656137b772e715674f629046b92ed1bb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

656137b772e715674f629046b92ed1bb_JaffaCakes118
Size

332KB
MD5

656137b772e715674f629046b92ed1bb
SHA1

5240e7a961fc56351e3ad16c397d7f91c165df9d
SHA256

cc107d2be6458cc1373c87c97b20de9dc7a9b3cb5154baf02f1de0e76223b7ff
SHA512

695d21d8a7f8a5e7d8bc72b5c44aa05de7f877ee3d95433d66a836a7b357bd37e18538df6c98bcb7f71983d86e30c92d2cbf9440467b9969319b7eb9860d5fce
SSDEEP

6144:iFSbQ/6ZR7RRIc6sB4yy1cfTeD5q4pQNnOqPwbCRAVe2LtMWxUK:iFMZZRR16sOT1ciJu0qo2M3xU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
656137b772e715674f629046b92ed1bb_JaffaCakes118

Files

656137b772e715674f629046b92ed1bb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3aa829134b6b501c8d1ef6a130196a62

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

uxtheme

GetThemeMargins
GetThemeBackgroundContentRect
IsThemeActive
GetThemeMetric
GetThemeBackgroundExtent
GetThemeFont
GetThemePartSize
CloseThemeData
OpenThemeData
SetWindowTheme
GetThemeColor
GetThemeAppProperties
IsAppThemed
DrawThemeBackground
DrawThemeParentBackground

gdi32

GetDIBits
GetObjectA
CreateBitmap
GetBrushOrgEx
GetBkColor
SetTextAlign
ExtCreateRegion
CreateSolidBrush
SaveDC
RealizePalette
SetViewportExtEx
SelectObject
SetBrushOrgEx
CreateRectRgn
LPtoDP
SetStretchBltMode
BitBlt
CreateDCW
CreateCompatibleDC
Rectangle
GetGlyphIndicesW
GetStockObject
RestoreDC
GetRgnBox
GetDCOrgEx
GetTextExtentPoint32A
CreateFontIndirectW
CreateEnhMetaFileA
CreateDIBSection
CombineRgn
DeleteObject
GetPixel
SetWindowOrgEx
CreateDCA
SetPaletteEntries
SetTextColor
GetSystemPaletteEntries
StretchBlt
TextOutW
GetTextColor
CreateRectRgnIndirect
GetTextMetricsW
GetTextExtentPointW
CreatePatternBrush
CreatePalette
SetBkColor
CreateMetaFileW
CreatePolygonRgn
LineTo
DeleteEnhMetaFile
GetBkMode
PlayEnhMetaFile
GetTextExtentPoint32W
RectVisible
MoveToEx
SetDCPenColor
CreatePen
SelectPalette
OffsetWindowOrgEx
TextOutA
CloseEnhMetaFile
SetMapMode
IntersectClipRect
OffsetRgn
SetViewportOrgEx
GetObjectW
GetTextAlign
DeleteDC
GetLayout
CloseMetaFile
SetWindowExtEx
GetRegionData
GetDeviceCaps
EqualRgn
GetPaletteEntries
CreateFontW
StretchDIBits
SetBkMode
GetTextCharset
SetLayout
GetTextExtentExPointI
SetRectRgn
CreateDIBPatternBrushPt
CreateFontIndirectA
CreateHalftonePalette
CreateCompatibleBitmap
PatBlt
ExtTextOutW
GetClipBox

