72e9748ad1e9fa1a584c0b45e05af97b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

72e9748ad1e9fa1a584c0b45e05af97b_JaffaCakes118
Size

987KB
MD5

72e9748ad1e9fa1a584c0b45e05af97b
SHA1

8424a7eb4a17512c1909fd72d034f7add9366c8b
SHA256

70fedb13b445b6406e895fa92128906ef3c582048bdc1f282f44ad98775ede5a
SHA512

366660d41728bee6778cfbbb04d37193651cda70dfa74e662f8b106dd67a3a8efd2ea6fa57ceaab894fb29d1fbe72d3ee17ad433d6ec47c8c75043a52c2503cf
SSDEEP

12288:sLW9KdCDmlTCe6xSwoSk9Os7bBl2sL7EffMo8HRZBLH/u0c5BC:sLxdCqTCX8pOeCPKHRZh/u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72e9748ad1e9fa1a584c0b45e05af97b_JaffaCakes118

Files

72e9748ad1e9fa1a584c0b45e05af97b_JaffaCakes118
.exe windows:6 windows x86 arch:x86

b87d4d1404db39d60f663640e7199a07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

WMPDMC.pdb

Imports

advapi32

EventWrite
TraceMessage
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
EventRegister
EventUnregister
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
RegDeleteValueW
RegQueryInfoKeyW
RegEnumKeyExW
GetSecurityDescriptorOwner
ConvertSidToStringSidW
ImpersonateLoggedOnUser
RevertToSelf
RegEnumValueW
GetSecurityDescriptorDacl
OpenProcessToken
GetTokenInformation
ConvertStringSecurityDescriptorToSecurityDescriptorW
TraceEvent
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
SetNamedSecurityInfoW

kernel32

DeleteTimerQueueTimer
DeleteTimerQueueEx
CreateTimerQueue
CreateTimerQueueTimer
GetTempPathW
GetVersionExW
GetProductInfo
MulDiv
GlobalLock
GlobalUnlock
GetCommandLineW
MultiByteToWideChar
LoadLibraryExW
GetCurrentThreadId
RegisterApplicationRestart
HeapSetInformation
PowerCreateRequest
PowerSetRequest
WaitForMultipleObjects
ResetEvent
PowerClearRequest
CompareStringW
GetTickCount64
CompareStringOrdinal
SetErrorMode
FreeLibrary
Sleep
OpenEventW
GetTickCount
TryEnterCriticalSection
lstrcmpiW
OutputDebugStringA
OpenMutexW
CreateMutexW
ReleaseMutex
GetFileAttributesExW
CompareFileTime
FreeResource
GetFileSize
GetThreadPriority
SetThreadPriority
FileTimeToSystemTime
FileTimeToDosDateTime
GetModuleFileNameW
FindNextFileW
FindClose
GetTempFileNameW
DeleteFileW
GetLongPathNameW
VirtualFree
OpenFileMappingW
VirtualAlloc
GetCurrentThread
SetFileAttributesW
CreateDirectoryW
SetFilePointerEx
WriteFile
ReadFile
GetSystemTime
SystemTimeToFileTime
ExpandEnvironmentStringsW
CreateFileW
GetFileSizeEx
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
DebugBreak
VirtualQueryEx
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
TlsSetValue
TlsAlloc
TlsFree
GetThreadUILanguage
GetUserDefaultUILanguage
GetLocaleInfoW
SetProcessWorkingSetSize
GetSystemDirectoryW
LocalAlloc
FindAtomW
GetModuleHandleExW
FreeLibraryAndExitThread
GetThreadLocale
IsProcessorFeaturePresent
GetAtomNameW
OutputDebugStringW
DeleteAtom
AddAtomW
TlsGetValue
GetDurationFormatEx
GetSystemPowerStatus
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
WideCharToMultiByte
InterlockedExchange
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
HeapAlloc
GetProcessHeap
HeapFree
EnterCriticalSection
LeaveCriticalSection
RaiseException
LoadLibraryA
GetModuleHandleA
LoadLibraryW
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetVersion
LocalFree
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
CloseHandle
CreateThread
DuplicateHandle
GetCurrentProcess
GetLastError
CreateEventW
WaitForSingleObject
SetEvent
FormatMessageW
InterlockedIncrement
InterlockedDecrement
GlobalFree
GlobalAlloc
InitializeCriticalSection
SetLastError
lstrlenW
FindFirstFileW
DeleteCriticalSection

