63096c08fca03716178314021bf4c7bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

63096c08fca03716178314021bf4c7bb_JaffaCakes118
Size

131KB
MD5

63096c08fca03716178314021bf4c7bb
SHA1

e4b36312c99452325cc58d56ea147dd4430e0aa1
SHA256

b3515f6be1c8c928bb8bc12d7a62f544fad0ed4e0f81ea769feaf81889cbe32f
SHA512

39512d059d06ea3078ff2661749042b7c6b0c0f51e1613553e78244225564ee36f27b6b08307873325b165017864338755f4f41ff569d5d7c4225ade09256a63
SSDEEP

3072:YUGBEwxLhh8ZCmvPxjdI8BwKWIr3ZONspAqlTtAzZ6kiwe9777Skq:YiwxNh8xhhWIbZONsCqlTt0WVI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63096c08fca03716178314021bf4c7bb_JaffaCakes118

Files

63096c08fca03716178314021bf4c7bb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c3df9ac296b05b2f1455b9604ea65068

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegUnLoadKeyA
CryptImportKey
OpenProcessToken
AreAnyAccessesGranted
GetNamedSecurityInfoW
TrusteeAccessToObjectW
FreeSid
MapGenericMask
GetCurrentHwProfileA
RegReplaceKeyW
ReportEventW
CryptVerifySignatureA

user32

GetDlgItem
DdeCreateStringHandleA
EditWndProc
WINNLSEnableIME
CascadeWindows
DrawCaption
DrawFrame
MapVirtualKeyW
GetWindowThreadProcessId
ChangeClipboardChain
OemToCharA
MenuItemFromPoint
GetWindowContextHelpId
GetDlgItemTextA
CharToOemA
DdeDisconnectList
SetDoubleClickTime
DefWindowProcA
CreateMenu
CreateAcceleratorTableA
ToAscii
GetMenuDefaultItem
GetSubMenu
CharToOemBuffA
ModifyMenuW
GetCapture
SendMessageTimeoutA
IsWindow
SetMessageExtraInfo
CharLowerA
CallMsgFilterW
PeekMessageA
BroadcastSystemMessageA
SetUserObjectInformationW
GetMenuItemInfoA
RegisterDeviceNotificationA
DialogBoxIndirectParamA
CopyImage
GetSystemMetrics
PostThreadMessageA
SendInput
GetKeyState
GetProcessWindowStation
FlashWindow
GetMonitorInfoA
DeferWindowPos
EnumWindowStationsW
MapVirtualKeyA
SetActiveWindow
ShowWindow
DefFrameProcA
FreeDDElParam
SetParent
SendMessageW
SubtractRect
TranslateAcceleratorA
DdeInitializeW
CreateCursor
GetForegroundWindow
DefMDIChildProcA
GetNextDlgGroupItem
WINNLSGetIMEHotkey
FillRect
SetUserObjectInformationA
SetCursor
TrackMouseEvent
FindWindowExA
SetWindowPos
DrawFrameControl
CopyAcceleratorTableA
CloseDesktop
InvalidateRect
RealGetWindowClass
EnumPropsW
IsDialogMessage
GetMenuState
CheckMenuRadioItem
GetKeyboardState
GetAncestor
SendDlgItemMessageW
InSendMessageEx
MsgWaitForMultipleObjects
DestroyAcceleratorTable
ExcludeUpdateRgn
GetUserObjectSecurity
EndPaint
HideCaret
DispatchMessageW
LoadCursorFromFileW
OemToCharBuffA
DefDlgProcA
DdeSetUserHandle
TranslateMessage
GetClipboardSequenceNumber
EnableMenuItem
GetThreadDesktop
DdeAccessData
GetKeyboardLayoutNameA
IsDialogMessageW
GetTabbedTextExtentW
EnumDisplaySettingsA
CreateMDIWindowA
CascadeChildWindows
IsDlgButtonChecked
GetClassLongW
DrawTextA
GetWindowModuleFileNameW
SetWindowPlacement
SetThreadDesktop
IsCharUpperA
DdeFreeDataHandle
SetWindowRgn
GetClientRect
DefMDIChildProcW
NotifyWinEvent
ImpersonateDdeClientWindow
IsChild
MapWindowPoints
RedrawWindow
FindWindowW
CloseWindowStation
DdeQueryNextServer
LoadMenuIndirectA
MapVirtualKeyExA
EnumPropsExA
InvalidateRgn
GetInputState
GetClassInfoW
LoadImageA
CharUpperW
SetWindowContextHelpId
GetWindowLongA
GetWindowInfo
GetSystemMenu
PtInRect
CharLowerBuffA
UnregisterDeviceNotification
LoadAcceleratorsA
SetLastErrorEx
IsCharLowerW
UnregisterClassA
SendMessageCallbackW
EnumPropsExW
IsMenu
SetSystemCursor
GetKeyNameTextA
DestroyCursor
IsCharAlphaA
GetScrollInfo
InsertMenuW
DdeInitializeA
SwapMouseButton
TranslateAcceleratorW
MonitorFromPoint
GetKeyboardLayoutList
DdeUnaccessData
LoadBitmapW
OpenWindowStationW
GetProcessDefaultLayout
SetProcessWindowStation
RegisterClassW
TrackPopupMenu
CharLowerW
OpenDesktopA
SetScrollInfo
ToAsciiEx
InternalGetWindowText
GetMenuItemInfoW
ClipCursor
DdeUninitialize
GetPropW
GetMenuBarInfo
DrawTextExA
IsCharAlphaW
InvertRect
CopyIcon
CharLowerBuffW
GetCaretPos
SetRect
CallMsgFilter
MessageBoxExW
MessageBoxW
BroadcastSystemMessageW
CountClipboardFormats
LoadMenuA
RegisterWindowMessageA
GetDC
DrawEdge
SetClipboardData
GetMessagePos
HiliteMenuItem

