5d49557658b92e8642e1493cf222fa16_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5d49557658b92e8642e1493cf222fa16_JaffaCakes118
Size

5.8MB
MD5

5d49557658b92e8642e1493cf222fa16
SHA1

57b73455a3a36abb6d242ca08b03a0bd3d9614b6
SHA256

d813e79e6a690012ce90457cb5e264dd1461d7986850c14b63b5e09e185a8c8d
SHA512

b1ff82b98a4455427a4f3ea29e38ab0a212e4a9ab6049dcd8ab3e2f7676d15b960eb3d621d51ff2819a578bf6faececbaa96ca863774d1bc703216bd6ea2bd73
SSDEEP

98304:ZGOGoawK99vYkj7Q0R41W95L+h1SD1s1ndT8hZAVL7eD6GcZlm9jA5IfQ/4mp7j2:9awK99vYkj7Q0O1W95L+hYD1idAEVL7O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d49557658b92e8642e1493cf222fa16_JaffaCakes118

Files

5d49557658b92e8642e1493cf222fa16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b245c2873ef73d61e63ac40105326fb6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

powerpnt.pdb

Imports

msvcrt

_controlfp
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
?terminate@@YAXXZ
_onexit
__dllonexit
wcscmp
_CIexp
rand
wcsstr
wcstod
iswspace
_wtoi
_fpreset
_clearfp
_wcsnicmp
qsort
__CxxFrameHandler
wcschr
_CIfmod
_CIasin
_CIacos
_CIsinh
_CIcosh
_CItanh
_finite
_CIpow
strncmp
wcsncmp
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
memmove
wcslen
_wcsicmp
floor
ceil
_CxxThrowException
_except_handler3

kernel32

GetCurrentThread
SetThreadPriority
WaitForMultipleObjects
ResumeThread
CreateThread
SystemTimeToFileTime
GetSystemTime
IsDBCSLeadByte
Sleep
QueryDosDeviceW
GetLogicalDrives
RemoveDirectoryW
SetFileAttributesW
GetSystemDefaultLCID
CompareFileTime
GetUserDefaultLCID
MoveFileExW
GetDriveTypeW
FormatMessageW
GetLocaleInfoW
GetThreadLocale
GetDateFormatW
GetTimeFormatW
GetComputerNameW
FileTimeToSystemTime
GetTimeZoneInformation
FileTimeToLocalFileTime
IsValidCodePage
IsDBCSLeadByteEx
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringW
SearchPathW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetThreadExecutionState
GetShortPathNameW
GetFileSize
FindNextFileW
CompareStringW
TlsGetValue
TlsSetValue
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStartupInfoA
ResetEvent
GetACP
GetStringTypeExW
SizeofResource
GetSystemDirectoryW
lstrcmpiA
MultiByteToWideChar
LoadLibraryA
FreeLibrary
GetSystemDefaultLangID
GetFullPathNameW
GetLongPathNameW
WriteFile
CreateDirectoryW
FindFirstFileW
FindClose
CreateFileW
SetFileTime
ReadFile
SetFilePointer
GetDiskFreeSpaceW
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
FindResourceW
LoadResource
LockResource
CopyFileW
GetTempPathW
GetTempFileNameW
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
GetLocalTime
MulDiv
CreateProcessW
GetCurrentProcess
SetProcessWorkingSetSize
WaitForSingleObject
SetErrorMode
GetTickCount
CloseHandle
SetEvent
GetCurrentThreadId
GlobalGetAtomNameW
GlobalDeleteAtom
SetCurrentDirectoryW
SetUnhandledExceptionFilter
GetCurrentDirectoryW
GlobalAddAtomW
OutputDebugStringA
GetModuleFileNameW
SetLastError
GetLastError
LoadLibraryW
DeleteFileW
GetStartupInfoW
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetCommandLineW
ExitProcess
GlobalSize
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GlobalMemoryStatus
InterlockedExchange
LocalAlloc
FormatMessageA
LoadLibraryExW
OpenFile
LoadLibraryExA
LocalFree
CreateEventW
RaiseException

