789e65a0bd9dd79e3a39cab933c9d40e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

789e65a0bd9dd79e3a39cab933c9d40e_JaffaCakes118
Size

80KB
MD5

789e65a0bd9dd79e3a39cab933c9d40e
SHA1

5c4639ac11db5c77be2abea268fe533b29dd0f54
SHA256

a5b4a3241dab221a55cd140f162dc58ac5639b9fbc15981a52bb0a05feedabfd
SHA512

30599bbc12cd5c59da00090f9ccf01f7a9e2fee569c59dbf73d90eef83261dd28e782a0fa56bf8974c323ca253023c5ee380130138a458ce7efb1761cade7f67
SSDEEP

1536:DAQ4noYruqao590sZkuUQDDW/RDQ6bANhUet6GKZJKFcrjbtuegizhvQvR65:cFSqBJn0DQkTZgcrjbtu10hv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
789e65a0bd9dd79e3a39cab933c9d40e_JaffaCakes118

Files

789e65a0bd9dd79e3a39cab933c9d40e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9b55b1db58eb611296fa3c7079e0c5a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
lstrcmp
VirtualFree
CommConfigDialogA
ContinueDebugEvent
lstrcmpiA
GetComputerNameA
SetThreadAffinityMask
SetProcessPriorityBoost
lstrcpyn
ReadProcessMemory
WaitNamedPipeA
GetNumberOfConsoleInputEvents
CompareStringW
WritePrivateProfileSectionW
SetEndOfFile
GetPrivateProfileStructW
SetConsoleTextAttribute
GetCommModemStatus
CopyFileW
MoveFileExW
GetVersionExA
BuildCommDCBAndTimeoutsA
GetModuleFileNameA
GetCurrentDirectoryA
GetPrivateProfileIntA
Heap32Next
Thread32Next
GetConsoleScreenBufferInfo
GetThreadContext
FormatMessageW
GetStringTypeA
SetThreadLocale
WriteFileGather
SetFileAttributesA
SwitchToFiber
SetMessageWaitingIndicator
ResumeThread
SystemTimeToFileTime
ScrollConsoleScreenBufferA
GetStdHandle
VirtualAlloc
VirtualProtect
DefineDosDeviceA
GetTempPathA
GetCalendarInfoA
GetModuleFileNameW
GetTapeStatus
GetExitCodeProcess
GetDiskFreeSpaceA
SetConsoleWindowInfo
SetCommBreak
OpenWaitableTimerW
CompareFileTime
SetLocaleInfoA
CreateProcessA
GetUserDefaultLangID
SearchPathA
LocalFree
OutputDebugStringA
DeviceIoControl
GlobalUnlock
GetProfileIntW
SetCalendarInfoA
HeapWalk
WaitCommEvent
lstrlen
FindFirstChangeNotificationA
CopyFileExA
SetEvent
HeapCompact
DisableThreadLibraryCalls
GetSystemInfo
GetStringTypeExW
FindClose
GetStringTypeW
GetPrivateProfileSectionNamesA
lstrlenW
GetEnvironmentStringsW
WriteConsoleOutputW
GlobalCompact
IsDBCSLeadByteEx
Heap32First
CreateDirectoryExA
SetVolumeLabelA
UpdateResourceA
SetPriorityClass
MoveFileW
ReadConsoleOutputCharacterA
QueueUserAPC
GetSystemTimeAsFileTime
GetThreadSelectorEntry
GetThreadTimes
lstrcmpiW
EnumSystemLocalesA
lstrcpyA
lstrcatA
IsDebuggerPresent
CreateSemaphoreW
SetProcessAffinityMask
DosDateTimeToFileTime
LockFile
EnumCalendarInfoExW
Process32First
UnlockFile
WriteConsoleOutputAttribute
IsValidLocale
GetSystemTimeAdjustment
LoadLibraryW
GlobalGetAtomNameA
HeapValidate
SuspendThread
GetTapeParameters
HeapFree
GetNumberOfConsoleMouseButtons
SetLocalTime
WriteConsoleOutputCharacterW
CancelIo
GetMailslotInfo
GetPrivateProfileSectionW
ReadFile
GetStartupInfoA
BuildCommDCBW
CreateWaitableTimerA
GetLogicalDriveStringsW
LocalAlloc
SetFileApisToANSI
GetProfileStringA
DeleteAtom
RemoveDirectoryA
ReleaseSemaphore

