7742e2ffa9b5286978a15108dc8c92fa_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7742e2ffa9b5286978a15108dc8c92fa_JaffaCakes118
Size

96KB
MD5

7742e2ffa9b5286978a15108dc8c92fa
SHA1

7621c66c63fe2821b9683eae30e44a30ed41c193
SHA256

de5b07acb37db22dbc07b3aad3e3a5356f7c87d2d0579f77b4ead7377cdaa959
SHA512

c3a303554418cfe6a21de695d1df490c1bcf56ae1cc62dbca213622e7fcbefd52aa6c2680d7eca2dbb79b597ca8f3e6dba1f19c6cbbb1456445ff5907caf28df
SSDEEP

1536:6IOuB+36s9VdzCaWooawToTM25KmU0VDoL2X27rgJu1:5OuB+VHzloaw4Kj0VDy2XIrL1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7742e2ffa9b5286978a15108dc8c92fa_JaffaCakes118

Files

7742e2ffa9b5286978a15108dc8c92fa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6b98fe08eaf97fab40ca6451b7b8707e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

cryptui

CryptUIDlgViewCertificateW

msvcrt

strchr
_vsnwprintf
__dllonexit
wcschr
_onexit
_fileno
floor
_itoa
iswctype
wcstombs
_wtoi
fclose
isdigit
toupper
strtoul
_initterm
_purecall
towlower
realloc
_CxxThrowException
_strlwr
_isatty
malloc
_wcslwr
_lseeki64
_XcptFilter
ceil
bsearch
__badioinfo
_wcsnicmp
wcstok
_errno
srand
_read
_resetstkoflw
_adjust_fdiv
localeconv
strncmp
strtok
_wcsicmp
_lock
memcpy
free
wctomb
_unlock
calloc
_snprintf
_amsg_exit
wcsstr
wcsncmp
ferror
_stricmp
_strnicmp
__mb_cur_max
iswalnum
_write
_wtol
isleadbyte
iswdigit
ungetc
wcspbrk
_vsnprintf
wcsrchr
time
memset
_iob
printf
__pioinfo
isxdigit
memmove
mbtowc

ntdll

NtAllocateVirtualMemory
RtlLookupElementGenericTable
VerSetConditionMask
RtlAreBitsSet
RtlFindClearBitsAndSet
RtlGetLastNtStatus
RtlInitializeBitMap
RtlDeleteElementGenericTable
RtlDeleteResource
RtlEnumerateGenericTableWithoutSplaying
NtReadFile
RtlInsertElementGenericTable
RtlUnwind
NtDeviceIoControlFile
RtlEnumerateGenericTable
RtlClearBits
NtOpenFile
RtlAcquireResourceExclusive
RtlInitializeCriticalSection
RtlReleaseResource
RtlAcquireResourceShared
RtlInitializeGenericTable
RtlInitUnicodeString
NtWriteFile

ws2_32

WSALookupServiceNextW
getaddrinfo
WSAIoctl
freeaddrinfo
WSANSPIoctl
WSALookupServiceEnd
WSALookupServiceBeginW

advapi32

RegCreateKeyW
GetSecurityDescriptorLength
RegFlushKey
CredUnmarshalCredentialW
CryptReleaseContext
TraceMessage
RegDeleteValueW
CredWriteDomainCredentialsW
GetTraceEnableLevel
GetUserNameW
CryptGenRandom
RegCloseKey
RegisterTraceGuidsW
CredReadDomainCredentialsW
RegEnumKeyExA
SetFileSecurityW
GetUserNameA
CryptAcquireContextW
CredReadW
RegQueryInfoKeyW
CredFree
GetFileSecurityW
RegQueryValueExA
RegDeleteValueA
GetTraceEnableFlags
RegCreateKeyExA
UnregisterTraceGuids
RegConnectRegistryW
RegOpenKeyExA
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyA
RegSetValueExW
RegSetValueExA
RegEnumValueW
RegQueryInfoKeyA
CredGetSessionTypes
CredWriteW
RegOpenKeyW
CredDeleteW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
GetTraceLoggerHandle

