60a6e0312ddde185bc8d68a7efdbe812_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

60a6e0312ddde185bc8d68a7efdbe812_JaffaCakes118
Size

29KB
MD5

60a6e0312ddde185bc8d68a7efdbe812
SHA1

5ab67cb268e35c5d89db2780ce9cd11e6873a791
SHA256

7685524b737355b9b07181a07949373782da30db25a17d6b7f993166a66833be
SHA512

07d034ab9f9fc6c49d3b84e5136e7896264ae9a99c1b4ca327ad6ffad92ae160605e47391162afde2c51ea7f1dc765f1af82ca512444cc7e7ae849f5f4712bd5
SSDEEP

768:xggYX1Sg3CvpTuPDUs/w7WV/w7WgGBGWsMglA46WzCVR+:iShKhnVngYClAtR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60a6e0312ddde185bc8d68a7efdbe812_JaffaCakes118

Files

60a6e0312ddde185bc8d68a7efdbe812_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c3261bbebeb08cb9ee3a9118f877db5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AbortSystemShutdownA
AccessCheck
AccessCheckAndAuditAlarmA
AccessCheckByType
AccessCheckByTypeAndAuditAlarmA
AccessCheckByTypeResultList
AccessCheckByTypeResultListAndAuditAlarmA
DeleteAce
DeleteService
DeregisterEventSource
DestroyPrivateObjectSecurity
DuplicateToken
DuplicateTokenEx
ElfBackupEventLogFileA
ElfChangeNotify
ElfClearEventLogFileA
ElfCloseEventLog
ElfDeregisterEventSource
ElfNumberOfRecords
ElfOldestRecord
ElfOpenBackupEventLogA
ElfOpenEventLogA
ElfReadEventLogA
ElfRegisterEventSourceA
GetOldestEventLogRecord
GetOverlappedAccessResults
GetPrivateObjectSecurity
GetSecurityDescriptorControl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorLength
GetSecurityDescriptorOwner
GetSecurityDescriptorSacl
GetSecurityInfo
GetSecurityInfoExA
GetServiceDisplayNameA
LsaCreateTrustedDomain
LsaCreateTrustedDomainEx
LsaDelete
LsaDeleteTrustedDomain
LsaEnumerateAccountRights
LsaEnumerateAccounts
LsaEnumerateAccountsWithUserRight
LsaEnumeratePrivileges
LsaEnumeratePrivilegesOfAccount
LsaEnumerateTrustedDomains
LsaEnumerateTrustedDomainsEx
LsaFreeMemory
LsaGetQuotasForAccount
LsaGetSystemAccessAccount
LsaGetUserName
LsaICLookupNames
LsaICLookupSids
LsaLookupNames
LsaLookupPrivilegeDisplayName
LsaLookupPrivilegeName
LsaLookupPrivilegeValue
LsaLookupSids
LsaNtStatusToWinError
LsaOpenAccount
LsaOpenPolicy
LsaOpenSecret
LsaOpenTrustedDomain
LsaQueryDomainInformationPolicy
LsaQueryInfoTrustedDomain
LsaQueryInformationPolicy
LsaQuerySecret
LsaQuerySecurityObject
LsaQueryTrustedDomainInfo
LsaQueryTrustedDomainInfoByName
LsaRemoveAccountRights
LsaRemovePrivilegesFromAccount
LsaRetrievePrivateData
LsaSetDomainInformationPolicy
LsaSetInformationPolicy
LsaSetInformationTrustedDomain
LsaSetQuotasForAccount
PrivilegeCheck
PrivilegedServiceAuditAlarmA
QueryServiceConfig2A
QueryServiceConfigA
QueryServiceLockStatusA
QueryServiceObjectSecurity
QueryServiceStatus
QueryWindows31FilesMigration