gdi32

GetBkColor
OffsetWindowOrgEx
GetBkMode
RectVisible
GetPixel
DeleteEnhMetaFile
PatBlt
CreateSolidBrush
GdiGradientFill
GdiTransparentBlt
SetBkMode
SetBkColor
SetTextColor
GetCurrentObject
SetTextAlign
GetTextAlign
GetLayout
SetStretchBltMode
PlayEnhMetaFile
GetTextColor
ExtTextOutW
GetTextExtentPoint32W
SetBrushOrgEx
GetBrushOrgEx
RealizePalette
SelectPalette
CreateHalftonePalette
GetDIBits
GetStockObject
CreatePatternBrush
SetLayout
SetWindowOrgEx
CreateDIBPatternBrushPt
StretchDIBits
LPtoDP
CreateFontIndirectW
DeleteDC
BitBlt
SelectObject
CreateBitmap
GetObjectW
CreateCompatibleDC
CreateDIBSection
DeleteObject
Polyline
CreatePen
GdiAlphaBlend
CreateCompatibleBitmap
GetDeviceCaps
StretchBlt
GetTextExtentPointW
GetTextMetricsW
CreateRectRgn
OffsetRgn
GetRgnBox
GetRegionData
ExtCreateRegion
CombineRgn

user32

SetTimer
CreateDialogParamW
LoadStringW
SystemParametersInfoW
GetSysColor
SendMessageW
GetDoubleClickTime
GetCursorPos
RegisterClipboardFormatW
LoadCursorW
OffsetRect
MonitorFromRect
GetMonitorInfoW
ScreenToClient
IsRectEmpty
InvalidateRect
SetRectEmpty
GetSystemMetrics
PostMessageW
PostThreadMessageW
GetWindowLongW
SetWindowLongW
GetDC
ReleaseDC
UnregisterClassA
PtInRect
KillTimer
GetParent
SetCursor
FrameRect
CharUpperA
CharUpperW
CreateIconIndirect
SetRect
DestroyIcon
IsWindow
MsgWaitForMultipleObjects
PeekMessageW
GetKeyState
GetScrollInfo
SetScrollInfo
EnableWindow
GetWindowRgnBox
SetWindowRgn
UpdateWindow
GetClassLongW
GetWindowTextLengthW
GetWindowTextW
RedrawWindow
IsChild
SetParent
CallWindowProcW
GetPropW
SetPropW
RemovePropW
SetFocus
GetFocus
RegisterWindowMessageW
IsCharAlphaNumericW
GetMessagePos
EnumChildWindows
MonitorFromWindow
NotifyWinEvent
DrawFocusRect
DrawIconEx
IntersectRect
MapVirtualKeyW
GetKeyNameTextW
DrawTextW
InflateRect
LoadImageW
DefWindowProcW
CreateWindowExW
GetClassInfoExW
RegisterClassExW
SetProcessDPIAware
LoadAcceleratorsW
TranslateAcceleratorW
CharNextW
GetForegroundWindow
mouse_event
BringWindowToTop
SetWindowTextW
IsDialogMessageW
TranslateMessage
DispatchMessageW
LoadMenuW
EnableMenuItem
GetSubMenu
TrackPopupMenu
DestroyMenu
DestroyWindow
PostQuitMessage
MapWindowPoints
GetClientRect
AdjustWindowRectEx
SetWindowPos
ShowWindow
SetForegroundWindow
GetIconInfo
EqualRect
CopyRect
GetWindowRect
ClientToScreen
FillRect
GetSysColorBrush
DrawFrameControl

msvcrt

_wcmdln
_initterm
_amsg_exit
__setusermatherr
__p__commode
wcsrchr
wcsspn
_wcstoui64
_vsnwprintf
_wcsicmp
memmove
_ftol2_sse
qsort
wcstol
_wcsdup
iswalpha
_wcsnicmp
_vsnprintf
iswalnum
_isnan
exit
wcstok_s
wcstoul
ceil
_XcptFilter
_exit
_cexit
__wgetmainargs
_time64
__p__fmode
__set_app_type
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_except_handler4_common
_unlock
__dllonexit
_ftol2
towupper
_lock
_onexit
realloc
_errno
_controlfp
wcsncpy_s
malloc
wcschr
wcsstr
qsort_s
??_U@YAPAXI@Z
calloc
free
memset
memcpy
vswprintf_s
_vscwprintf
??2@YAPAXI@Z
memmove_s
_CxxThrowException
memcpy_s
__CxxFrameHandler3
_purecall
??_V@YAXPAX@Z
??3@YAXPAX@Z

oleaut32

SafeArrayCreateVector
SafeArrayGetDim
SysFreeString
SysStringLen
VarBstrCmp
SysAllocStringLen
VariantInit
SafeArrayGetVartype
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
SysAllocString
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreate
VarUI4FromStr
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
VariantClear
SafeArrayUnaccessData

