5eba25d75358d5c307b5bb8d13b07209_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5eba25d75358d5c307b5bb8d13b07209_JaffaCakes118
Size

39KB
MD5

5eba25d75358d5c307b5bb8d13b07209
SHA1

59ffb463312a8fc7e494ec63287418a229505957
SHA256

f3e2afcbc91780a02bc584ff7cbc7816a7e1913c91be103d4028f8ae798891c8
SHA512

47b9d2d72a749c8722c4aafb6b7a24edc78fa67d5c3102c9923c5bd559eea1f72d01d404277d194ef5b768ea6aa731a9eacd399816d5f58f0a785b8e514aa73a
SSDEEP

768:vIZyi0+JZavZ19XB/r4oDKIQ9+aUVgGpe5B2Fda4m4QZeHrLNQO1:vIQkJZUtXB/rTDVQ9FUVho5QdcZwrxQg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5eba25d75358d5c307b5bb8d13b07209_JaffaCakes118

Files

5eba25d75358d5c307b5bb8d13b07209_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cdd007143519287603cd327e0b6b495b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PeekMessageW
GetNextDlgGroupItem
GetDlgItemTextW
IsChild
GetMessagePos
GetFocus
LoadStringW
GetWindowRect
AdjustWindowRectEx
SetScrollInfo
UnpackDDElParam
TranslateMessage
DrawEdge
TrackPopupMenu
IsWindowEnabled
GetSysColorBrush
EndDialog
ShowScrollBar
CheckDlgButton
GetWindowLongW
SetWindowsHookExW
GrayStringW
CopyRect
SetWindowPos
GetWindow
SetCursor
GetClassNameW
DeleteMenu
InSendMessage
SetWindowTextW
GetDCEx
ClipCursor
GetDC
WindowFromDC
RedrawWindow
FindWindowW
TranslateAcceleratorW
GetNextDlgTabItem
PostQuitMessage
MapDialogRect
MessageBoxW
CreateWindowExW
CopyAcceleratorTableW
GetTopWindow
GetWindowTextW
WindowFromPoint
DeferWindowPos
EnableWindow
GetTabbedTextExtentA
GetMenuState
GetForegroundWindow
CountClipboardFormats
IsDlgButtonChecked
DefWindowProcW
InvalidateRgn
GetDialogBaseUnits
IsIconic
DestroyCursor
DrawFocusRect
ModifyMenuW
DispatchMessageW
RemoveMenu
GetKeyState
SystemParametersInfoA
IsZoomed
InvalidateRect
wsprintfW
SetMenuItemBitmaps
GetScrollPos
SetRect
CheckRadioButton
SetScrollPos
PostMessageW
RegisterWindowMessageW
GetCursorPos
FrameRect
GetDlgCtrlID
RegisterClassW
ScrollWindowEx
UnregisterClassW
DrawMenuBar
LoadMenuW
SetCursorPos
MapWindowPoints
IsWindowVisible
SetFocus
UnionRect
DestroyMenu
GetWindowTextLengthW
LoadCursorW
IsDialogMessageW
SetTimer
CallWindowProcW
SystemParametersInfoW
CreateDialogIndirectParamW
SendDlgItemMessageA
GetScrollRange
DrawTextW
GetSystemMenu
BeginDeferWindowPos
GetMenuCheckMarkDimensions
SendDlgItemMessageW
MessageBeep
GetMessageW
GetPropW
ShowOwnedPopups
DefMDIChildProcW
GetDlgItemInt
BeginPaint
SendMessageW
GetAsyncKeyState
PostThreadMessageW
SetRectEmpty
FillRect
SetActiveWindow
GetWindowDC
IsWindow
SetDlgItemTextW
GetDlgItem
InflateRect
wvsprintfW
SetParent
IsRectEmpty
CharUpperW
LoadBitmapW
GetMenuItemCount
TranslateMDISysAccel
EqualRect
PtInRect
AppendMenuW
LoadIconW
GetMenuItemID
EnableMenuItem
IsClipboardFormatAvailable
MessageBoxA
CreateMenu
EndDeferWindowPos
GetActiveWindow
RegisterClipboardFormatW
GetScrollInfo
GetLastActivePopup
GetWindowPlacement
GetClassInfoW
OffsetRect
ScreenToClient
MoveWindow
InvertRect
ScrollWindow
BringWindowToTop
CheckMenuItem
GetParent
GetSystemMetrics
SetForegroundWindow
ReuseDDElParam
InsertMenuW
GetSubMenu
GetSysColor
SetWindowLongW
DestroyIcon
LoadAcceleratorsW
SetWindowPlacement
MsgWaitForMultipleObjects
SetPropW
KillTimer
SetDlgItemInt
SetScrollRange
ReleaseCapture
SetWindowContextHelpId
EnumChildWindows
UpdateWindow
GetMenuStringW
ShowWindow
TabbedTextOutW
CharNextW
DefFrameProcW
SetMenu
LockWindowUpdate
GetTabbedTextExtentW
GetCapture
GetMenu
GetWindowThreadProcessId
GetMessageTime
GetDesktopWindow
CallNextHookEx
WinHelpW
ValidateRect
IntersectRect
GetClientRect
RemovePropW
DestroyWindow
ReleaseDC
EndPaint
SetCapture
ClientToScreen
WaitMessage
UnhookWindowsHookEx