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceInstanceIdW
SetupDiCreateDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiOpenDevRegKey
SetupDiGetClassDevsW
SetupDiOpenClassRegKeyExW
SetupDiEnumDeviceInfo
SetupDiOpenDeviceInfoW
SetupDiDestroyDeviceInfoList

credui

CredUIPromptForCredentialsW
CredUIParseUserNameW

ole32

CoTaskMemAlloc
OleInitialize
CreateOleAdviseHolder
OleRegEnumVerbs
OleGetClipboard
CoTaskMemFree
OleRegGetUserType
CreateDataAdviseHolder
CoInitializeEx
OleSaveToStream
CoTaskMemRealloc
CLSIDFromString
OleUninitialize
CoCreateInstance
ReleaseStgMedium
StringFromCLSID
OleRegGetMiscStatus
CoGetMalloc
CoInitialize
OleIsCurrentClipboard
OleSetClipboard
WriteClassStm
OleLoadFromStream
CoUninitialize

winmm

waveOutPrepareHeader
waveOutGetVolume
waveOutGetPitch
waveOutReset
waveOutWrite
waveOutSetVolume
waveOutUnprepareHeader
waveOutOpen
waveOutClose

shlwapi

PathRemoveFileSpecW

kernel32

GetSystemTime
WaitForMultipleObjects
GetModuleHandleA
GetFullPathNameW
ReleaseSemaphore
GetOverlappedResult
CreateSemaphoreW
CreateFileW
InterlockedExchange
lstrcatW
QueryPerformanceCounter
FindResourceExW
InterlockedDecrement
GlobalLock
Sleep
CreateDirectoryW
LoadResource
FreeResource
GetFileInformationByHandle
GlobalAddAtomW
DeleteCriticalSection
GetDefaultCommConfigW
OpenThread
UnlockFile
GlobalHandle
FindCloseChangeNotification
LocalFree
LoadLibraryA
GetLocaleInfoW
HeapDestroy
GetTimeZoneInformation
CancelIo
FlushInstructionCache
GetCommTimeouts
FlushFileBuffers
LockFileEx
GetCommMask
GetUserDefaultUILanguage
EnterCriticalSection
CreateEventW
GetComputerNameW
QueryDosDeviceW
LoadLibraryW
lstrcmpA
SetCommMask
SetFileTime
WaitCommEvent
SetEvent
GetACP
DeviceIoControl
ClearCommError
FindNextFileW
GetDiskFreeSpaceW
GetSystemDirectoryA
lstrcpynW
GetModuleFileNameW
HeapFree
GetCommModemStatus
WideCharToMultiByte
GetVersionExW
LoadLibraryExW
GetVersion
GetTempFileNameW
GetComputerNameA
FormatMessageW
SetFilePointer
GetCommConfig
ResetEvent
SetCommTimeouts
TlsGetValue
WaitForSingleObject
lstrcmpiA
GetCurrentProcessId
UnmapViewOfFile
LeaveCriticalSection
GetLastError
GetFileAttributesExW
GetFileAttributesW
MulDiv
GetProcAddress
MultiByteToWideChar
SetEndOfFile
FindClose
RaiseException
FindFirstFileW
FindResourceW
SizeofResource
GetSystemInfo
GetSystemDirectoryW
UnhandledExceptionFilter
MoveFileW
TerminateProcess
GetVersionExA
GetTickCount
GetCurrentProcess
OutputDebugStringA
DebugBreak
DeleteFileW
GlobalAlloc
QueueUserWorkItem
ResumeThread
lstrcpyW
WaitForMultipleObjectsEx
lstrcmpW
TlsFree
CreateProcessW
FindFirstChangeNotificationW
LocalAlloc
GetDriveTypeW
VerifyVersionInfoW
DuplicateHandle
InitializeCriticalSection
SystemTimeToFileTime
SetLastError
GlobalUnlock
RemoveDirectoryW
lstrlenA
GetVolumeInformationW
MapViewOfFile
VirtualFree
BindIoCompletionCallback
GetProfileStringW
SearchPathW
VirtualProtect
TransmitCommChar
GetCommState
SetCommState
WriteFile
GetSystemDefaultLangID
GetModuleHandleExW
GlobalFree
CreateFileMappingW
SetErrorMode
DisableThreadLibraryCalls
Beep
CloseHandle
ExpandEnvironmentStringsW
InterlockedCompareExchange
GetTempPathW
lstrcmpiW
SetFileAttributesW
LockResource
LockFile
VirtualAlloc
lstrlenW
PurgeComm
FindNextChangeNotification
GetSystemDefaultUILanguage
GetCommProperties
HeapAlloc
GlobalDeleteAtom
SetupComm
TlsSetValue
FreeLibraryAndExitThread
GetModuleHandleW
CreateMutexW
EscapeCommFunction
CreateThread
GetFileSize
FreeLibrary
GetCurrentThreadId
ReadFile
TlsAlloc
VirtualQuery
GetProcessHeap
GetSystemTimeAsFileTime
InterlockedIncrement
GlobalSize
SetUnhandledExceptionFilter
OutputDebugStringW

