77b0bb6da287fce8e8e0f7a6cecf19e1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

77b0bb6da287fce8e8e0f7a6cecf19e1_JaffaCakes118
Size

191KB
MD5

77b0bb6da287fce8e8e0f7a6cecf19e1
SHA1

979007ae0a74b0d1191ccf035e3ef4c861dded55
SHA256

b2097005e9acb8c20765cd74080713d30175b8a859a1db51b56f3fe4f38fc5c6
SHA512

73f36543994ef369754d290622997270c619d699b420c660744d68f84518ee5dd6c094496e7c0cf11f6cff111e763cbfd827f1fbfe4ccc1273317992f60467a5
SSDEEP

3072:uUsTLY+AYFaBPB/vLFhp5mkrs7T2v0C70GZqRNdJwof+1Nq+AIh4RoTo2tniGXmw:1sPY+pIHLF3rQSDEG1Nq+AjCSGl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77b0bb6da287fce8e8e0f7a6cecf19e1_JaffaCakes118

Files

77b0bb6da287fce8e8e0f7a6cecf19e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec3f95e5ab763f4c672d55946e6cca9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateToolhelp32Snapshot
IsBadWritePtr
EnumTimeFormatsA
PeekConsoleInputA
lstrcmp
WriteProfileStringA
TlsSetValue
EnumCalendarInfoW
GetCurrencyFormatA
FileTimeToLocalFileTime
DefineDosDeviceW
RemoveDirectoryW
VirtualAlloc
LocalCompact
GetCommModemStatus
SetThreadPriority
VirtualProtect
Beep
VirtualProtectEx
SetComputerNameA
GetDateFormatW
ReadDirectoryChangesW
GetCPInfo
IsBadCodePtr
AddAtomW
lstrcat
GetComputerNameA
GetAtomNameW
CreateDirectoryA
MapViewOfFile
WriteConsoleOutputCharacterA
CreateThread
GetVersionExA
EnumResourceLanguagesA
GetPrivateProfileIntA
SetWaitableTimer
FlushConsoleInputBuffer
SetTimeZoneInformation
AddAtomA
MoveFileExA
DuplicateHandle
WritePrivateProfileStructA
SetProcessShutdownParameters
CommConfigDialogW
GlobalGetAtomNameA
FreeEnvironmentStringsA
GetTapeParameters
ClearCommError
CreateEventA
WriteProfileStringW
HeapCompact
FormatMessageW
ReadFileEx
WriteProfileSectionW
SetCalendarInfoA
IsDBCSLeadByteEx
GetStringTypeExA
HeapWalk
GetDevicePowerState
GetLocaleInfoW
WinExec
GetCommTimeouts
SetThreadAffinityMask
DeleteFileA
EnumTimeFormatsW
SetConsoleCursorInfo
ExitProcess
FoldStringW
FlushViewOfFile
OpenProcess

shlwapi

wnsprintfA
UrlCombineA
PathIsDirectoryEmptyA
PathAddExtensionA
SHRegGetUSValueA
SHGetValueA
StrCmpW
PathIsNetworkPathW
StrRStrIW
AssocQueryStringByKeyA
PathIsUNCServerShareA
StrFormatByteSize64A
StrNCatW
PathIsRelativeW
SHRegSetUSValueW
SHDeleteValueW
PathUnquoteSpacesA
SHRegOpenUSKeyA
PathIsSameRootW
StrCmpNIA
ColorAdjustLuma
PathIsDirectoryEmptyW
UrlGetLocationA
StrRChrW
PathGetCharTypeA
SHRegCloseUSKey
StrDupA
AssocQueryStringA
PathIsDirectoryW
PathIsSystemFolderW
StrPBrkA
StrPBrkW
PathRemoveFileSpecW
SHRegWriteUSValueW
PathParseIconLocationW
PathIsUNCServerW
StrChrA
StrStrA
StrRetToBufA
SHStrDupW
SHCreateStreamOnFileW
PathRemoveArgsA
StrToIntW
StrChrIW
PathIsURLW
PathGetArgsW
PathUndecorateW
UrlIsW
IntlStrEqWorkerW
PathSearchAndQualifyA
PathCompactPathA
StrTrimA
UrlEscapeA
PathFileExistsA
PathFindNextComponentA
StrStrW
StrNCatA
ChrCmpIA
wvnsprintfA

