71a302bffe379110404ed979320df0a2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

71a302bffe379110404ed979320df0a2_JaffaCakes118
Size

86KB
MD5

71a302bffe379110404ed979320df0a2
SHA1

2def84a51c53d5cecd7249866f68af7c214acd3a
SHA256

3fad95d832ed8870dff5c72e0d30255af33631695ea6a1c7f12f0e8d30ed2923
SHA512

2e2b39f61175259d24bd0cff7cbbea82c310a95dc6204ec5a8fc8375cb96e051d78300c3deb7f173105660f3a113e3477c2bd52e6c301bd2a838b97f6ef893e5
SSDEEP

1536:n7T8wPP7s3HCjN5mzyx2KDnSn/DaSJRzdlS18IFITujBumSDSDDSwVAOSrLEb:nP1YXiEzyxxDPSJRhIFckBum2+XVzSr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71a302bffe379110404ed979320df0a2_JaffaCakes118

Files

71a302bffe379110404ed979320df0a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

325c5bf5c9f49525c03bf170926daf9e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BlockInput
DdeDisconnect
DlgDirSelectExW
MoveWindow
WaitForInputIdle
GetPropW
OemToCharBuffW
DestroyMenu
IsDialogMessageW
OpenClipboard
DdeCreateDataHandle
GetForegroundWindow
EnumPropsA
MapDialogRect
ShowCursor
EnumPropsW
SwitchDesktop
DefFrameProcA
CharNextA
GetWindow
CreateWindowStationA
GetInputDesktop
GetDlgItem
UpdateWindow
ShowWindow
GetWindowTextA
EnumPropsExA
GetDC
InvalidateRgn
SetWindowsHookA
ChangeClipboardChain
EditWndProc
SetPropW
PackDDElParam
DdeAddData
GetKeyboardType
CreateMDIWindowA
WINNLSGetEnableStatus
UnregisterClassA
GetMessageTime
DestroyIcon
GetClassInfoA
DefMDIChildProcW
RegisterClipboardFormatA
EnumChildWindows
VkKeyScanExW
IsCharLowerW
GetClassInfoW
GetMenuItemID
DdeKeepStringHandle
DrawEdge
EqualRect
InsertMenuA
OpenWindowStationA
GetIconInfo
IsCharLowerA
IsDlgButtonChecked
WindowFromDC
DispatchMessageA
IsWindowVisible
DdeQueryStringW
GetMenuCheckMarkDimensions
GetClipboardFormatNameW
UnregisterHotKey
DefMDIChildProcA
GetCursor
ScreenToClient
TileWindows
SendIMEMessageExW
TranslateMDISysAccel
GetKeyState
GetParent
GetOpenClipboardWindow
DrawAnimatedRects
GetWindowModuleFileNameA
CharToOemW
DrawIcon
TabbedTextOutA
CharLowerBuffA
ScrollWindowEx
DdeSetQualityOfService
SetDlgItemTextA
IsChild
SetWindowsHookExA
DeleteMenu
SendMessageTimeoutW
MapVirtualKeyA
FindWindowW
UnionRect
TileChildWindows
CreateIconFromResource
GetClipCursor
BroadcastSystemMessageA
GetMenu
GetGUIThreadInfo
GetGuiResources
GetMessageA
GetComboBoxInfo
WindowFromPoint
DestroyCursor
GetKeyNameTextW
DlgDirSelectComboBoxExA
LoadIconA
ExitWindowsEx
EnumWindowStationsW
CallMsgFilter
ExcludeUpdateRgn
SetWindowContextHelpId
OemToCharA
CreatePopupMenu
GetUserObjectInformationW
ModifyMenuA
InsertMenuItemW
PeekMessageW
GetClipboardData
SetActiveWindow
EnumDisplaySettingsW
SetParent
GetAncestor
BeginDeferWindowPos
BroadcastSystemMessage
CheckMenuItem
PostThreadMessageW
RemoveMenu
GetUpdateRgn
ToAsciiEx
SetScrollPos
SetUserObjectInformationA
SetClassLongW
GetCursorPos
IsCharAlphaW
PostThreadMessageA
RealGetWindowClass
DdeQueryNextServer