user32

LoadAcceleratorsW
NotifyWinEvent
MsgWaitForMultipleObjectsEx
OpenClipboard
DrawEdge
VkKeyScanExW
GetDesktopWindow
IsIconic
GetCursorPos
SetMenuItemInfoW
SetWindowsHookExW
SetRect
EnableMenuItem
WaitForInputIdle
DestroyAcceleratorTable
ShowScrollBar
AttachThreadInput
MonitorFromPoint
InsertMenuW
CreatePopupMenu
IsMenu
CheckMenuRadioItem
SetCursorPos
PeekMessageA
TranslateAcceleratorW
GetDialogBaseUnits
SetRectEmpty
ReleaseDC
AdjustWindowRectEx
DdeConnect
SetWindowRgn
AnimateWindow
DestroyWindow
EnumWindows
CharUpperW
IsWindowVisible
CheckRadioButton
FindWindowW
MonitorFromWindow
EnumDisplaySettingsW
GetSubMenu
GetProcessWindowStation
LoadBitmapW
ClientToScreen
GetActiveWindow
DdeUninitialize
SetPropA
PostMessageW
DrawFocusRect
DdeCreateStringHandleW
SetClipboardViewer
IsWindowUnicode
DestroyMenu
GetWindowThreadProcessId
GetPropW
GetFocus
wsprintfW
MessageBoxIndirectA
GetSystemMenu
SetCapture
SendMessageA
PostThreadMessageW
SetScrollInfo
ShowWindow
UnhookWindowsHookEx
EnableWindow
CharLowerW
EndDialog
EnumThreadWindows
ShowCaret
GetMenuItemID
CharLowerBuffW
GetTopWindow
GetDC
GetWindowDC
SetTimer
GetWindowRect
IsWindow
GetMenuDefaultItem
DialogBoxParamA
GetParent
CharNextW
RegisterClassW
DdeInitializeW
GetComboBoxInfo
WindowFromPoint
DrawTextExW
DrawFrameControl
MsgWaitForMultipleObjects
EmptyClipboard
GetClassLongW
CallNextHookEx
MapWindowPoints
DialogBoxIndirectParamA
MessageBoxW
DdeCreateDataHandle
DrawTextW
CopyIcon
GetAncestor
CreateDialogParamW
SystemParametersInfoA
SetWindowLongW
SetForegroundWindow
EndMenu
GetPropA
GetMenuStringW
GetClassWord
PostQuitMessage
SetWindowTextW
DdeDisconnect
MapDialogRect
SystemParametersInfoW
BeginPaint
DispatchMessageA
GetWindowInfo
GetWindowPlacement
LoadCursorA
GetMenuItemCount
DdeGetData
ChangeClipboardChain
RedrawWindow
EndPaint
CopyImage
RegisterClipboardFormatW
SetWindowLongA
CallMsgFilterW
GetCursor
SetWindowPos
IntersectRect
GetForegroundWindow
ReleaseCapture
SetMenuItemBitmaps
GetScrollInfo
GetShellWindow
CloseClipboard
SendNotifyMessageW
LoadStringW
GetKeyNameTextW
UnregisterClassW
BeginDeferWindowPos
RegisterClassExW
GetMenuItemInfoW
SetCursor
EqualRect
CreateWindowExW
DefWindowProcW
ScreenToClient
DdeFreeDataHandle
DefWindowProcA
OffsetRect
IsHungAppWindow
MessageBoxExW
DialogBoxIndirectParamW
IsCharAlphaNumericW
GetSystemMetrics
SetFocus
CallWindowProcW
RegisterWindowMessageW
DeleteMenu
MapVirtualKeyW
SendMessageTimeoutW
DdeQueryStringW
TranslateMessage
RegisterClipboardFormatA
AppendMenuW
EndDeferWindowPos
CheckMenuItem
AdjustWindowRect
GetMenuState
DdeClientTransaction
GetAsyncKeyState
GetMonitorInfoW
HideCaret
TrackMouseEvent
PostMessageA
GetDoubleClickTime
WinHelpW
GetLastInputInfo
GetWindowTextW
LoadMenuW
SendDlgItemMessageW
PostThreadMessageA
GetMenuItemInfoA
ChildWindowFromPoint
SetDlgItemTextW
GetMessageA
GetWindowLongW
RemovePropA
UnionRect
KillTimer
UpdateWindow
EnumChildWindows
GetKeyboardLayout
GetSysColor
SetMenu
IsDialogMessageW
GetMessagePos
CharPrevW
GetClipboardData
IsWindowEnabled
ShowOwnedPopups
GetWindow
InvalidateRect
SetMenuDefaultItem
DispatchMessageW
GetSysColorBrush
GetWindowRgnBox
InflateRect
LoadStringA
CharNextA
SetPropW
SendMessageW
LockSetForegroundWindow
DdeFreeStringHandle
CheckDlgButton
CopyRect
AllowSetForegroundWindow
SetActiveWindow
SetClipboardData
DrawIconEx
WaitMessage
DestroyIcon
SetDlgItemInt
FindWindowA
GetWindowTextLengthW
SetWindowPlacement
IsChild
EnumDesktopWindows
InsertMenuItemW
CharPrevA
RemovePropW
MessageBoxExA
FillRect
TrackPopupMenu
GetClassInfoExW
DeferWindowPos
PeekMessageW
GetDlgItemTextW
LoadImageW
GetClassNameW
MessageBeep
GetMessageTime
GetDlgCtrlID
SetParent
TrackPopupMenuEx
SendMessageTimeoutA
DdeNameService
LoadCursorW
CreateIconIndirect
GetNextDlgTabItem
MessageBoxIndirectW
GetClientRect
RemoveMenu
MoveWindow
GetKeyState
CreateMenu
UpdateLayeredWindow
IsDlgButtonChecked
GetClipboardFormatNameW
GetDlgItem
GetClassInfoW
MonitorFromRect
GetLastActivePopup
GetCapture
GetIconInfo
RegisterWindowMessageA
SetScrollPos
PtInRect
GetMessageW
FindWindowExW
DialogBoxParamW
GetWindowLongA
LoadIconW
IsRectEmpty