crypt32

CryptMsgClose
CertGetCertificateChain
CryptVerifyDetachedMessageSignature
CertFindExtension
CertVerifyCertificateChainPolicy
CryptDecodeObject
CertDuplicateCertificateChain
CryptSignMessage
CertFreeCertificateChain
CryptMsgOpenToDecode
CertOpenStore
CertVerifySubjectCertificateContext
CertFindCertificateInStore
CertCompareCertificate
CertDuplicateCertificateContext
CryptMsgUpdate
CryptBinaryToStringW
CryptStringToBinaryW
CertAddCertificateContextToStore
CertFreeCertificateContext
CertCreateCertificateContext
CryptProtectData
CertGetEnhancedKeyUsage
CertGetCertificateContextProperty
CertGetNameStringW
CertCloseStore

urlmon

CopyStgMedium

gdi32

GetDeviceCaps
GdiDrawStream
SetBitmapBits
SetTextAlign
CreateSolidBrush
DeleteMetaFile
GetObjectW
CreateRectRgnIndirect
SetBrushOrgEx
GetBrushOrgEx
Ellipse
GetStockObject
CreateRectRgn
GetNearestPaletteIndex
GetClipBox
CreateBitmap
GetBkMode
GdiFlush
UpdateColors
GetPaletteEntries
SetBkColor
Rectangle
CreateDIBSection
DeleteDC
CreateDIBitmap
SetROP2
CreatePatternBrush
SelectPalette
RealizePalette
BitBlt
SetDIBColorTable
MoveToEx
GetRgnBox
GetNearestColor
LPtoDP
SelectClipRgn
DeleteObject
CreateCompatibleDC
CreatePolygonRgn
CreateFontIndirectW
ExtSelectClipRgn
LineTo
SetPolyFillMode
PlayMetaFile
SetBkMode
SaveDC
CreateCompatibleBitmap
SetStretchBltMode
CreatePen
GetMapMode
CreatePalette
SetMetaFileBitsEx
CreateMetaFileW
SelectObject
CreateDIBPatternBrushPt
GetMetaFileBitsEx
OffsetRgn
SetWindowOrgEx
CloseMetaFile
SetWindowExtEx
FrameRgn
GetDIBColorTable
SetViewportOrgEx
FillRgn
CombineRgn
SetDCBrushColor
RestoreDC
GetTextAlign
OffsetClipRgn
StretchBlt
SetRectRgn
SetTextColor
PatBlt
CreateDCW
CreateBrushIndirect
SetMapMode
Polygon
StretchDIBits
GetCurrentObject
DPtoLP
GetTextExtentPointW

wininet

InternetGetCookieW

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

iphlpapi

GetBestInterfaceEx

secur32

AcquireCredentialsHandleW
DeleteSecurityContext
GetUserNameExW
DecryptMessage
QuerySecurityPackageInfoW
FreeContextBuffer
FreeCredentialsHandle
QueryContextAttributesW
InitializeSecurityContextW
EncryptMessage

