68d6f9aa35c7cabf06c4509084b3e523_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

68d6f9aa35c7cabf06c4509084b3e523_JaffaCakes118
Size

87KB
MD5

68d6f9aa35c7cabf06c4509084b3e523
SHA1

7087c0ee4cbf5eb49b0cbc776c528ad5251722bb
SHA256

6b61fa3fe38513864b5317a78f29731bb6a36007191ce6020c30a70fa82b094e
SHA512

d02e4e526414696fa90d4f94e10019036b981baf04c7c9b5f534d1b003c7e30e9655cc1debe4e577265d6e1879f6c7587053c783616964075482c5715038df87
SSDEEP

1536:etlZDSJNU+txJnD2Dj4Gcug+3quYTVjs34MTikuLrLP7zpMvMKgn5rYYujc8ct:e9SJNBD2DjndN34G+vzykKgn5rMjc8c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68d6f9aa35c7cabf06c4509084b3e523_JaffaCakes118

Files

68d6f9aa35c7cabf06c4509084b3e523_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6752065f13d64ec11e2ea27dc23e62ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrNCatW
PathFindSuffixArrayW
SHRegEnumUSKeyW
UrlEscapeA
PathMakePrettyA
StrCmpNIA
PathAddBackslashW
SHCreateStreamOnFileA
StrSpnA
PathAddBackslashA
SHOpenRegStreamW
StrToIntExW
SHRegCloseUSKey
UrlHashW
SHRegEnumUSKeyA
PathIsRelativeW
SHQueryValueExW
SHRegDeleteUSValueW
PathCanonicalizeW
PathCreateFromUrlW
StrToIntA
PathCommonPrefixA
StrFromTimeIntervalW
StrCSpnW
PathIsDirectoryA
PathIsDirectoryEmptyW
PathRemoveFileSpecW
ColorAdjustLuma
PathCanonicalizeA
PathIsURLA
PathCreateFromUrlA
StrRetToBufW
PathIsContentTypeW
PathSkipRootW
SHRegOpenUSKeyW
SHRegEnumUSValueW
PathMatchSpecW
PathIsLFNFileSpecW
StrFormatKBSizeA
StrChrA
StrSpnW
PathMakeSystemFolderW
PathFindOnPathW
PathIsURLW
SHRegGetUSValueA
SHStrDupA
PathParseIconLocationA
SHGetThreadRef
StrDupA
PathUnmakeSystemFolderW
PathSetDlgItemPathA
UrlGetPartW
PathBuildRootW
UrlEscapeW
StrStrIA
StrCmpW
PathRemoveBackslashA
PathRemoveExtensionA
AssocQueryStringByKeyA
PathIsRelativeA
PathRemoveFileSpecA
PathStripToRootA
SHDeleteEmptyKeyW
PathCombineW
StrStrA
ChrCmpIW
PathCompactPathExA
PathRemoveBlanksW
PathGetArgsA
SHOpenRegStream2A
IntlStrEqWorkerW
StrTrimW
PathSkipRootA
PathIsFileSpecW
PathIsDirectoryEmptyA
PathCompactPathA
StrIsIntlEqualA
UrlCompareW
PathFindNextComponentW
PathAddExtensionW
PathFindNextComponentA
StrCatBuffW
PathIsNetworkPathA
SHRegEnumUSValueA
UrlIsW
UrlApplySchemeA
PathRenameExtensionW
SHEnumValueA
UrlHashA
AssocQueryKeyW
PathIsPrefixW
PathFindExtensionA
SHSetValueA
StrRChrW
StrPBrkA
SHRegDeleteEmptyUSKeyW
UrlIsOpaqueA
PathCompactPathW
HashData
PathStripPathW