advapi32

GetSecurityInfoExW
GetTrusteeTypeW
RegSetValueExA
DestroyPrivateObjectSecurity
GetOldestEventLogRecord
GetSidSubAuthorityCount
RegNotifyChangeKeyValue
GetSidSubAuthority
RegRestoreKeyA
RegEnumKeyW
GetNamedSecurityInfoA
RegReplaceKeyA
CryptAcquireContextW
TrusteeAccessToObjectW
FindFirstFreeAce
DeleteAce
GetTokenInformation
CryptEnumProvidersW
GetSecurityDescriptorOwner
GetNamedSecurityInfoExW
RegEnumKeyExW
AllocateLocallyUniqueId
ClearEventLogW
AllocateAndInitializeSid
BackupEventLogW
ConvertAccessToSecurityDescriptorW
CryptEnumProviderTypesW
SetNamedSecurityInfoW
GetNumberOfEventLogRecords
CryptSetHashParam
GetTrusteeTypeA
CopySid
RegDeleteValueA
RegConnectRegistryA
QueryServiceLockStatusW
DeleteService
GetFileSecurityW
RegOpenKeyA
RegEnumValueA
AreAnyAccessesGranted
ObjectDeleteAuditAlarmW
AddAuditAccessAce
SetFileSecurityW
GetSecurityInfo
CryptGetUserKey
RegCreateKeyExA
SetEntriesInAccessListW
GetCurrentHwProfileW
ControlService
RegQueryInfoKeyW
EnumDependentServicesA
GetSecurityDescriptorGroup
RegisterEventSourceW
LookupPrivilegeDisplayNameA
AdjustTokenPrivileges
ConvertSecurityDescriptorToAccessA
AbortSystemShutdownA
RegCreateKeyW
BuildSecurityDescriptorW
EnumDependentServicesW
CryptExportKey
InitiateSystemShutdownA
GetUserNameW
BuildTrusteeWithNameA
StartServiceCtrlDispatcherW
PrivilegedServiceAuditAlarmA
CreateProcessAsUserW
LockServiceDatabase
LookupSecurityDescriptorPartsA
PrivilegeCheck
CryptGetDefaultProviderA
GetSecurityInfoExA
CryptDecrypt
SetNamedSecurityInfoExA
SetSecurityInfo
CryptSignHashW
AddAccessAllowedAce
SetServiceStatus
QueryServiceLockStatusA
RegCloseKey
BuildImpersonateTrusteeW
EnumServicesStatusW
GetNamedSecurityInfoExA
GetMultipleTrusteeOperationW
OpenBackupEventLogW
InitializeSid
SetSecurityInfoExA
ImpersonateLoggedOnUser
GetAuditedPermissionsFromAclW
GetCurrentHwProfileA
GetAccessPermissionsForObjectA
GetEffectiveRightsFromAclA
SetSecurityInfoExW
LookupPrivilegeNameW
RegQueryMultipleValuesA
CryptEnumProviderTypesA
CryptSignHashA
CryptImportKey
CryptHashData
CryptEnumProvidersA
RegOpenKeyW
CryptDestroyHash
FreeSid
RegQueryValueW
CryptSetProviderExW
OpenThreadToken
GetSecurityDescriptorDacl
MakeSelfRelativeSD
LookupPrivilegeValueA
RegConnectRegistryW
RegOpenKeyExW
ChangeServiceConfigW
ConvertSecurityDescriptorToAccessW
GetServiceDisplayNameA
QueryServiceConfigW
AddAccessDeniedAce
LookupAccountSidA
ConvertAccessToSecurityDescriptorA