advapi32

ConvertSecurityDescriptorToAccessA
RegLoadKeyA
RegQueryInfoKeyA
EqualPrefixSid
RegCreateKeyA
GetSidIdentifierAuthority
QueryServiceConfigA
MakeSelfRelativeSD
RegReplaceKeyW
RegDeleteValueA
EqualSid
CryptAcquireContextA
GetTrusteeNameW
GetSidLengthRequired
CryptSetHashParam
EnumServicesStatusW
OpenSCManagerA
AddAccessDeniedAce
SetPrivateObjectSecurity
CloseServiceHandle
CreateServiceA
OpenBackupEventLogA
LookupPrivilegeValueW
RegUnLoadKeyW
AreAnyAccessesGranted
RegQueryInfoKeyW
GetCurrentHwProfileA
OpenServiceW
RegSetValueExW
ConvertSecurityDescriptorToAccessNamedW
GetFileSecurityW
PrivilegeCheck
GetFileSecurityA
CryptSignHashA
CryptEnumProviderTypesA
SetNamedSecurityInfoA
RegisterEventSourceW
SetAclInformation
MakeAbsoluteSD
GetNamedSecurityInfoExW
SetSecurityInfoExW
CryptGetHashParam
GetTrusteeTypeW
ObjectCloseAuditAlarmW
GetSecurityInfoExA
GetSidSubAuthorityCount
GetServiceDisplayNameA
InitializeSecurityDescriptor
AllocateAndInitializeSid
CryptSetKeyParam
RegEnumKeyA
ReadEventLogW
OpenEventLogW
SetThreadToken
LookupPrivilegeValueA
GetSecurityDescriptorDacl
ReportEventW
TrusteeAccessToObjectW
RegOpenKeyExW
RegCreateKeyExA
ReportEventA
GetSecurityDescriptorControl
SetServiceBits
ObjectDeleteAuditAlarmW
ConvertAccessToSecurityDescriptorA
ObjectDeleteAuditAlarmA
RegRestoreKeyA
BuildImpersonateExplicitAccessWithNameA
SetFileSecurityW
GetAuditedPermissionsFromAclW
SetTokenInformation
SetSecurityDescriptorSacl
RegSetValueExA
GetTrusteeTypeA
SetSecurityInfo
ChangeServiceConfigW
RegQueryMultipleValuesW
ImpersonateLoggedOnUser
AccessCheckAndAuditAlarmA
GetNamedSecurityInfoA
IsValidSecurityDescriptor
ClearEventLogW
QueryServiceStatus
LookupSecurityDescriptorPartsA
GetNamedSecurityInfoW
AllocateLocallyUniqueId
RegisterEventSourceA
RegOpenKeyA
SetEntriesInAclW
AccessCheck
BuildSecurityDescriptorA
CreateProcessAsUserA
RegisterServiceCtrlHandlerW
LookupAccountSidA
MapGenericMask
GetPrivateObjectSecurity
LookupAccountNameA
RegDeleteKeyA
StartServiceW
CryptSetProviderExA
GetNamedSecurityInfoExA
InitiateSystemShutdownW
CryptGetKeyParam
SetKernelObjectSecurity
RegDeleteKeyW
SetEntriesInAccessListA
StartServiceA
DuplicateTokenEx
OpenSCManagerW
GetServiceKeyNameW
CryptHashData
RegUnLoadKeyA
RegLoadKeyW
ConvertAccessToSecurityDescriptorW
BuildExplicitAccessWithNameW
LookupPrivilegeNameW
GetSidSubAuthority
ChangeServiceConfigA
DuplicateToken
EnumServicesStatusA
LookupSecurityDescriptorPartsW