kernel32

CancelWaitableTimer
GetConsoleScreenBufferInfo
GlobalUnlock
GetProfileIntA
GetEnvironmentVariableW
SetConsoleCursorPosition
GetUserDefaultLCID
GetLocaleInfoW
VirtualProtect
GetPrivateProfileIntW
GetTapeStatus
WriteConsoleOutputCharacterW
SetVolumeLabelW
CreateToolhelp32Snapshot
WaitForSingleObjectEx
GlobalWire
ReadFileEx
GetVolumeInformationW
SetHandleCount
VirtualAlloc
GetAtomNameA
OpenMutexW
DisconnectNamedPipe
SystemTimeToTzSpecificLocalTime
SetFileTime
WriteFileGather
CopyFileA
SetFileApisToANSI
GetStringTypeExW
FreeEnvironmentStringsA
EnumResourceNamesA
GetCommConfig
EnumResourceNamesW
GlobalAddAtomA
GlobalGetAtomNameA
GlobalFix
WritePrivateProfileStringW
MoveFileExW
ReadConsoleOutputA
GetTapeParameters
GetLogicalDrives
FreeEnvironmentStringsW
PostQueuedCompletionStatus
CreateIoCompletionPort
EnumResourceLanguagesW
GetEnvironmentStrings
GetLongPathNameA
FindNextChangeNotification
CopyFileW
GetPriorityClass
Heap32ListFirst
CreateEventA
GetConsoleMode
GetExitCodeProcess
GetTempFileNameA
GetPrivateProfileStringW
GetTickCount
SetEndOfFile
lstrcmpA
TerminateProcess
FindFirstFileExA
Process32Next
VirtualUnlock
EraseTape
EnumResourceTypesA
OpenWaitableTimerA
WaitForDebugEvent
SetCurrentDirectoryA
GetPrivateProfileSectionNamesW
GetThreadLocale
ResumeThread
CreateSemaphoreW
FindResourceW
SetEvent
GetPrivateProfileSectionNamesA
GetSystemDefaultLangID
IsDBCSLeadByte
VirtualProtectEx
GetStringTypeW
SystemTimeToFileTime
UnlockFileEx
WriteConsoleOutputW
GetCompressedFileSizeA
GlobalFree
HeapFree
BackupSeek
WriteProfileSectionW
GetCPInfo
SetCommConfig
ReadProcessMemory
Thread32First
GetLastError
GetBinaryTypeW
CreateNamedPipeW
WriteFile
ResetWriteWatch
GetTimeFormatA
DeleteAtom
OutputDebugStringA
GetNamedPipeHandleStateW
FileTimeToLocalFileTime
lstrlen
LocalHandle
CreateMailslotW
GlobalGetAtomNameW
IsValidLocale
SetCommMask
SetEnvironmentVariableW
GetLogicalDriveStringsA
VirtualFree
GetTapePosition
SetComputerNameW
GetCurrentDirectoryW
SetMessageWaitingIndicator
FillConsoleOutputAttribute
FoldStringW
IsDebuggerPresent
MulDiv
CopyFileExW
GenerateConsoleCtrlEvent
WriteProfileStringA
OpenProcess
SetSystemPowerState
GetCurrencyFormatA
SetUnhandledExceptionFilter
EnumResourceTypesW
ExitProcess
EnumSystemLocalesW
GetFileAttributesW
GetCurrentDirectoryA
WriteProfileStringW
GlobalAlloc
GetProfileStringA
lstrcat
WritePrivateProfileStringA