comctl32

CreateMappedBitmap
CreatePropertySheetPageA
CreatePropertySheetPageW
CreateStatusWindowA
CreateStatusWindowW
CreateToolbar
CreateToolbarEx
CreateUpDownControl
DestroyPropertySheetPage
DrawInsert
DrawStatusTextA
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_GetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollProp
FlatSB_GetScrollRange
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollProp
FlatSB_SetScrollRange
FlatSB_ShowScrollBar
GetEffectiveClientRect
GetMUILanguage
ImageList_Add
ImageList_AddIcon
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_DrawIndirect
ImageList_Duplicate
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage

gdi32

AbortDoc
AbortPath
AddFontMemResourceEx
AddFontResourceA
AddFontResourceExA
AddFontResourceExW
AddFontResourceW
AngleArc
AnimatePalette
Arc
ArcTo
BeginPath
BitBlt
CancelDC
CheckColorsInGamut
ChoosePixelFormat
Chord
CloseEnhMetaFile
CloseFigure
CloseMetaFile
ColorCorrectPalette
ColorMatchToTarget
CombineRgn
CombineTransform
CopyEnhMetaFileA
CopyEnhMetaFileW
CopyMetaFileA
CopyMetaFileW
CreateBitmap
CreateBitmapIndirect
CreateBrushIndirect
CreateColorSpaceA
CreateColorSpaceW
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDCW
CreateDIBPatternBrush
CreateDIBPatternBrushPt
CreateDIBSection
CreateDIBitmap
CreateDiscardableBitmap
CreateEllipticRgn
CreateEllipticRgnIndirect
CreateEnhMetaFileA
CreateEnhMetaFileW
CreateFontA
CreateFontIndirectA
CreateFontIndirectExA
CreateFontIndirectExW
CreateFontIndirectW
CreateFontW
CreateHalftonePalette
CreateHatchBrush
CreateICA
CreateICW
CreateMetaFileA
CreateMetaFileW
CreatePalette
CreatePatternBrush
CreatePen
CreatePenIndirect
CreatePolyPolygonRgn
CreatePolygonRgn
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateScalableFontResourceA
CreateScalableFontResourceW
CreateSolidBrush
DPtoLP
DeleteColorSpace
DeleteDC
GetCharABCWidthsA
GetCharABCWidthsFloatA
GetCharABCWidthsFloatW
GetCharABCWidthsI
GetCharABCWidthsW
GetCharWidth32A
GetCharWidth32W
GetCharWidthA
GetCharWidthFloatA
GetCharWidthFloatW
GetCharWidthI
GetCharWidthW
GetCharacterPlacementA
GetCharacterPlacementW
GetClipBox
GetClipRgn
GetColorAdjustment
GetColorSpace
GetCurrentObject
GetCurrentPositionEx
GetDCBrushColor
GetDCOrgEx
GetDCPenColor
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetDeviceGammaRamp
GetEnhMetaFileA
GetEnhMetaFileBits
GetEnhMetaFileDescriptionA
GetTextExtentExPointA
GetTextExtentExPointI
GetTextExtentExPointW
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextExtentPointA
GetTextExtentPointI
GetTextExtentPointW
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
GetViewportExtEx
GetViewportOrgEx
GetWinMetaFileBits
GetWindowExtEx
GetWindowOrgEx
GetWorldTransform
IntersectClipRect
InvertRgn
LPtoDP
LineDDA
LineTo
MaskBlt
ModifyWorldTransform
MoveToEx
OffsetClipRgn
OffsetRgn
OffsetViewportOrgEx
OffsetWindowOrgEx
PaintRgn
PatBlt
PathToRegion
Pie
PlayEnhMetaFile
PlayEnhMetaFileRecord
PlayMetaFile
PlayMetaFileRecord
PlgBlt
PolyBezier
PolyBezierTo
PolyDraw
PolyPolygon
PolyPolyline
PolyTextOutA