shlwapi

PathGetArgsW
UrlGetPartA
PathCompactPathA
SHCopyKeyW
StrTrimA
StrRChrW
wnsprintfW
StrDupA
SHSetThreadRef
SHRegQueryUSValueA
PathAddBackslashA
UrlIsW
SHRegQueryUSValueW
SHRegEnumUSKeyA
PathIsPrefixW
PathMatchSpecW
UrlIsA
SHRegCreateUSKeyW
UrlHashW
PathMakePrettyW
PathIsSameRootA
PathFindNextComponentA
SHRegCreateUSKeyA
SHRegEnumUSValueA
PathUnquoteSpacesA
SHRegDuplicateHKey
SHRegGetBoolUSValueA
HashData
StrFormatByteSizeW
PathRemoveBackslashA
PathRelativePathToW
StrToIntA
SHRegOpenUSKeyA
PathGetDriveNumberA
PathFindNextComponentW
PathIsLFNFileSpecW
SHGetValueA
PathFindExtensionA
PathStripPathA
UrlCanonicalizeA
StrRetToBufW
wvnsprintfW
PathFindFileNameW
UrlIsNoHistoryA
SHDeleteKeyW
PathFindSuffixArrayW
UrlUnescapeA
SHGetInverseCMAP
PathMakePrettyA
PathBuildRootA
PathGetCharTypeW
UrlCanonicalizeW
StrIsIntlEqualA
PathAppendW
PathCompactPathExA
PathIsURLW
PathUnmakeSystemFolderW
IntlStrEqWorkerA
StrFromTimeIntervalA
PathIsUNCServerShareW
IntlStrEqWorkerW
PathCombineW
UrlApplySchemeW
PathIsUNCW
StrNCatA
PathIsPrefixA
StrFormatKBSizeA
StrPBrkW
UrlCombineW
PathRenameExtensionA
StrStrIA
PathCanonicalizeA
PathIsURLA
PathSetDlgItemPathA
PathMakeSystemFolderA
PathIsRootA
UrlCreateFromPathW
PathFindSuffixArrayA
PathSetDlgItemPathW
SHRegGetBoolUSValueW
SHStrDupA
StrToIntExW
PathParseIconLocationA
PathIsContentTypeA
SHRegDeleteEmptyUSKeyA
SHEnumValueA
ColorRGBToHLS
PathCompactPathExW
SHIsLowMemoryMachine
StrCSpnW
StrRetToStrA
PathStripToRootA
AssocQueryStringA
StrChrIW
StrToIntW
SHDeleteKeyA
StrRetToStrW
PathSearchAndQualifyW
PathCreateFromUrlW
StrStrA
SHRegQueryInfoUSKeyA
SHEnumValueW
PathFindFileNameA
AssocQueryKeyW
StrSpnW
SHQueryValueExW
SHRegWriteUSValueW
PathMakeSystemFolderW
PathFindExtensionW
PathUnquoteSpacesW

kernel32

IsBadHugeReadPtr
SetTimeZoneInformation
GetThreadPriority
Heap32ListFirst
PeekNamedPipe
LCMapStringA
IsBadHugeWritePtr
IsBadCodePtr
SetConsoleActiveScreenBuffer
lstrlenA
lstrcatW
IsProcessorFeaturePresent
SearchPathW
CreateDirectoryA
GlobalSize
SetSystemTime
VirtualProtectEx
GetQueuedCompletionStatus
HeapDestroy
GetConsoleMode
WriteFileEx
SleepEx
CancelDeviceWakeupRequest
GetPrivateProfileStringW
GetModuleHandleA
ReadFile
RequestDeviceWakeup
CreateToolhelp32Snapshot
CreateDirectoryW
GetWriteWatch
LocalLock
BuildCommDCBW
MoveFileExA
GlobalHandle
RaiseException
BeginUpdateResourceA
MapViewOfFileEx
VirtualQueryEx
GetLocaleInfoW
GetThreadLocale
CompareStringW
FindFirstFileW
HeapWalk
ReadFileScatter
ReadProcessMemory
ReadConsoleA
GetExitCodeThread
FlushConsoleInputBuffer
GetPrivateProfileIntW
VirtualAlloc
Sleep
GetNamedPipeHandleStateW
GetFileSize
GlobalFix
LocalFileTimeToFileTime
QueryDosDeviceA
SetFileAttributesW
PurgeComm
GetSystemDefaultLCID
VirtualProtect
EnumDateFormatsExA
CreateMailslotA
CopyFileExW
VirtualLock
QueryDosDeviceW
TlsGetValue
ConnectNamedPipe
FindResourceW
GetLongPathNameW
FreeLibraryAndExitThread
CreateEventA
MoveFileA
SetPriorityClass
LocalReAlloc
GetCPInfoExA
OpenFileMappingW
InitializeCriticalSectionAndSpinCount
ResumeThread
EnumCalendarInfoA
SetConsoleTitleW
RemoveDirectoryA
SetCalendarInfoW
ExitProcess
SetHandleInformation
ExpandEnvironmentStringsA
SetConsoleScreenBufferSize
GetStartupInfoW
DosDateTimeToFileTime
lstrcmpA
GetDiskFreeSpaceA
SetConsoleCursorInfo
GetProcAddress
SetNamedPipeHandleState
GetTimeFormatW
ReadConsoleInputW
SetTapePosition
GetCompressedFileSizeW
AddAtomA
IsDebuggerPresent
GetNumberOfConsoleInputEvents
GetCurrencyFormatA
LocalAlloc
OpenMutexW
FillConsoleOutputCharacterW
GlobalGetAtomNameW
EnumSystemCodePagesW
IsDBCSLeadByte
ReadFileEx
EndUpdateResourceW
WinExec
CallNamedPipeA
GetLogicalDrives
SetThreadPriority
CreateMutexW
WaitForSingleObject
GetDriveTypeA
SetCommConfig
GetCommTimeouts
SetStdHandle