user32

DestroyWindow
DialogBoxParamW
GetMessageExtraInfo
SystemParametersInfoA
SetClipboardData
DefWindowProcW
GetLastActivePopup
GetClipboardFormatNameW
CharLowerW
GetKeyboardState
ReleaseCapture
SetDlgItemTextW
MonitorFromWindow
SetCursorPos
MapVirtualKeyW
GetForegroundWindow
AttachThreadInput
BringWindowToTop
CallWindowProcW
SetWindowPlacement
MsgWaitForMultipleObjectsEx
LoadImageW
GetClassInfoExW
CreateDialogParamW
GetDesktopWindow
RegisterWindowMessageW
DrawTextW
ShowCursor
SetRect
SetWindowRgn
UpdateWindow
GetRawInputData
SetParent
SetRectEmpty
ReleaseDC
GetWindowRect
PeekMessageW
EnableWindow
BeginDeferWindowPos
IsDlgButtonChecked
EnableMenuItem
GetKeyboardType
RegisterClipboardFormatW
FindWindowExW
keybd_event
GetClipboardData
SetScrollPos
SystemParametersInfoW
GetDC
CharPrevW
UnregisterDeviceNotification
GetClientRect
ScreenToClient
GetWindowThreadProcessId
IntersectRect
GetClipboardViewer
IsChild
AdjustWindowRect
SendInput
IsClipboardFormatAvailable
CheckDlgButton
UnregisterClassW
CreateWindowExW
FindWindowW
GetClassInfoW
CreateIconIndirect
EndDeferWindowPos
MessageBeep
FillRect
SetWindowsHookExW
PostQuitMessage
GetCursorPos
IsWindowEnabled
IsWindow
GetKeyState
PostMessageW
SetWindowTextW
SetWindowLongW
CopyRect
EndDialog
GetAsyncKeyState
wsprintfW
KillTimer
LoadStringW
LoadCursorW
SetCursor
GetParent
GetMessageW
RegisterDeviceNotificationW
CallNextHookEx
CreateCursor
PostThreadMessageW
LoadIconW
DefDlgProcW
GetKeyboardLayoutNameA
GetKeyboardLayoutNameW
FlashWindow
RegisterClassExW
DestroyCursor
InvalidateRect
EnumClipboardFormats
DispatchMessageW
GetMonitorInfoW
CountClipboardFormats
ShowScrollBar
GetWindowLongW
GetCapture
PtInRect
GetWindowPlacement
UnionRect
GetFocus
GetClassNameW
SendMessageW
CloseClipboard
GetWindowTextW
BeginPaint
RedrawWindow
UnhookWindowsHookEx
MoveWindow
DestroyAcceleratorTable
ShowWindow
DestroyIcon
GetGUIThreadInfo
GetSysColor
EmptyClipboard
GetSystemMetrics
InflateRect
SetForegroundWindow
GetSysColorBrush
SetActiveWindow
OffsetRect
GetWindowDC
GetActiveWindow
RegisterHotKey
ChangeClipboardChain
RegisterRawInputDevices
IsIconic
SetWindowPos
ClientToScreen
LockWindowUpdate
DrawIconEx
CopyIcon
EndPaint
IsZoomed
SetTimer
GetDlgItem
GetSystemMenu
SetFocus
IsWindowVisible
GetKeyboardLayout
CloseWindow
SetScrollInfo
RegisterClassW
GetWindow
OpenClipboard
MapWindowPoints
SetClipboardViewer
CharNextW
SetCapture
GetLastInputInfo
UnregisterHotKey
EqualRect
DeferWindowPos

rpcrt4

NdrDllCanUnloadNow
NdrDllGetClassObject
CStdStubBuffer_QueryInterface
CStdStubBuffer_DebugServerRelease
NdrDllUnregisterProxy
NdrDllRegisterProxy
MesHandleFree
MesEncodeDynBufferHandleCreate
NdrOleAllocate
IUnknown_Release_Proxy
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_Invoke
NdrMesTypeDecode2
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrCStdStubBuffer_Release
CStdStubBuffer_AddRef
NdrMesTypeEncode2
MesDecodeBufferHandleCreate
CStdStubBuffer_CountRefs
IUnknown_AddRef_Proxy
NdrMesTypeFree2
CStdStubBuffer_IsIIDSupported

samlib

SamAddMemberToAlias

shell32

DragQueryFileW
SHFileOperationW
Shell_NotifyIconW
ExtractIconW
SHAppBarMessage

netapi32

NetApiBufferFree
NetGetJoinInformation

msimg32

GradientFill

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b98fe08eaf97fab40ca6451b7b8707e

Headers

DLL Characteristics

File Characteristics

Imports

version

cryptui

msvcrt

ntdll

ws2_32

advapi32

setupapi

credui

ole32

winmm

shlwapi

kernel32

crypt32

urlmon

gdi32

wininet

wtsapi32

iphlpapi

secur32

user32

rpcrt4

samlib

shell32

netapi32

msimg32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 69KB - Virtual size: 176KB

.rsrc Size: 5KB - Virtual size: 4KB

.rdata Size: 1024B - Virtual size: 748B

.reloc Size: 512B - Virtual size: 24B

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 69KB - Virtual size: 176KB

.rsrc
Size: 5KB - Virtual size: 4KB

.rdata
Size: 1024B - Virtual size: 748B

.reloc
Size: 512B - Virtual size: 24B