kernel32

CreateMutexA
GetModuleHandleA
GetProcAddress

lz32

LZClose
LZDone
LZInit
LZRead
LZSeek
LZStart

ole32

BindMoniker
CLIPFORMAT_UserFree
CLIPFORMAT_UserMarshal
CLIPFORMAT_UserSize
CLIPFORMAT_UserUnmarshal
CoGetCurrentProcess
CoGetInstanceFromFile
CoGetInstanceFromIStorage
CoGetInterfaceAndReleaseStream
CoGetMalloc
CoGetMarshalSizeMax
CoGetObject
CoGetObjectContext
CoGetPSClsid
CoGetStandardMarshal
CoGetState
CoGetStdMarshalEx
CoGetTreatAsClass
CoImpersonateClient
CoInitialize
CoInitializeEx
CoInitializeSecurity
CoInitializeWOW
CoInstall
CoIsHandlerConnected
CoIsOle1Class
CoLoadLibrary
CoLockObjectExternal
CoMarshalHresult
CoSwitchCallContext
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoTestCancel
CoTreatAsClass
CoUninitialize
CoUnloadingWOW
CoUnmarshalHresult
CoUnmarshalInterface
CoWaitForMultipleHandles
CreateAntiMoniker
CreateBindCtx
CreateClassMoniker
CreateDataAdviseHolder
CreateDataCache
CreateFileMoniker
CreateGenericComposite
CreateILockBytesOnHGlobal
CreateItemMoniker
CreateObjrefMoniker
CreateOleAdviseHolder
CreatePointerMoniker
CreateStdProgressIndicator
CreateStreamOnHGlobal
DcomChannelSetHResult
DllDebugObjectRPCHook
DllGetClassObjectWOW
DoDragDrop
EnableHookObject
FmtIdToPropStgName
MkParseDisplayName
MonikerCommonPrefixWith
MonikerRelativePathTo
OleBuildVersion
OleConvertIStorageToOLESTREAM
OleConvertIStorageToOLESTREAMEx
OleConvertOLESTREAMToIStorage
OleConvertOLESTREAMToIStorageEx
OleCreate
OleCreateDefaultHandler
OleCreateEmbeddingHelper
OleCreateEx
OleCreateFromData
OleCreateFromDataEx
OleCreateFromFile
OleCreateFromFileEx
OleCreateLink
OleCreateLinkEx
StgGetIFillLockBytesOnILockBytes
StgIsStorageFile
StgIsStorageILockBytes
StgOpenAsyncDocfileOnIFillLockBytes
StgOpenPropStg
StgOpenStorage
StgOpenStorageEx
StgOpenStorageOnILockBytes
StgSetTimes
StringFromCLSID
StringFromGUID2
StringFromIID
UpdateDCOMSettings
UtConvertDvtd16toDvtd32
UtConvertDvtd32toDvtd16
UtGetDvtd16Info
UtGetDvtd32Info
WriteClassStg
WriteClassStm
WriteFmtUserTypeStg
WriteOleStg
WriteStringStream

oleaut32

BSTR_UserFree
BSTR_UserMarshal
BSTR_UserSize
BSTR_UserUnmarshal
BstrFromVector
ClearCustData
CreateDispTypeInfo
CreateErrorInfo
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleLoadPictureEx
OleLoadPictureFile
OleLoadPictureFileEx
OleLoadPicturePath
OleSavePictureFile
OleTranslateColor
QueryPathOfRegTypeLib