ole32

OleIsRunning
CoRevertToSelf
CreateDataAdviseHolder
OleRun
OleDraw
CoDisconnectObject
OleSaveToStream
CoUninitialize
CreatePointerMoniker
ReadFmtUserTypeStg
OleConvertIStorageToOLESTREAM
CoCreateGuid
OleCreateLinkFromDataEx
OleCreateDefaultHandler
OleRegGetUserType
CoRegisterPSClsid
SetDocumentBitStg
CreateItemMoniker
CoRevokeClassObject
StgIsStorageILockBytes
UtConvertDvtd16toDvtd32
OleCreate
PropVariantClear
CreateFileMoniker
SetConvertStg
OleRegEnumVerbs
OleCreateStaticFromData
StgGetIFillLockBytesOnILockBytes
OleSetContainedObject
CoGetCallerTID
OleBuildVersion
OleLoad
OleCreateLinkEx
CoRegisterClassObject
GetDocumentBitStg
OleConvertIStorageToOLESTREAMEx
OleCreateLinkFromData
CoCreateFreeThreadedMarshaler
CoMarshalInterface
CreateObjrefMoniker
StgCreateStorageEx
CoLoadLibrary
CoGetStandardMarshal
CoQueryReleaseObject
OleLockRunning
CoGetPSClsid
DllDebugObjectRPCHook
OleNoteObjectVisible
CoGetCallContext
StgCreateDocfileOnILockBytes
StringFromIID
FreePropVariantArray
ProgIDFromCLSID
StgGetIFillLockBytesOnFile
OleUninitialize
CoInitialize
CoRegisterChannelHook
WriteFmtUserTypeStg
WriteClassStm
OleConvertOLESTREAMToIStorageEx
CoMarshalInterThreadInterfaceInStream
CoReleaseMarshalData
OleGetIconOfFile
OleCreateEmbeddingHelper
CoRevokeMallocSpy
CoSwitchCallContext
OpenOrCreateStream
OleRegEnumFormatEtc
UpdateDCOMSettings
OleCreateMenuDescriptor
OleCreateLink
CreateILockBytesOnHGlobal
CLSIDFromString
OleCreateEx
CoQueryAuthenticationServices
CoReleaseServerProcess
GetRunningObjectTable
ReleaseStgMedium
RevokeDragDrop
OleCreateFromFileEx
CoInitializeSecurity
WriteStringStream
ReadClassStm
CoGetInstanceFromIStorage
CoGetMalloc
OleLoadFromStream
OleSetClipboard
OleCreateLinkToFileEx
OleMetafilePictFromIconAndLabel
CreateClassMoniker
GetHookInterface
CLSIDFromProgID
GetConvertStg
OleGetAutoConvert
CoUnmarshalInterface
PropVariantCopy
GetHGlobalFromILockBytes
CoFreeAllLibraries
WriteClassStg
CoLockObjectExternal
CoTaskMemFree

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 171B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

325c5bf5c9f49525c03bf170926daf9e

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

shlwapi

kernel32

ole32

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 171B

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 171B