu
ReleaseCapture
GetForegroundWindow
SetMenu
SetWindowPos
RemovePropA
MessageBoxIndirectA
GetQueueStatus
DestroyAcceleratorTable
GetUpdateRgn
GetDoubleClickTime
SetForegroundWindow
DdeQueryStringA
CharUpperBuffA
GetKeyboardState
SetCursor
CharLowerA
DefWindowProcA
DrawFrameControl
SetTimer
OffsetRect
SetWindowsHookExA
SetMenuDefaultItem
BeginDeferWindowPos
AppendMenuA
ClientToScreen
GetClipboardFormatNameA
CreateCursor
GetKeyboardLayout
CharUpperBuffW
GetIconInfo
IsWindow
EnumThreadWindows
InflateRect
KillTimer
AdjustWindowRectEx
ReleaseDC
MapWindowPoints
FindWindowW
DestroyCaret
InvalidateRgn
DdeFreeDataHandle
CallWindowProcA
DdeCreateDataHandle
CharToOemA
SetActiveWindow
SetWindowsHookExW
AdjustWindowRect
EnumClipboardFormats
GetClientRect
FrameRect
GetScrollPos
LoadAcceleratorsA
GetWindowRgn
DeferWindowPos
SetWindowTextA
DestroyIcon
LoadBitmapA
IsCharAlphaA
CallNextHookEx
UnregisterClassA
GetWindow
DdeDisconnect
SetScrollRange
GetSystemMetrics
GetLastActivePopup
DestroyMenu
DrawIcon
GetWindowLongA
TabbedTextOutA
DdeNameService
DialogBoxParamA
DdeQueryConvInfo
GetWindowRect
GetMenuItemInfoA
ScreenToClient
GetClassNameA
DestroyCursor
SetPropA
RemoveMenu
GetMessageTime
IntersectRect
IsZoomed
EmptyClipboard
FillRect
SetRect
EndDeferWindowPos
PostThreadMessageA
DeleteMenu
DdeSetUserHandle
IsIconic
GetCursorPos
IsClipboardFormatAvailable
IsRectEmpty
GetSysColor
LoadIconA
IsDialogMessageA
DispatchMessageA
DdeCmpStringHandles
PeekMessageW
SetScrollPos
TranslateMDISysAccel
MessageBeep
IsChild
LoadCursorA
GetMenuStringA
DefFrameProcA
LockWindowUpdate
WindowFromPoint
GetMessagePos
UnhookWindowsHookEx
GetCaretPos
DdeInitializeA
DdeGetData
OpenClipboard
DdeUninitialize
SendMessageA

ddraw

DirectDrawEnumerateA

kernel32

WideCharToMultiByte
ReadFile
GetFileTime
GetStdHandle
UnhandledExceptionFilter
SetErrorMode
ReleaseSemaphore
LoadLibraryA
GetVersion
GetModuleFileNameW
GetSystemDefaultLCID
HeapReAlloc
GetCurrentProcess
TlsFree
TerminateProcess
SetEnvironmentVariableA
GetSystemInfo
GetModuleHandleA
GetDriveTypeA
Sleep
HeapAlloc
CreateProcessW
lstrcatA
DuplicateHandle
FreeLibrary
lstrcmpiA
_lclose
MultiByteToWideChar
LeaveCriticalSection
SearchPathA
SetStdHandle
GetProcAddress
SystemTimeToFileTime
GetDateFormatA
FreeResource
GetEnvironmentStringsW
GetFileAttributesA
_lread
GlobalAlloc
WaitForSingleObject
GetUserDefaultLangID
MoveFileA
GetLocaleInfoA
GetModuleFileNameA
GetExitCodeProcess
SetFileTime
GlobalDeleteAtom
TlsAlloc
lstrcmpiW
WinExec
CompareStringW
WriteFile
GetSystemTime
GetLocalTime
GetCPInfo
GetStringTypeExA
TlsGetValue
SetFileAttributesA
GetTempFileNameA
DeleteFileA
CreateFileA
IsDBCSLeadByte
GetUserDefaultLCID
SetHandleCount
CreateDirectoryA
FreeEnvironmentStringsW
lstrlenA
RaiseException
LoadResource
InterlockedIncrement
_llseek
SetEndOfFile
FreeEnvironmentStringsA
HeapDestroy
GetCurrentDirectoryA
LockResource
GetTimeZoneInformation
VirtualFree
CreateSemaphoreA
FileTimeToLocalFileTime
FindResourceA
GlobalSize
GetSystemDefaultLangID
InterlockedDecrement
GetVolumeInformationA
lstrcpynA
SetLastError
ExitThread
EnterCriticalSection
GetProfileStringA
TlsSetValue
GetSystemDirectoryA
lstrcmpA
UnlockFile
GetTempPathA
SetFilePointer
FindNextFileA
RemoveDirectoryA
GetOEMCP
GetFileType
LoadLibraryExA
FormatMessageW
GetCurrentProcessId
SetEvent
GetLastError
LCMapStringA
VirtualQuery
CreateThread
CompareStringA
FormatMessageA
IsBadReadPtr
VirtualAlloc
LockFile
GlobalUnlock
_lwrite
GlobalReAlloc
LCMapStringW
HeapCreate
SetLocalTime
GetStringTypeW
VirtualProtect
FindClose
GetCommandLineA
GetEnvironmentStrings
lstrcpyA
GetStringTypeA
CreateProcessA
DeleteCriticalSection
GetCurrentThreadId
FindFirstFileA
GlobalLock
CloseHandle
GetWindowsDirectoryA
FileTimeToSystemTime
GetShortPathNameA
GlobalAddAtomA
RtlUnwind
IsBadCodePtr
HeapFree
GetTickCount
MulDiv
ExitProcess
SizeofResource
ResumeThread
ResetEvent
HeapSize
GetACP
GetStartupInfoA
FlushInstructionCache
FlushFileBuffers
GetFullPathNameA
InitializeCriticalSection
GlobalFree
GlobalHandle
CreateEventA
GetVersionExA
SetCurrentDirectoryA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 520KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68f43e52f835cb7fa9a54951c4cd5154

Headers

File Characteristics

Imports

olecli32

ws2_32

ole32

advapi32

user32

ddraw

kernel32

Sections

.text Size: 4KB - Virtual size: 1KB

.idata Size: 16KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 2.0MB

.rsrc Size: 520KB - Virtual size: 516KB

.rdata Size: 8KB - Virtual size: 5KB

.text
Size: 4KB - Virtual size: 1KB

.idata
Size: 16KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 2.0MB

.rsrc
Size: 520KB - Virtual size: 516KB

.rdata
Size: 8KB - Virtual size: 5KB