ole32

OleRegGetMiscStatus
OleCreateFromData
CoInitialize
RevokeDragDrop
OleCreateLinkFromData
OleFlushClipboard
OleCreate
StgCreateDocfile
CoCreateInstance
SetConvertStg
OleSetClipboard
OleLoad
OleIsCurrentClipboard
OleDuplicateData
CoFreeUnusedLibraries
CreateItemMoniker
CoGetMalloc
OleCreateStaticFromData
CoRegisterMessageFilter
GetHGlobalFromILockBytes
CLSIDFromProgID
OleSave
CoTreatAsClass
StgOpenStorage
OleLockRunning
OleQueryCreateFromData
DoDragDrop
StgOpenStorageOnILockBytes
ReadClassStm
OleDestroyMenuDescriptor
OleRegEnumVerbs
WriteClassStg
OleQueryLinkFromData
RegisterDragDrop
StringFromCLSID
CreateOleAdviseHolder
OleGetClipboard
WriteClassStm
CoLockObjectExternal
CLSIDFromString
ReadFmtUserTypeStg
CoGetClassObject
OleRegGetUserType
CoRevokeClassObject
CreateILockBytesOnHGlobal
WriteFmtUserTypeStg
CreateGenericComposite
CoDisconnectObject
ReleaseStgMedium
OleIsRunning
CoTaskMemFree
CoRegisterClassObject
IsAccelerator
StgIsStorageFile
CoTaskMemAlloc
OleUninitialize
OleTranslateAccelerator
CreateStreamOnHGlobal
CreateDataCache
OleInitialize
OleLoadFromStream
OleSaveToStream
CreateDataAdviseHolder
OleGetIconOfClass
OleCreateLinkToFile
OleRun
GetRunningObjectTable
ReadClassStg
OleSetMenuDescriptor
OleCreateMenuDescriptor
StgCreateDocfileOnILockBytes
StringFromGUID2
CoUninitialize
CreateBindCtx
OleCreateFromFile
GetClassFile
CreateFileMoniker
OleSetContainedObject

msvcrt

wcscspn
wcstoul
localtime
_open_osfhandle
_fdopen
gmtime
fclose
abort
ftell
wcsncmp
_beginthreadex
_msize
_wcsupr
swprintf
fread
_wsplitpath
wcsstr
_purecall
fflush
wcstol
wcsspn
_initterm
iswspace
time
wcsrchr
modf
_wcsdup
ceil
_onexit
iswdigit
memmove
_get_osfhandle
fputws
realloc
_except_handler3
free
fwrite
_ultow
_snwprintf
_wcsnicmp
wcstod
_CxxThrowException
_wtol
__dllonexit
wcslen
wcscpy
clearerr
_wcslwr
malloc
fgetws
wcsncpy
_expand
mktime
wcspbrk
floor
_wcsrev
_adjust_fdiv
_wtoi
__doserrno
__CxxFrameHandler
calloc
_itow
wcscmp
__wargv
fseek
wcsftime
__argc
vswprintf
_ltow
wcschr
_endthreadex
_wfullpath