gdi32

GetViewportOrgEx
GetTextAlign
SelectObject
Ellipse
RoundRect
SetPixel
Escape
SetRectRgn
PlayMetaFileRecord
PlayEnhMetaFileRecord
CreatePatternBrush
CreateBitmap
OffsetWindowOrgEx
ExtCreatePen
CreatePen
SetROP2
ExtSelectClipRgn
RestoreDC
SaveDC
Polyline
GetPixel
OffsetViewportOrgEx
ResetDCW
EndPage
StartPage
SetAbortProc
StartDocW
AbortDoc
EndDoc
CreateICW
GetNearestColor
FillRgn
CreateCompatibleDC
CreateDIBSection
AnimatePalette
Pie
CreateCompatibleBitmap
CreateDIBPatternBrushPt
CreateBrushIndirect
BitBlt
DPtoLP
GetCurrentObject
LPtoDP
Rectangle
SetMetaFileBitsEx
GetEnhMetaFileW
GetEnhMetaFileHeader
GetWinMetaFileBits
EnumEnhMetaFile
EnumMetaFile
SetDIBits
GetBitmapBits
GetEnhMetaFileBits
StretchDIBits
GetMetaFileBitsEx
GetObjectType
DeleteMetaFile
DeleteEnhMetaFile
GetOutlineTextMetricsW
ExtEscape
GetTextCharsetInfo
GetFontData
EnumFontFamiliesExW
ExcludeClipRect
IntersectClipRect
GetTextFaceW
SetTextAlign
CreateDIBitmap
SetStretchBltMode
StretchBlt
CreateSolidBrush
GetClipBox
GetTextMetricsW
CreateFontIndirectW
GdiFlush
SetDIBColorTable
GetObjectA
SetLayout
Polygon
SetBkMode
SetTextColor
MoveToEx
LineTo
CreateDCW
SetMapMode
SetWindowOrgEx
DeleteDC
GetRasterizerCaps
CreatePalette
GetSystemPaletteUse
GetDeviceCaps
GetSystemPaletteEntries
GetPaletteEntries
UpdateColors
GetRgnBox
SelectPalette
RealizePalette
PatBlt
GetBkColor
GetTextColor
SelectClipRgn
RectVisible
CreateRectRgn
OffsetRgn
CreateRectRgnIndirect
CombineRgn
DeleteObject
SetBkColor
ExtTextOutW
SetViewportOrgEx
GetStockObject
GetObjectW
GetClipRgn

user32

SendMessageA
DrawMenuBar
SetMenu
GetMenu
RegisterClassW
RegisterClassExW
IsWindowVisible
LoadCursorA
MoveWindow
GetSysColor
CreateMDIWindowW
GetMonitorInfoW
SetFocus
SetCaretPos
CreateCaret
GetTopWindow
GetUpdateRgn
IntersectRect
ClientToScreen
InvalidateRect
InvalidateRgn
ValidateRect
ScreenToClient
SetTimer
GetCaretBlinkTime
KillTimer
DestroyCaret
GetWindowLongA
WindowFromPoint
GetCapture
GetCursorPos
EqualRect
SetCursorPos
GetSystemMetrics
TranslateMDISysAccel
SetCapture
GetMessageTime
SetActiveWindow
FillRect
SendNotifyMessageA
GetWindowThreadProcessId
PtInRect
SetClipboardViewer
ChangeClipboardChain
GetKeyboardLayout
ShowCursor
IsChild
RedrawWindow
MapWindowPoints
SetRect
GetDoubleClickTime
SystemParametersInfoW
DefWindowProcW
DefFrameProcW
DefMDIChildProcW
CallWindowProcW
SendMessageW
DispatchMessageW
TrackMouseEvent
PeekMessageW
GetKeyState
GetAsyncKeyState
UpdateWindow
SetRectEmpty
GetFocus
DefWindowProcA
MonitorFromRect
FindWindowW
RegisterClassA
CreateWindowExA
CreateWindowExW
CreateDialogIndirectParamW
PostMessageW
WaitMessage
GetMessagePos
ScrollWindowEx
ValidateRgn
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseDC
DispatchMessageA
TranslateMessage
DestroyCursor
SetCursor
SendMessageTimeoutA
GetWindowLongW
EnableWindow
CheckDlgButton
GetWindowTextLengthA
DrawFrameControl
DrawEdge
GetSysColorBrush
FrameRect
EnumChildWindows
SetWindowLongA
CreateIconIndirect
DrawIconEx
GetIconInfo
NotifyWinEvent
GetNextDlgTabItem
ChildWindowFromPoint
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
UnionRect
EnumWindows
SetWindowPos
BringWindowToTop
GetDlgItem
IsDlgButtonChecked
GetUpdateRect
DrawFocusRect
ActivateKeyboardLayout
SendDlgItemMessageA
MapDialogRect
IsDialogMessageW
RegisterWindowMessageA
EnumDisplayMonitors
CreateIcon
EnumDisplayDevicesW
ClipCursor
SetParent
GetForegroundWindow
PeekMessageA
RegisterClipboardFormatA
GetKeyboardLayoutList
SetWindowPlacement
CopyAcceleratorTableA
ShowCaret
HideCaret
GetClipboardFormatNameA
GetActiveWindow
MonitorFromWindow
MonitorFromPoint
CallWindowProcA
RegisterClassExA
SetClassLongA
GetDC
RemoveMenu
GetMenuItemCount
GetClassInfoExW
CopyRect
GetScrollInfo
IsRectEmpty
SetScrollInfo
IsWindowUnicode
UnregisterClassA
AttachThreadInput
GetInputState
WindowFromDC
ChangeDisplaySettingsExW
EnumDisplaySettingsW
GetCursor
ScrollDC
DrawIcon
BeginPaint
EndPaint
ShowWindow
GetWindowPlacement
SetWindowTextW
DestroyIcon
DestroyMenu
LoadIconA
LoadImageA
CreateMenu
GetWindow
GetClassNameW
IsZoomed
IsIconic
InflateRect
MessageBoxW
SetForegroundWindow
PostMessageA
GetDesktopWindow
MessageBoxA
GetParent
IsWindowEnabled
IsWindow
ReleaseCapture
DestroyWindow
OffsetRect
GetClientRect
InvertRect
GetWindowRect
SetWindowLongW
MessageBeep