advapi32

ObjectDeleteAuditAlarmW
RegisterServiceCtrlHandlerA
SetSecurityDescriptorOwner
ConvertSecurityDescriptorToAccessNamedW
PrivilegeCheck
GetMultipleTrusteeOperationA
BuildTrusteeWithNameW
RegLoadKeyA
CryptGetHashParam
ObjectPrivilegeAuditAlarmW
LookupPrivilegeValueA
MapGenericMask
AdjustTokenGroups
CryptGetProvParam
CryptVerifySignatureA
GetPrivateObjectSecurity
OpenThreadToken
RegRestoreKeyW
GetEffectiveRightsFromAclW
OpenServiceA
GetMultipleTrusteeA
SetNamedSecurityInfoExW
LookupPrivilegeDisplayNameW
RegOpenKeyExW
CryptDuplicateHash
LookupAccountSidA
RegEnumKeyA
GetNumberOfEventLogRecords
RegSetValueW
StartServiceCtrlDispatcherW
CryptEnumProviderTypesA
SetEntriesInAccessListW
BuildTrusteeWithNameA
GetSecurityDescriptorOwner
LookupPrivilegeNameW
LookupPrivilegeNameA
OpenBackupEventLogA
SetEntriesInAuditListA
RegQueryValueExW
ObjectDeleteAuditAlarmA
SetKernelObjectSecurity
GetSecurityDescriptorDacl
ReadEventLogA
EnumServicesStatusW
RevertToSelf
NotifyBootConfigStatus
QueryServiceConfigA
RegNotifyChangeKeyValue
CryptHashData
AddAccessDeniedAce
OpenEventLogW
CryptDestroyHash
ReportEventW
DestroyPrivateObjectSecurity
DeleteAce
AllocateLocallyUniqueId
DeregisterEventSource
CreateProcessAsUserW
RegDeleteKeyW

ole32

StgCreateDocfile
CreateObjrefMoniker
OleRegGetMiscStatus
SetDocumentBitStg
UtConvertDvtd16toDvtd32
CoQueryAuthenticationServices
OleIsCurrentClipboard
WriteFmtUserTypeStg
CoLockObjectExternal
CoIsOle1Class
OleSaveToStream
CoCopyProxy
OleCreateEx
OleQueryLinkFromData
CoReleaseMarshalData
CoRegisterPSClsid
CoTreatAsClass
CoGetMarshalSizeMax
StgGetIFillLockBytesOnILockBytes
MkParseDisplayName
StringFromGUID2
CoUninitialize
CoGetInstanceFromFile
CoInitializeSecurity
UtConvertDvtd32toDvtd16
ProgIDFromCLSID
OleConvertIStorageToOLESTREAMEx
CoMarshalInterface
OleRegEnumFormatEtc
OleCreateLinkFromDataEx
OleLoad
StgOpenStorage
CreateFileMoniker
OleCreate
IsAccelerator
BindMoniker
StgSetTimes
OleSetMenuDescriptor
PropVariantClear
OleGetClipboard
ReadClassStg
OleCreateMenuDescriptor
StgOpenStorageEx
CoCreateInstance
WriteStringStream
OleRun
OleCreateEmbeddingHelper
CoGetMalloc
CoRegisterMessageFilter
OleQueryCreateFromData
CoDisconnectObject
PropVariantCopy
ReadStringStream
ReadOleStg
CoMarshalHresult
CoFreeLibrary
RevokeDragDrop
CoRevokeMallocSpy

user32

CopyAcceleratorTableA
BeginDeferWindowPos
CreateCursor
MapVirtualKeyW
EnumDesktopWindows
LoadCursorW
GetParent
GetFocus
DrawAnimatedRects
DlgDirListW
LoadCursorFromFileW
TranslateAcceleratorA
CallNextHookEx
GetSystemMetrics
LoadCursorFromFileA
GetMessageTime
DestroyIcon
DeferWindowPos
SetClipboardViewer
RegisterClassExW
SetScrollPos
FreeDDElParam
SetWindowsHookExW
SetActiveWindow
SetMenu
UnpackDDElParam
CharLowerA
GetMenuItemID
MoveWindow
DestroyMenu
LoadKeyboardLayoutW
GetNextDlgGroupItem
SendDlgItemMessageW
PeekMessageA
RemovePropA
RegisterDeviceNotificationW
SetWindowRgn
ScrollDC
WinHelpW
WindowFromDC
TrackMouseEvent
CreateMDIWindowA
SetCapture
GetDlgItemTextW
CheckDlgButton
FindWindowW
GetKeyNameTextA
CopyIcon
CreateMenu
DrawFrame
GetProcessDefaultLayout
MapVirtualKeyA
GetDlgCtrlID
SetThreadDesktop
CreateWindowExW
CreateIconIndirect
InSendMessageEx
CascadeChildWindows
EnumClipboardFormats
CallWindowProcA
SetRect
UnhookWinEvent
MessageBoxW

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ec3f95e5ab763f4c672d55946e6cca9a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

advapi32

ole32

user32

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 12KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 12KB