gdi32

RestoreDC
SetPolyFillMode
Rectangle
SetBrushOrgEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetViewportExtEx
ExtSelectClipRgn
GetDeviceCaps
GetBkColor
GetStockObject
GetObjectW
ArcTo
GetPaletteEntries
SetColorAdjustment
CreateRectRgn
EndPage
SelectPalette
PolylineTo
TextOutW
SelectClipRgn
CreateDIBPatternBrushPt
CopyMetaFileW
DeleteMetaFile
CreateHatchBrush
GetTextExtentPoint32W
DeleteDC
SetRectRgn
StartDocW
PlayMetaFile
PlayMetaFileRecord
StartPage
RectVisible
GetViewportExtEx
AbortDoc
BitBlt
DeleteObject
GetObjectType
RealizePalette
GetViewportOrgEx
PatBlt
EndDoc
CreateFontIndirectW
CreateMetaFileW
EnumMetaFile
PtVisible
SetROP2
SelectObject
OffsetRgn
ScaleWindowExtEx
ExtTextOutW
OffsetWindowOrgEx
SetTextCharacterExtra
IntersectClipRect
GetWindowOrgEx
GetBkMode
SetArcDirection
CreatePatternBrush
SelectClipPath
SetBkMode
GetCharWidthW
Escape
StretchDIBits
UnrealizeObject
CreateFontW
GetNearestColor
CreateDCW
GetStretchBltMode
CreateRectRgnIndirect
MoveToEx
SetTextAlign
GetCurrentPositionEx
CreateSolidBrush
SetBkColor
ExcludeClipRect
SetAbortProc
LPtoDP
GetPixel
SetTextJustification
EnumFontFamiliesExW
GetTextAlign
PolyBezierTo
SetWindowOrgEx
GetTextMetricsW
CloseMetaFile
GetPolyFillMode
CreateCompatibleBitmap
SetStretchBltMode
SetViewportOrgEx
CreatePalette
GetTextFaceW
CreateCompatibleDC
GetClipRgn
CreatePen
SetMapperFlags
OffsetClipRgn
SetTextColor
GetTextExtentPoint32A
EnumFontFamiliesW
SaveDC
SetWindowExtEx
GetClipBox
PolyDraw
GetTextColor
SetMapMode
CombineRgn
GetMapMode
GetROP2
CreateBitmap
DPtoLP
GetWindowExtEx
ExtCreatePen
LineTo