advapi32

RegisterTraceGuidsW
RegOpenKeyW
CreateProcessAsUserW
CryptGetHashParam
RegQueryValueW
RegDeleteValueA
RegSetValueExA
DuplicateTokenEx
RegEnumKeyExW
SetThreadToken
RegCreateKeyA
RegOpenKeyExA
RegCloseKey
GetTraceEnableLevel
RegOpenCurrentUser
SetTokenInformation
ConvertSidToStringSidW
RegQueryInfoKeyW
RegCreateKeyExA
RegQueryValueExW
IsTextUnicode
RegDeleteValueW
RegQueryValueExA
CryptHashData
OpenThreadToken
UnregisterTraceGuids
CryptAcquireContextW
CryptCreateHash
CryptReleaseContext
GetTraceEnableFlags
RegEnumKeyW
GetTokenInformation
RegEnumValueA
TraceMessage
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
CryptDestroyHash
ConvertStringSidToSidW
RegEnumValueW
GetUserNameW
GetTraceLoggerHandle
RegOpenKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenProcessToken
TraceEvent
RegDeleteKeyA
GetLengthSid
ImpersonateSelf

ntdll

RtlUshortByteSwap
LdrGetDllHandle
NtAllocateVirtualMemory

kernel32

GetModuleFileNameA
InterlockedCompareExchange
DebugBreak
GetSystemDefaultUILanguage
FindResourceExW
OpenProcess
MoveFileExW
InitializeCriticalSection
IsWow64Process
GetCurrentThread
lstrcmpA
GetPrivateProfileSectionW
GetModuleHandleExA
ReleaseSemaphore
GetTempFileNameW
GlobalUnlock
CreateTimerQueueTimer
LCMapStringW
ReplaceFileW
GetSystemTime
WaitForSingleObject
TlsAlloc
lstrcmpW
GetTimeFormatW
lstrcmpiA
RaiseException
LocalFree
CreateFileW
HeapReAlloc
GetThreadLocale
ExpandEnvironmentStringsA
InterlockedIncrement
ActivateActCtx
UnmapViewOfFile
GlobalFree
GetFileAttributesW
FindNextFileW
FreeLibrary
SetProcessWorkingSetSize
GetCurrentThreadId
GetFullPathNameW
GetTickCount
CreateFileA
GetTempPathW
GetModuleFileNameW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
GlobalAddAtomW
HeapFree
LoadLibraryA
GetDateFormatW
CreateProcessW
Process32FirstW
GetPrivateProfileStringW
ReleaseActCtx
WritePrivateProfileSectionW
GetPrivateProfileStringA
RemoveDirectoryW
GetCPInfo
LeaveCriticalSection
SetThreadExecutionState
GetModuleHandleExW
DeleteTimerQueueTimer
QueryPerformanceFrequency
LoadLibraryExW
GetProcessHeap
CreateDirectoryW
Sleep
LockResource
WritePrivateProfileStringW
SearchPathW
OpenMutexA
MapViewOfFile
FindClose
MulDiv
GetAtomNameW
GlobalAlloc
LoadLibraryW
GetExitCodeThread
FindResourceW
SetThreadPriority
CreateToolhelp32Snapshot
LockFileEx
AddAtomW
GetSystemDirectoryA
Process32NextW
LocalReAlloc
GetSystemWow64DirectoryW
SetEndOfFile
GetUserDefaultLCID
GetFileSize
ReadFile
SetFileAttributesW
FreeLibraryAndExitThread
InitializeCriticalSectionAndSpinCount
DeleteAtom
VirtualProtect
FileTimeToLocalFileTime
CreateEventA
TerminateThread
CreateEventW
GlobalDeleteAtom
GlobalAddAtomA
FindFirstFileW
CreateFileMappingA
GetFileAttributesExW
GetVersionExA
HeapAlloc
SizeofResource
GetModuleHandleW
SetLastError
TlsFree
SetCurrentDirectoryA
SetProcessShutdownParameters
lstrlenW
GetProcAddress
FindAtomW
GetEnvironmentVariableW
TlsGetValue
QueueUserWorkItem
CreateSemaphoreW
ReleaseMutex
QueryDosDeviceW
UnlockFileEx
SetFilePointerEx
HeapCreate
GetLongPathNameW
WaitForMultipleObjects
GetThreadContext
WaitForSingleObjectEx
GetFileInformationByHandle
GetVersionExW
CreateMutexA
LocalSize
HeapDestroy
SuspendThread
TlsSetValue
SetFileTime
SetFilePointer
GetCurrentDirectoryW
TryEnterCriticalSection
ResetEvent
GetModuleHandleA
GetWindowsDirectoryW
CompareStringW
GetLocaleInfoW
GlobalLock
DuplicateHandle
VirtualFree
FileTimeToSystemTime
LocalFileTimeToFileTime
GlobalReAlloc
GetPrivateProfileSectionNamesW
CloseHandle
CompareFileTime
GetUserDefaultUILanguage
GetNumberFormatW
GlobalFlags
GetLastError
GetFileAttributesA
GetSystemDirectoryW
GetLogicalDriveStringsW
LocalAlloc
SetEvent
DeleteCriticalSection
DisableThreadLibraryCalls
CreateThread
QueryPerformanceCounter
CreateFileMappingW
UnhandledExceptionFilter
GetShortPathNameW
GetFileSizeEx
OpenEventW
CopyFileW
GetSystemDefaultLCID
GetACP
DeactivateActCtx
FlushInstructionCache
OutputDebugStringA
ExitProcess
CompareStringA
EnumUILanguagesW
OpenMutexW
GetSystemTimeAsFileTime
IsDBCSLeadByte
GetSystemInfo
WriteFile
GetCurrentProcess
MoveFileW
CreateDirectoryA
GetVersion
GlobalSize
VirtualQuery
VirtualAlloc
SetThreadContext
ResumeThread
InterlockedDecrement
SetCurrentDirectoryW
lstrlenA
lstrcmpiW
GetThreadPriority
SetUnhandledExceptionFilter
EnterCriticalSection
InterlockedExchange
WideCharToMultiByte
TerminateProcess
GetLocalTime
LoadResource
SystemTimeToFileTime
SetErrorMode
CreateMutexW
MultiByteToWideChar
GetCurrentProcessId
CreateActCtxW
DeleteFileW
FormatMessageW

psapi

GetProcessImageFileNameW

shell32

SHBindToParent
SHGetDesktopFolder
SHFileOperationW
SHChangeNotify
SHGetSpecialFolderLocation
SHGetInstanceExplorer
Shell_NotifyIconW
SHCreateShellItem
SHGetDataFromIDListW
ExtractAssociatedIconExW
SHGetFolderPathW
SHGetFileInfoW
ExtractIconExW
SHPathPrepareForWriteW
SHGetSpecialFolderPathW
ShellExecuteA
SHBrowseForFolderW
Shell_NotifyIconA
SHGetFolderLocation
SHSetLocalizedName
SHAppBarMessage
SHGetPathFromIDListA
ShellExecuteW
SHGetPathFromIDListW
SHGetFolderPathAndSubDirW
ShellExecuteExW
ShellAboutW
ExtractIconW
DragQueryFileW

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3aa829134b6b501c8d1ef6a130196a62

Headers

DLL Characteristics

File Characteristics

Imports

uxtheme

gdi32

user32

advapi32

ntdll

kernel32

psapi

shell32

Sections

.text Size: 183KB - Virtual size: 183KB

.rdata Size: 88KB - Virtual size: 88KB

.rsrc Size: 21KB - Virtual size: 21KB

.data Size: 37KB - Virtual size: 1.4MB

.tls Size: 512B - Virtual size: 4KB

.text
Size: 183KB - Virtual size: 183KB

.rdata
Size: 88KB - Virtual size: 88KB

.rsrc
Size: 21KB - Virtual size: 21KB

.data
Size: 37KB - Virtual size: 1.4MB

.tls
Size: 512B - Virtual size: 4KB