ole32

OleInitialize
ReleaseStgMedium
OleUninitialize
CoTaskMemRealloc
CoDisconnectObject
CLSIDFromString
CoCreateInstance
CoTaskMemFree
CreateStreamOnHGlobal
CoUninitialize
CoInitializeEx
PropVariantClear
RevokeDragDrop
RegisterDragDrop
StringFromGUID2
CoCreateGuid
CoTaskMemAlloc

shell32

SHCreateItemWithParent
SHCreateShellItemArrayFromDataObject
SHGetPropertyStoreForWindow
ord88
SHCreateItemFromParsingName
ord74
SHCreateDataObject

shlwapi

SHCreateStreamOnFileW
ord213
ord219
SHStrDupW
StrFormatByteSizeW
ord437
PathFindExtensionW
PathIsUNCW
StrCmpNW
PathFindFileNameW
StrStrIW
PathFileExistsW
PathAppendW
AssocGetPerceivedType

gdiplus

GdipAlloc
GdipCreateImageAttributes
GdipDeleteGraphics
GdipFree
GdipCloneImage
GdiplusStartup
GdiplusShutdown
GdipDrawImageRectRectI
GdipSetInterpolationMode
GdipGetImageGraphicsContext
GdipSetImageAttributesWrapMode
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHICON
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDisposeImageAttributes

uxtheme

BufferedPaintClear
GetBufferedPaintBits
BeginBufferedPaint
ord47
IsAppThemed
BufferedPaintUnInit
DrawThemeTextEx
GetThemePartSize
GetThemeMetric
GetThemeColor
GetThemeFont
GetThemeMargins
GetThemeAppProperties
BufferedPaintInit
OpenThemeData
CloseThemeData
EndBufferedPaint

wmpdui

MapGadgetPoints
GetStdColorBrushI
GetStdColorI
FindStdColor
GetDUserModule
DisableContainerHwnd
GetGadgetTicket
SetGadgetRootInfo
DUserFlushDeferredMessages
DUserFlushMessages
InitGadgets
SetGadgetBufferInfo
CreateAction
ForwardGadgetMessage
GetGadgetRgn
DetachWndProc
AttachWndProcW
UtilDrawBlendRect
SetGadgetParent
InvalidateGadget
CreateGadget
SetGadgetMessageFilter
SetGadgetFocusEx
FindGadgetFromPoint
BuildInterpolation
BuildAnimation
SetGadgetRect
GetGadgetSize
GetGadgetFocus
SetGadgetFocus
DeleteHandle
SetGadgetStyle
GetGadgetAnimation
GetGadgetRect
DUserPostEvent
DUserSendEvent
GetMessageExW
LookupGadgetTicket

winhttp

WinHttpCrackUrl
WinHttpSetOption
WinHttpQueryHeaders
WinHttpReadData
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetDefaultProxyConfiguration
WinHttpCloseHandle
WinHttpSendRequest
WinHttpSetCredentials
WinHttpTimeFromSystemTime
WinHttpSetStatusCallback
WinHttpAddRequestHeaders
WinHttpOpenRequest
WinHttpConnect
WinHttpSetTimeouts
WinHttpOpen
WinHttpReceiveResponse
WinHttpWriteData

powrprof

GetPwrCapabilities
PowerDeterminePlatformRole

ntdll

RtlAllocateHeap
NtQuerySystemTime
RtlFreeHeap

oleacc

GetRoleTextW
ObjectFromLresult
LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

dwmapi

DwmIsCompositionEnabled

windowscodecs

WICCreateImagingFactory_Proxy

Sections

.text
Size: 657KB - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 76KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sxxwqis
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b87d4d1404db39d60f663640e7199a07

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

gdi32

user32

msvcrt

oleaut32

ole32

shell32

shlwapi

gdiplus

uxtheme

wmpdui

winhttp

powrprof

ntdll

oleacc

dwmapi

windowscodecs

Sections

.text Size: 657KB - Virtual size: 656KB

.data Size: 2KB - Virtual size: 11KB

.rsrc Size: 250KB - Virtual size: 249KB

.reloc Size: 76KB - Virtual size: 77KB

sxxwqis Size: - Virtual size: 4KB

.text
Size: 657KB - Virtual size: 656KB

.data
Size: 2KB - Virtual size: 11KB

.rsrc
Size: 250KB - Virtual size: 249KB

.reloc
Size: 76KB - Virtual size: 77KB

sxxwqis
Size: - Virtual size: 4KB