kernel32

InterlockedCompareExchange
GetProfileIntW
GetCurrentThreadId
LeaveCriticalSection
DelayLoadFailureHook
SetErrorMode
TerminateProcess
CreateMutexW
LocalAlloc
GetVersion
GetDiskFreeSpaceW
TlsGetValue
lstrlenW
GetShortPathNameW
SetFilePointer
LocalUnlock
lstrcmpiW
GlobalUnlock
GlobalHandle
GetStringTypeExW
OutputDebugStringW
DuplicateHandle
GetCurrentProcessId
InitializeCriticalSection
FindFirstFileW
LocalLock
WritePrivateProfileStringW
GetModuleHandleW
FlushFileBuffers
WriteFile
SizeofResource
GlobalAddAtomW
lstrcpynW
CopyFileW
LocalFileTimeToFileTime
GetCurrentThread
GetProcessVersion
GetModuleFileNameW
SetFileTime
VirtualQuery
ReadFile
FreeResource
QueryPerformanceCounter
lstrcmpiA
CreateSemaphoreW
GlobalReAlloc
LoadResource
GlobalFlags
CloseHandle
GlobalAlloc
FileTimeToLocalFileTime
SetEvent
lstrlenA
SuspendThread
ReleaseSemaphore
InterlockedIncrement
lstrcmpW
WaitForSingleObject
GetProcAddress
GetFileSize
ResumeThread
FindClose
GetFileTime
GetCurrentDirectoryW
GlobalGetAtomNameW
LocalFree
lstrcmpA
DeleteCriticalSection
VirtualProtect
LoadLibraryExA
FormatMessageW
DeleteFileW
LockResource
GetLastError
GetCurrentProcess
GetVolumeInformationW
FindResourceW
ReleaseMutex
VirtualAlloc
GetSystemDirectoryA
GetSystemInfo
UnhandledExceptionFilter
GetFullPathNameW
InterlockedDecrement
SetUnhandledExceptionFilter
TlsAlloc
GetTickCount
FreeConsole
TlsSetValue
SetThreadPriority
Sleep
GetPrivateProfileIntW
EnterCriticalSection
FileTimeToSystemTime
GlobalFindAtomW
FindResourceExW
SetLastError
GetVersionExA
lstrcpyA
SetFileAttributesW
GetUserDefaultLCID
SearchPathW
GlobalSize
GetThreadLocale
lstrcatA
lstrcpyW
lstrcatW
UnlockFile
MultiByteToWideChar
CreateEventW
SetEndOfFile
GetSystemTimeAsFileTime
WaitForMultipleObjects
GetFileAttributesW
FreeLibrary
lstrcpynA
GlobalFree
SystemTimeToFileTime
GetTempFileNameW
GetModuleHandleA
GetVersionExW
LockFile
WideCharToMultiByte
LocalReAlloc
FindNextFileW
LoadLibraryW
MoveFileW
TlsFree
CreateFileW
GlobalDeleteAtom
MulDiv
IsDBCSLeadByte
GetPrivateProfileStringW
GlobalLock
LoadLibraryA

advapi32

RegCreateKeyW
RegQueryValueExW
RegEnumKeyW
RegOpenKeyW
GetFileSecurityW
RegSetValueExW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueW
RegOpenKeyExW
RegDeleteValueW
SetFileSecurityW
RegCloseKey
RegQueryValueW

activeds

FreeADsMem
DllGetClassObject

wininet

InternetErrorDlg
InternetOpenW
GopherGetAttributeW
FtpOpenFileW
GopherCreateLocatorW
HttpSendRequestW
HttpOpenRequestW
FtpRenameFileW
InternetQueryDataAvailable
FtpCreateDirectoryW
InternetSetCookieW
HttpEndRequestW
InternetSetOptionExW
FtpDeleteFileW
FtpSetCurrentDirectoryW
InternetSetStatusCallbackW
InternetFindNextFileW
InternetSetFilePointer
FtpGetFileW
InternetQueryOptionW
FtpRemoveDirectoryW
InternetGetCookieW
InternetWriteFile
HttpAddRequestHeadersW
GopherFindFirstFileW
InternetCloseHandle
GopherOpenFileW
HttpSendRequestExW
InternetGetLastResponseInfoW
FtpPutFileW
InternetOpenUrlW
InternetCanonicalizeUrlW
HttpQueryInfoW
InternetConnectW
FtpGetCurrentDirectoryW
InternetReadFile
InternetCrackUrlW
FtpFindFirstFileW

cmdial32

AutoDialFunc
CmCustomHangUp

Sections

.text
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdd007143519287603cd327e0b6b495b

Headers

DLL Characteristics

File Characteristics

Imports

user32

ole32

msvcrt

gdi32

kernel32

advapi32

activeds

wininet

cmdial32

Sections

.text Size: 512B - Virtual size: 456B

.idata Size: 17KB - Virtual size: 16KB

.rsrc Size: 15KB - Virtual size: 15KB

.data Size: - Virtual size: 80KB

.rdata Size: 5KB - Virtual size: 5KB

.text
Size: 512B - Virtual size: 456B

.idata
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 15KB - Virtual size: 15KB

.data
Size: - Virtual size: 80KB

.rdata
Size: 5KB - Virtual size: 5KB