shell32

Shell_NotifyIconA

shlwapi

AssocCreate
AssocQueryKeyA
AssocQueryKeyW
AssocQueryStringA
AssocQueryStringByKeyA
AssocQueryStringByKeyW
AssocQueryStringW
ChrCmpIA
ChrCmpIW
ColorAdjustLuma
ColorHLSToRGB
ColorRGBToHLS
GetMenuPosFromID
HashData
IntlStrEqWorkerA
IntlStrEqWorkerW
PathAddBackslashA
PathAddBackslashW
PathAddExtensionA
PathAddExtensionW
PathAppendA
PathIsContentTypeW
PathIsDirectoryA
PathIsDirectoryEmptyA
PathIsDirectoryEmptyW
PathIsDirectoryW
PathIsFileSpecA
PathIsFileSpecW
PathMakeSystemFolderA
PathMakeSystemFolderW
PathMatchSpecA
PathMatchSpecW
PathParseIconLocationA
PathParseIconLocationW
PathQuoteSpacesA
PathQuoteSpacesW
PathRelativePathToA
PathRelativePathToW
PathRemoveArgsA
PathRemoveArgsW
PathRemoveBackslashA
PathRemoveBackslashW
PathRemoveBlanksA
PathRemoveBlanksW
PathRemoveExtensionA
PathRemoveExtensionW
PathRemoveFileSpecA
PathRemoveFileSpecW
PathRenameExtensionA
PathRenameExtensionW
PathSearchAndQualifyA
PathSearchAndQualifyW
PathSetDlgItemPathA
PathSetDlgItemPathW
PathSkipRootA
PathSkipRootW
PathStripPathA
PathStripPathW
PathStripToRootA
PathStripToRootW
PathUnExpandEnvStringsA
PathUnExpandEnvStringsW
PathUndecorateA
PathUndecorateW
PathUnmakeSystemFolderA
PathUnmakeSystemFolderW
PathUnquoteSpacesA
PathUnquoteSpacesW
SHAutoComplete
SHCopyKeyA
SHCopyKeyW
SHCreateShellPalette
SHIsLowMemoryMachine
SHOpenRegStream2A
SHOpenRegStream2W
SHOpenRegStreamA
SHOpenRegStreamW
SHQueryInfoKeyA
SHQueryInfoKeyW
SHQueryValueExA
SHQueryValueExW
SHRegCloseUSKey
SHRegCreateUSKeyA
SHRegCreateUSKeyW
SHStrDupW
StrCSpnA
StrCSpnIA
StrCSpnIW
StrCSpnW
StrCatBuffA
StrCatBuffW
StrCatW
StrChrA
StrChrIA
StrChrIW
StrChrW
StrCmpIW
StrCmpNA
StrCmpNIA
StrCmpNIW
StrCmpNW
StrCmpW
StrCpyNW
StrCpyW
StrDupA
StrDupW
StrFormatByteSize64A
StrFormatByteSizeA
StrFormatByteSizeW
StrFormatKBSizeA
StrFormatKBSizeW
StrFromTimeIntervalA
StrFromTimeIntervalW
StrNCatA
StrNCatW
StrPBrkA
StrPBrkW
StrRChrA
StrRChrIA
StrRChrIW
StrRChrW
StrRStrIA
StrRStrIW
StrRetToBufA
StrRetToBufW

user32

AppendMenuA
CreateWindowExA
DefWindowProcA
DeleteMenu
DestroyWindow
DialogBoxParamA
DrawTextA
EnableWindow
EndDialog
FillRect
FrameRect
GetClientRect
GetDC
GetDlgItem
GetDlgItemTextA
GetMenuItemCount
GetMenuItemRect
GetMessageA
GetSystemMenu
GetSystemMetrics
GetWindowLongA
GetWindowPlacement
GetWindowRect
LoadCursorA
LoadIconA
LoadImageA
MessageBoxA
RegisterClassA
ReleaseDC
SendMessageA
SetDlgItemTextA
SetMenuDefaultItem
SetTimer
SetWindowLongA
SetWindowPos
UnregisterClassA
UpdateWindow
wsprintfA

Sections

.text
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c3261bbebeb08cb9ee3a9118f877db5

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

lz32

ole32

oleaut32

shell32

shlwapi

user32

Sections

.text Size: 12KB - Virtual size: 16KB

.idata Size: 15KB - Virtual size: 16KB

.text
Size: 12KB - Virtual size: 16KB

.idata
Size: 15KB - Virtual size: 16KB