kernel32

GetProcAddress
SetConsoleMode
GetPrivateProfileStringW
GetPrivateProfileSectionW
EnumCalendarInfoExA
PulseEvent
LCMapStringW
lstrcmpW
SetSystemTimeAdjustment
GetFullPathNameA
FlushConsoleInputBuffer
LocalReAlloc
ConnectNamedPipe
LCMapStringA
FindNextFileA
SetMessageWaitingIndicator
ReadConsoleInputW
GetDevicePowerState
FindAtomW
InitializeCriticalSectionAndSpinCount
lstrcmpi
GetCurrencyFormatA
GetEnvironmentVariableA
SetSystemTime
IsBadReadPtr
SetThreadContext
GetCurrentProcessId
LoadLibraryW
OpenMutexA
RequestDeviceWakeup
VirtualAlloc
UnlockFile
GetThreadPriority
OpenFileMappingW
GetProfileIntA
GlobalAddAtomW
lstrcmpA
WritePrivateProfileStructA
GetProfileIntW
TransactNamedPipe
UpdateResourceW
SetCalendarInfoW
WaitForSingleObject
SetUnhandledExceptionFilter
OpenFile
CancelIo
FileTimeToSystemTime
ConvertDefaultLocale
CompareFileTime
BackupRead
DisconnectNamedPipe
GetVersionExA
FindFirstFileExA
CreateProcessA
SetFileAttributesA
QueryDosDeviceA
OpenEventW
SetComputerNameW
FreeConsole
LocalAlloc
GetDateFormatA
GlobalHandle
ReleaseSemaphore
CloseHandle
EnumDateFormatsW
CreateSemaphoreW
GlobalAlloc
FileTimeToLocalFileTime
LoadResource
SetConsoleCtrlHandler
FoldStringW
lstrcpy
CompareStringA
ExpandEnvironmentStringsW
EnumResourceNamesA
GetLastError
lstrcmpiA
GetEnvironmentStringsW
WaitNamedPipeW
GlobalGetAtomNameW
QueueUserAPC
GetSystemDefaultLCID
CreateThread
WriteConsoleInputW
SetPriorityClass
GetLongPathNameA
GetLongPathNameW
CreateNamedPipeW
GetBinaryTypeA
CopyFileExA
GetCurrentThread
GetVolumeInformationW
MoveFileW
LocalFileTimeToFileTime
GetProcessHeap
VerLanguageNameW
SetComputerNameA
GetStringTypeW
WaitForMultipleObjectsEx
CreateMutexW
GetThreadPriorityBoost
VirtualFreeEx
DuplicateHandle
SetHandleCount
GetNumberOfConsoleMouseButtons
GetCalendarInfoW
SetWaitableTimer
FindResourceExW
LocalHandle
ReadConsoleW
GetFileAttributesExA
CreateDirectoryExW
GetThreadLocale
SetStdHandle
ReadDirectoryChangesW
SetVolumeLabelW
GetConsoleScreenBufferInfo
SetConsoleCursorInfo
SetEnvironmentVariableW
GetFileTime
WriteProcessMemory
GetProcessWorkingSetSize
WritePrivateProfileStructW
WriteConsoleOutputAttribute
SetThreadLocale
GetTimeFormatA
SetTimeZoneInformation
GetProfileStringW
UnlockFileEx
OpenWaitableTimerW
GetStringTypeExW
ScrollConsoleScreenBufferW
SetConsoleCursorPosition
GlobalReAlloc
PeekNamedPipe
Sleep
GetShortPathNameW
LoadModule
SuspendThread
FillConsoleOutputCharacterA
GetShortPathNameA
WinExec
EnumDateFormatsExW
OpenFileMappingA
UpdateResourceA
lstrlenA
GetSystemDirectoryA
MoveFileExA
VirtualProtect
VirtualFree
LoadLibraryA

ole32

GetDocumentBitStg
CoQueryProxyBlanket
ReadStringStream
CoRegisterMallocSpy
MkParseDisplayName

shlwapi

PathIsRootW
PathCompactPathW
SHOpenRegStreamA
PathRemoveBlanksW
PathCommonPrefixW
SHSetValueA
StrTrimA
SHQueryValueExW
PathRelativePathToA
UrlEscapeA
SHAutoComplete

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3df9ac296b05b2f1455b9604ea65068

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

kernel32

ole32

shlwapi

Sections

.text Size: 91KB - Virtual size: 90KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 512B - Virtual size: 8KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 91KB - Virtual size: 90KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 512B - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 1KB