advapi32

RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegDeleteKeyW
GetUserNameW
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA

ole32

CoIsOle1Class
StringFromCLSID
OleDuplicateData
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
ReadFmtUserTypeStg
ReadClassStg
CoTreatAsClass
OleMetafilePictFromIconAndLabel
OleGetIconOfClass
OleGetIconOfFile
GetClassFile
CoGetMalloc
OleQueryLinkFromData
OleIsCurrentClipboard
OleSetClipboard
OleGetClipboard
CreateGenericComposite
CreateItemMoniker
OleFlushClipboard
OleRegGetUserType
OleQueryCreateFromData
StgCreateDocfile
CoInitialize
CoUninitialize
GetRunningObjectTable
FreePropVariantArray
CreateFileMoniker
MkParseDisplayName
CreateBindCtx
CreateClassMoniker
OleIsRunning
OleLoad
OleRun
OleCreate
OleCreateLinkFromData
OleCreateFromData
OleCreateLinkToFile
OleCreateFromFile
CoGetClassObject
OleRegEnumVerbs
CoRegisterMessageFilter
StgOpenStorage
StgCreateStorageEx
StgIsStorageFile
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleCreateLink
GetHGlobalFromStream
GetHGlobalFromILockBytes
StringFromGUID2
OleLockRunning
OleSetMenuDescriptor
CoFileTimeNow
DoDragDrop
CoRegisterClassObject
CoRevokeClassObject
OleCreateEmbeddingHelper
OleRegEnumFormatEtc
CreateDataAdviseHolder
CreateOleAdviseHolder
OleRegGetMiscStatus
OleTranslateAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CoCreateInstanceEx
CLSIDFromProgID
CLSIDFromString
CoTaskMemFree
ReleaseStgMedium
CreateStreamOnHGlobal
OleSaveToStream
WriteClassStm
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoDisconnectObject
CoCreateInstance
RegisterDragDrop
RevokeDragDrop
CoLockObjectExternal
ProgIDFromCLSID

Exports

Exports

DllGetLCID

Sections

.text
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 350KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 319KB - Virtual size: 319KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b245c2873ef73d61e63ac40105326fb6

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

gdi32

user32

advapi32

ole32

Exports

Exports

Sections

.text Size: 5.2MB - Virtual size: 5.2MB

.data Size: 350KB - Virtual size: 354KB

.tls Size: 512B - Virtual size: 96B

.rsrc Size: 319KB - Virtual size: 319KB

.text
Size: 5.2MB - Virtual size: 5.2MB

.data
Size: 350KB - Virtual size: 354KB

.tls
Size: 512B - Virtual size: 96B

.rsrc
Size: 319KB - Virtual size: 319KB