advapi32

CryptGetKeyParam
ConvertSecurityDescriptorToAccessA
GetFileSecurityA
CryptSetHashParam
GetMultipleTrusteeW
RegSaveKeyA
BackupEventLogW
CryptDeriveKey
RegQueryInfoKeyW
RegCreateKeyA
OpenSCManagerW
RegGetKeySecurity
GetAccessPermissionsForObjectA
AbortSystemShutdownW
AbortSystemShutdownA
DeleteAce
BuildTrusteeWithSidA
CryptImportKey
ReportEventA
ObjectOpenAuditAlarmA
GetNamedSecurityInfoA
ConvertSecurityDescriptorToAccessW
DuplicateTokenEx
BuildExplicitAccessWithNameW
CryptDestroyHash
RegEnumValueW
ObjectCloseAuditAlarmW
BuildImpersonateTrusteeW
RegSaveKeyW
RegQueryValueExW
RegNotifyChangeKeyValue
RegEnumValueA
RegSetKeySecurity
LookupPrivilegeValueW
QueryServiceConfigW
GetSidIdentifierAuthority
SetNamedSecurityInfoExA
LookupPrivilegeValueA
CryptEnumProvidersA
RegEnumKeyExW
SetSecurityInfo
ConvertAccessToSecurityDescriptorW
GetAce
RegCreateKeyExA
ObjectDeleteAuditAlarmW
AdjustTokenGroups
CryptGetUserKey
LookupPrivilegeNameW
CryptSignHashW
LookupPrivilegeDisplayNameA
GetSidSubAuthority
CryptSetProviderExA
GetTrusteeNameW
GetServiceDisplayNameW
RegisterServiceCtrlHandlerA
GetSidSubAuthorityCount
OpenProcessToken
ReportEventW
ObjectCloseAuditAlarmA
RegQueryInfoKeyA
GetSecurityDescriptorDacl
QueryServiceLockStatusA
InitializeAcl
QueryServiceConfigA
RegDeleteValueA
SetKernelObjectSecurity
GetMultipleTrusteeA
DestroyPrivateObjectSecurity
ObjectDeleteAuditAlarmA
BuildImpersonateExplicitAccessWithNameA
RegOpenKeyExW
ConvertAccessToSecurityDescriptorA
RegisterEventSourceW
RegSetValueW
GetTokenInformation
RegCreateKeyExW
SetSecurityDescriptorOwner
GetSecurityInfoExW
SetPrivateObjectSecurity
GetLengthSid
CryptDecrypt
GetAclInformation
OpenServiceA
SetSecurityInfoExW
GetTrusteeTypeW
ImpersonateLoggedOnUser
StartServiceCtrlDispatcherW
DeregisterEventSource
SetSecurityDescriptorSacl
InitiateSystemShutdownA
GetFileSecurityW
NotifyBootConfigStatus
RegRestoreKeyA
GetUserNameW
GetCurrentHwProfileA
BuildTrusteeWithNameA
RegOpenKeyExA
ClearEventLogW
RegConnectRegistryA
LookupSecurityDescriptorPartsW
RegDeleteValueW
GetAuditedPermissionsFromAclA
SetEntriesInAuditListW
CryptEnumProviderTypesA
EnumDependentServicesA
ClearEventLogA
GetServiceKeyNameA
CryptSetProviderW
EnumServicesStatusA
CryptExportKey
RegOpenKeyW
MakeAbsoluteSD
GetKernelObjectSecurity
LookupSecurityDescriptorPartsA
SetFileSecurityA
AccessCheckAndAuditAlarmA

user32

WINNLSGetEnableStatus
VkKeyScanExW
UnionRect
ChangeMenuW
CharNextExA
CharUpperW
IsMenu
TrackPopupMenu
DrawAnimatedRects
UnregisterHotKey
EnableWindow
SetDlgItemInt
FindWindowW
RegisterClassA
RealChildWindowFromPoint
GetUpdateRgn
GetMenuItemID
GetWindowDC
SendMessageTimeoutW
DdeCreateStringHandleW
VkKeyScanA
EnumPropsA
SetMenuItemInfoA
SetWindowPos
SetProcessWindowStation
DlgDirSelectExW
GetCursorInfo
LoadStringA
LoadMenuIndirectW
SendMessageCallbackW
DestroyCaret
DispatchMessageW
IsCharAlphaNumericW
DefWindowProcW
DdeConnect
ReleaseCapture
FlashWindowEx
IsIconic
CopyImage
DdeClientTransaction
CreateWindowExW
CharToOemBuffW
DrawFrame
DdeQueryNextServer
LoadMenuIndirectA
SetCaretPos
LoadBitmapA
GetSystemMetrics
SetDoubleClickTime
SwitchDesktop
InsertMenuItemA
MessageBoxIndirectW
DdeUninitialize
LookupIconIdFromDirectoryEx
ValidateRgn
CharUpperBuffA
LoadCursorW
GetKeyboardLayout
DrawStateW
SetPropW
LoadBitmapW
GetWindowThreadProcessId
EqualRect
GetUserObjectInformationW
EnableMenuItem
GetKBCodePage
BeginDeferWindowPos
EditWndProc
ExcludeUpdateRgn
CallWindowProcA
SetTimer
FrameRect
EnumPropsW
GetKeyboardType
ChangeDisplaySettingsExW
EnumThreadWindows
GetMenuBarInfo
WindowFromDC
MessageBoxExW
GetClassNameW
MonitorFromWindow
ModifyMenuA
PostQuitMessage
RegisterClassW
BlockInput
SetWindowsHookExW
GetClipboardOwner
AdjustWindowRectEx
PackDDElParam
GetClipboardFormatNameA
MonitorFromRect
SendIMEMessageExW
LoadImageW
ChangeClipboardChain
GetUserObjectInformationA
DdeKeepStringHandle
GetClassInfoExA
TrackPopupMenuEx
CreateAcceleratorTableW
ScreenToClient
CheckMenuRadioItem
GetGuiResources
RegisterClassExA
GetClassInfoA
SetWindowsHookExA
GetWindowLongA
DlgDirSelectComboBoxExW
GetTabbedTextExtentA
ToAscii
CreateCaret
SetFocus
MapVirtualKeyW
SetWindowLongW
CountClipboardFormats
GetAsyncKeyState
SetClipboardViewer
CharLowerBuffA
InsertMenuW
EndDeferWindowPos
SetWindowTextA
EnumDisplayDevicesA
GetMenuCheckMarkDimensions
GetDlgItemTextW
TranslateMDISysAccel
CharUpperBuffW
LoadCursorA
AppendMenuA
SetDlgItemTextW
DefFrameProcW
CharPrevW
SetKeyboardState
LoadImageA

