674fc332f25faca74866b34c5e65c1d2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

674fc332f25faca74866b34c5e65c1d2_JaffaCakes118
Size

184KB
MD5

674fc332f25faca74866b34c5e65c1d2
SHA1

96d2dfdd68dec600f9698fb6ea19ac06ed493d11
SHA256

14e8599f005208730218013dd88a6d7a94c4c77ff44ecee4d88aa30e01c7e592
SHA512

db8e165b1d83a6cbf75e2b33f80e3ab0a41d7e2b43915866becaf5a81eac5cdbdeadf046afe5497b16c6e41e1f8fb9b07058d9cb7ee7d8dbeabf9d953315f47d
SSDEEP

3072:oe9MbtJGG2IwPuLdSzCQrKRLQdGi2iylD8fGQHkmGoNS3gw5/rvSMmx+E3vej:kGGCASWrRLQ6iylDCESAwk/mMmpO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
674fc332f25faca74866b34c5e65c1d2_JaffaCakes118

Files

674fc332f25faca74866b34c5e65c1d2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ec4bcf679a0c321685501642c283e424

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
LoadLibraryA
CreateFileA
lstrlenA
GetWindowsDirectoryA
lstrcpyA
GetProcAddress

user32

SetMessageExtraInfo
SetMessageQueue
SetScrollPos
SetScrollRange
SetSystemCursor
SystemParametersInfoW
TileChildWindows
TrackMouseEvent
UnionRect
ValidateRect
WindowFromDC
SetMenuDefaultItem
SetMenu
SetDlgItemTextA
SetDlgItemInt
SetClassLongA
SetCaretPos
SetActiveWindow
SendMessageA
ScrollDC
ReplyMessage
RemovePropW
ReleaseDC
RegisterShellHookWindow
RegisterDeviceNotificationW
PostMessageW
PaintDesktop
OemToCharA
MessageBoxExW
MapVirtualKeyExW
MapVirtualKeyA
MapDialogRect
LockSetForegroundWindow
LoadMenuW
LoadMenuIndirectA
AttachThreadInput
BeginDeferWindowPos
BeginPaint
CallMsgFilter
CascadeWindows
ChangeMenuA
CharToOemBuffA
CharToOemW
LoadMenuA
CharUpperA
CharUpperBuffW
CopyAcceleratorTableA
CountClipboardFormats
CreateDesktopA
CreateIcon
CreateMDIWindowA
CreateWindowExA
DdeCreateDataHandle
DdeInitializeA
DdeKeepStringHandle
DefDlgProcW
DialogBoxParamA
DlgDirSelectComboBoxExA
DrawTextExW
EndMenu
EndTask
EnumDesktopWindows
EnumDesktopsA
EnumDesktopsW
EnumDisplaySettingsW
EnumPropsA
FindWindowA
FrameRect
GetAltTabInfoW
GetCaretBlinkTime
GetClipboardViewer
GetDlgItemInt
GetIconInfo
GetKeyboardLayoutList
GetKeyboardType
GetLastInputInfo
GetMenuDefaultItem
GetMessagePos
GetMessageTime
GetMonitorInfoA
GetMonitorInfoW
GetProcessWindowStation
GetWindow
GetWindowThreadProcessId
IMPQueryIMEA
IMPQueryIMEW
InsertMenuA
AnyPopup
IntersectRect
InvertRect
IsIconic
KillTimer
LoadKeyboardLayoutW

comdlg32

PageSetupDlgW
ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
ChooseColorA
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW

advapi32

RegOpenKeyW

ole32

OleRegGetMiscStatus
OleRun
OleSaveToStream
OleSetAutoConvert
OleSetContainedObject
OleSetMenuDescriptor
PropVariantClear
ReadClassStg
ReadClassStm
ReadOleStg
RevokeDragDrop
SNB_UserFree
SNB_UserUnmarshal
SetConvertStg
SetDocumentBitStg
StgCreateDocfile
StgCreatePropSetStg
StgIsStorageILockBytes
StgOpenPropStg
StgOpenStorageEx
StringFromIID
UtGetDvtd16Info
WdtpInterfacePointer_UserFree
WriteClassStg
WriteOleStg
OleRegEnumFormatEtc
OleQueryCreateFromData
OleMetafilePictFromIconAndLabel
OleLoadFromStream
OleGetIconOfFile
OleGetAutoConvert
OleFlushClipboard
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleCreateFromFileEx
OleConvertOLESTREAMToIStorage
HPALETTE_UserFree
HMETAFILEPICT_UserSize
HMETAFILEPICT_UserMarshal
HMENU_UserSize
HMENU_UserFree
HGLOBAL_UserMarshal
HGLOBAL_UserFree
HDC_UserFree
HBRUSH_UserUnmarshal
HBRUSH_UserFree
HBITMAP_UserSize
HACCEL_UserMarshal
GetHookInterface
GetHGlobalFromStream
FreePropVariantArray
CreateOleAdviseHolder
CreateILockBytesOnHGlobal
CreateFileMoniker
CreateDataCache
CoUnmarshalInterface
CoUnloadingWOW
CoUninitialize
CoSwitchCallContext
CoRevokeMallocSpy
CoReleaseServerProcess
CoRegisterChannelHook
CoQueryProxyBlanket
CoQueryClientBlanket
CoLockObjectExternal
CoLoadLibrary
CoIsHandlerConnected
CoInstall
CoInitializeWOW
CoGetStandardMarshal
CoGetMalloc
CoGetInstanceFromIStorage
CoGetCurrentLogicalThreadId
CoFreeLibrary
CoFileTimeToDosDateTime
CoCreateInstanceEx
CoCreateInstance
CoCreateGuid
CoCreateFreeThreadedMarshaler
CoBuildVersion
CLSIDFromProgIDEx
OleGetClipboard
CoFreeUnusedLibraries

comctl32

ord8
CreatePropertySheetPage
CreatePropertySheetPageW
ord6
CreateStatusWindowW
UninitializeFlatSB
ord3
PropertySheetW
ord2
ord13
ord14
InitMUILanguage
ord17
ImageList_Write
ImageList_SetOverlayImage
ImageList_SetIconSize
ImageList_SetDragCursorImage
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Remove
ImageList_Read
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_LoadImage
ImageList_GetImageRect
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_GetIcon
ImageList_GetDragImage
ImageList_EndDrag
ImageList_DrawIndirect
ImageList_DrawEx
ImageList_Draw
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_Destroy
ImageList_Create
ImageList_BeginDrag
ImageList_AddMasked
ImageList_AddIcon
ImageList_Add
GetMUILanguage
ord4
FlatSB_ShowScrollBar
FlatSB_SetScrollRange
FlatSB_SetScrollProp
FlatSB_SetScrollInfo
FlatSB_GetScrollRange
FlatSB_GetScrollProp
FlatSB_GetScrollPos
FlatSB_EnableScrollBar
DrawStatusTextW
DestroyPropertySheetPage
ord7

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec4bcf679a0c321685501642c283e424

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

ole32

comctl32

Sections

.text Size: 12KB - Virtual size: 11KB

.text1 Size: 167KB - Virtual size: 167KB

.data Size: 1024B - Virtual size: 644B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 11KB

.text1
Size: 167KB - Virtual size: 167KB

.data
Size: 1024B - Virtual size: 644B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB