6ae4730194db0c6cbe34e27b06828568_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6ae4730194db0c6cbe34e27b06828568_JaffaCakes118
Size

2.0MB
MD5

6ae4730194db0c6cbe34e27b06828568
SHA1

28fe95152c2cb57cfe801fca421ffa6b5fa4666f
SHA256

5ad8c7f9d210def49bca343cc388785985e6029bb25471e3a3bfff25e9d932ca
SHA512

a850239e0ea361b8030b9d382226e4de70aa364a10abb92a6dc87f1b56e038af775f26f24018604fe0b936cc8703f57a0ef74527a9dffe7c5bbedc18f9032f0d
SSDEEP

49152:9QBwnTGb7EGnN97yFqcCLKuA4vPDs4k1m01t4zeDRBlqxWBLa5w07VvXaZuJz0vS:mB6TGU297yFqcPuA4vPY4k1m0TGK88BC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ae4730194db0c6cbe34e27b06828568_JaffaCakes118

Files

6ae4730194db0c6cbe34e27b06828568_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bf7e40f2e58a1d7c409cbcfd627d0c4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\KeyBoardRecord\Release\ie.pdb

Imports

kernel32

CompareStringW
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
GetStringTypeW
CreateFileW
SetEnvironmentVariableA
LCMapStringW
GetConsoleMode
GetConsoleCP
GetLocaleInfoW
GetStdHandle
SetHandleCount
IsValidCodePage
HeapCreate
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ExitProcess
CreateThread
ExitThread
GetTimeZoneInformation
HeapQueryInformation
GetFileType
SetStdHandle
HeapReAlloc
MultiByteToWideChar
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
RtlUnwind
HeapAlloc
GetStartupInfoW
HeapSetInformation
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
HeapFree
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathA
GetProfileIntA
GetTickCount
GetTempPathA
GetTempFileNameA
GetNumberFormatA
QueryPerformanceCounter
GetEnvironmentStringsW
HeapSize
GetOEMCP
GetCPInfo
GetCurrentDirectoryA
lstrcpyA
GetACP
FindResourceA
FreeResource
GlobalFindAtomA
lstrcmpW
GlobalDeleteAtom
GetUserDefaultUILanguage
GetLocaleInfoA
InterlockedExchange
GetCurrentThreadId
ResumeThread
SetThreadPriority
GlobalFlags
GlobalAddAtomA
FreeEnvironmentStringsW
LCMapStringA
InterlockedCompareExchange
GetProcessHeap
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
LoadLibraryA
lstrcmpiA
GetStringTypeExA
WaitForSingleObject
lstrcmpA
GlobalGetAtomNameA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
GetCurrentProcessId
GetModuleFileNameA
ReleaseActCtx
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
GetModuleHandleW
CompareStringA
GetFileTime
GetFileSizeEx
GetFileAttributesA
CloseHandle
LocalFileTimeToFileTime
SetFileAttributesA
GetFileAttributesExA
GetModuleHandleA
GetProcAddress
FindFirstFileA
FindClose
LocalAlloc
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
ActivateActCtx
LoadLibraryW
DeactivateActCtx
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLastError
SetLastError
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MulDiv
lstrlenA
SetFileTime
SystemTimeToFileTime
GetSystemTime
GetVersionExA
GetWindowsDirectoryA
Process32Next
Process32First
CreateToolhelp32Snapshot
DeleteFileA
Sleep
CreateDirectoryA
CopyFileA
GetCommandLineA
FindResourceW
LockResource
CreateFileA
SizeofResource
LoadResource
WideCharToMultiByte

user32

ReuseDDElParam
LoadMenuA
InsertMenuItemA
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MapVirtualKeyExA
IsCharLowerA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetKeyNameTextA
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
DrawFrameControl
DrawEdge
DrawStateA
GetSystemMenu
LoadMenuW
SetClassLongA
WindowFromPoint
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
DrawIconEx
GetNextDlgGroupItem
LoadImageA
CopyImage
GetIconInfo
OffsetRect
MessageBeep
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
ReleaseCapture
GetAsyncKeyState
SetCapture
MapVirtualKeyA
IsRectEmpty
CreatePopupMenu
RedrawWindow
DestroyMenu
GetMenuItemInfoA
InvalidateRect
DeleteMenu
ShowOwnedPopups
SetCursor
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
SetRectEmpty
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
IntersectRect
InflateRect
LoadIconW
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
UnpackDDElParam
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
MapDialogRect
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
ShowScrollBar
UpdateWindow
GetClientRect
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
CallWindowProcA
GetMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
SetForegroundWindow
IsIconic
PostMessageA
GetWindowDC
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetWindowPos
MoveWindow
IsWindow
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
CheckDlgButton
GetScrollPos
SetScrollPos
SetFocus
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
PostThreadMessageA
WaitMessage
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetFocus
RealChildWindowFromPoint
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
SetWindowTextA
DestroyIcon
CharUpperA
GetWindowRgn
DestroyCursor
SetActiveWindow
DrawIcon
GetWindowTextLengthA
GetWindowThreadProcessId
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
SubtractRect
GetMessageTime
GetDoubleClickTime
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetDesktopWindow
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
EnumWindows
ShowWindow
SendMessageTimeoutA
RegisterWindowMessageA
GetWindowTextA
GetClassNameA
EnumChildWindows
PostQuitMessage
DefWindowProcA
DestroyWindow
SetWindowLongA
TranslateAcceleratorA
LoadAcceleratorsA
LoadIconA
LoadCursorA
GetForegroundWindow
FindWindowExA
KillTimer
SetTimer
IsWindowVisible
EndPaint
BeginPaint
SendMessageA
MessageBoxA
CreateWindowExA
RegisterClassExA
TranslateMessage
LoadStringA
DispatchMessageA
GetMessageA
GetMenuDefaultItem

gdi32

DPtoLP
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
GetTextExtentPoint32A
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
GetRgnBox
PatBlt
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceA
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateFontIndirectA
CreateHatchBrush
CreateSolidBrush
SetWindowExtEx
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
EnumFontFamiliesExA
GetDeviceCaps
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectA
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
DeleteObject
CreateDCA
CopyMetaFileA
ScaleWindowExtEx

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyExA
RegOpenKeyA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA

shell32

DragFinish
SHGetFolderPathA
SHGetFolderPathW
SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHAppBarMessage
DragQueryFileA
ShellExecuteA
SHBrowseForFolderA
SHGetSpecialFolderLocation

comctl32

ImageList_GetIconSize

shlwapi

UrlUnescapeA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathFileExistsA
PathRemoveFileSpecW

ole32

ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoInitializeEx
CreateStreamOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
DoDragDrop
CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateInstance
RevokeDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop

oleaut32

SysAllocString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
SysStringLen
VarBstrCmp
VariantClear
VariantInit
SysAllocStringLen
SysFreeString

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode

netapi32

NetScheduleJobAdd

wininet

InternetCanonicalizeUrlA
InternetQueryOptionA
InternetQueryDataAvailable
InternetOpenUrlA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetCrackUrlA

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
ObjectFromLresult
LresultFromObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf7e40f2e58a1d7c409cbcfd627d0c4e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

netapi32

wininet

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 284KB - Virtual size: 284KB

.data Size: 25KB - Virtual size: 55KB

.rsrc Size: 194KB - Virtual size: 193KB

.reloc Size: 175KB - Virtual size: 175KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 284KB - Virtual size: 284KB

.data
Size: 25KB - Virtual size: 55KB

.rsrc
Size: 194KB - Virtual size: 193KB

.reloc
Size: 175KB - Virtual size: 175KB