ole32

CoImpersonateClient
CoUninitialize
DoDragDrop
UtConvertDvtd16toDvtd32
OleRegGetUserType
IIDFromString
CoGetClassObject
CoSuspendClassObjects
UtGetDvtd32Info
FreePropVariantArray
CoUnmarshalHresult
CoRegisterMallocSpy
OleDoAutoConvert
OleSetContainedObject
CoIsOle1Class
OleConvertIStorageToOLESTREAMEx
CoCreateFreeThreadedMarshaler
CreateOleAdviseHolder
OleLoadFromStream
OleDuplicateData
GetHookInterface
StgCreateDocfileOnILockBytes
WriteClassStm
CoGetInstanceFromFile
CreateILockBytesOnHGlobal
OleCreateEx
OleDestroyMenuDescriptor
StgIsStorageILockBytes
RevokeDragDrop
ReadClassStm
OleCreateStaticFromData
OleUninitialize
SetDocumentBitStg
CreateAntiMoniker
CoCreateInstanceEx
CreateDataAdviseHolder
CoTreatAsClass
CoQueryClientBlanket
StgOpenStorageOnILockBytes
OleConvertOLESTREAMToIStorageEx
OleRegEnumVerbs
CoQueryReleaseObject
OleSetClipboard
CreateFileMoniker
StringFromIID
CoReleaseMarshalData
GetClassFile
BindMoniker
CoCreateInstance
OleNoteObjectVisible
CoMarshalInterface
CoGetCurrentLogicalThreadId
OpenOrCreateStream
WriteFmtUserTypeStg
OleBuildVersion
OleRegEnumFormatEtc
CoCreateGuid
CoFreeLibrary
OleSetMenuDescriptor
CoResumeClassObjects
OleConvertIStorageToOLESTREAM
CoRevokeMallocSpy
StgSetTimes
StgOpenStorage
CreateClassMoniker
IsEqualGUID
OleDraw
CoDosDateTimeToFileTime
CLSIDFromString
OleCreateFromData
CoTaskMemAlloc
OleQueryLinkFromData
CoInitializeSecurity
GetHGlobalFromILockBytes
CoDisconnectObject
GetHGlobalFromStream
CoFileTimeToDosDateTime
CoReleaseServerProcess
CoGetStandardMarshal
CoGetCallContext
CoRegisterChannelHook
EnableHookObject
CoInitializeEx
OleSave
CoGetInstanceFromIStorage
WriteClassStg
CreateItemMoniker
OleCreateLinkToFileEx
ReleaseStgMedium
OleGetIconOfClass
OleFlushClipboard
StgCreateStorageEx
OleSaveToStream
StgGetIFillLockBytesOnFile
CoGetMarshalSizeMax
OleConvertOLESTREAMToIStorage
CoRegisterClassObject
CoGetObject
GetConvertStg
DllDebugObjectRPCHook
ReadFmtUserTypeStg

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 349B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6752065f13d64ec11e2ea27dc23e62ad

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

advapi32

user32

ole32

Sections

.text Size: 69KB - Virtual size: 68KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 349B

.text
Size: 69KB - Virtual size: 68KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 349B