shlwapi

PathMakePrettyA
StrToIntW
PathCommonPrefixA
PathSkipRootA
SHRegQueryInfoUSKeyW
StrDupW
UrlCombineA
PathCanonicalizeA
PathIsDirectoryW
PathIsRelativeW
SHEnumKeyExW
PathMatchSpecA
StrCatW
PathBuildRootW
PathStripToRootW
StrFormatByteSizeW
SHRegSetUSValueA
SHDeleteKeyW
AssocQueryStringByKeyA
PathRemoveBlanksA
PathIsLFNFileSpecW
PathBuildRootA
PathFindOnPathW
SHQueryInfoKeyA
ChrCmpIA
wvnsprintfA
UrlCanonicalizeW
SHRegSetUSValueW
PathGetDriveNumberA
SHRegEnumUSKeyW
PathUnquoteSpacesA
SHQueryValueExA
PathAppendW
PathIsSameRootA
PathIsUNCServerShareW
StrCmpNW
PathIsPrefixW
StrTrimW
SHCreateStreamOnFileW
SHDeleteKeyA
IntlStrEqWorkerW
SHRegDeleteUSValueA
AssocQueryKeyA
StrFormatKBSizeW
SHStrDupA
PathAddExtensionW
PathUnmakeSystemFolderW
PathRemoveArgsA
PathFindNextComponentW
StrIsIntlEqualW
ColorHLSToRGB
PathAppendA
SHRegWriteUSValueW
PathIsFileSpecA
PathFindSuffixArrayA
PathFileExistsW
SHEnumValueA
PathMakePrettyW
PathRemoveBackslashW
GetMenuPosFromID
PathCombineW
SHDeleteEmptyKeyW
StrCmpW
PathIsNetworkPathA
PathRemoveBlanksW
SHSkipJunction
PathAddBackslashW
StrRChrA
PathCompactPathW
SHQueryValueExW
StrFromTimeIntervalW
StrFormatKBSizeA
SHRegQueryInfoUSKeyA
StrCSpnIW
PathFileExistsA
UrlHashW
PathMakeSystemFolderW
PathCreateFromUrlW
SHOpenRegStreamA
PathGetCharTypeA
StrCpyNW
PathSearchAndQualifyW
StrRetToBufW
PathCompactPathExA
StrStrW
PathIsLFNFileSpecA
StrSpnW
PathRelativePathToA
UrlIsA
PathIsUNCServerW
PathIsRootW
StrStrIW
UrlIsNoHistoryW
UrlCanonicalizeA
StrFormatByteSize64A
PathGetDriveNumberW
AssocQueryStringA
StrCmpNIW
PathRemoveExtensionA
PathRenameExtensionA
PathCompactPathExW
StrRetToStrA
StrRChrIW
StrRetToBufA
PathRenameExtensionW
SHRegCloseUSKey
UrlGetLocationW
SHGetValueA
PathQuoteSpacesA
PathAddExtensionA
PathParseIconLocationW
UrlEscapeW
AssocQueryKeyW
PathStripPathW
PathFindNextComponentA
SHRegGetBoolUSValueW

ole32

UtGetDvtd32Info
CoInitializeSecurity
OleSetMenuDescriptor
CoMarshalHresult
CoGetInstanceFromIStorage
OleSetAutoConvert
CoRegisterClassObject
CoGetCurrentLogicalThreadId
MonikerRelativePathTo
OleLoad
CoQueryReleaseObject
OleCreateLink
CoImpersonateClient
OleTranslateAccelerator
OleCreateMenuDescriptor
CreateAntiMoniker
MonikerCommonPrefixWith
OleLockRunning
CoGetInstanceFromFile
CoGetStandardMarshal
CoTreatAsClass
OleIsRunning
CoUnmarshalHresult
OleCreateFromDataEx
WriteClassStg
OleUninitialize
ProgIDFromCLSID
WriteOleStg
StgGetIFillLockBytesOnILockBytes
OpenOrCreateStream
StgIsStorageILockBytes
OleBuildVersion
CoRegisterPSClsid
RegisterDragDrop
OleCreateFromFileEx
OleSetClipboard
CreateObjrefMoniker
CoDosDateTimeToFileTime
CoRevokeMallocSpy
CoRegisterMessageFilter
OleCreateFromData
CoIsOle1Class
OleSetContainedObject
StgCreateDocfileOnILockBytes
CreateDataAdviseHolder
CoDisconnectObject
UpdateDCOMSettings
CoMarshalInterThreadInterfaceInStream
CoGetMarshalSizeMax
EnableHookObject
CoRegisterSurrogate
StgIsStorageFile
StringFromGUID2
OleGetAutoConvert
CoSetProxyBlanket
OleRegGetMiscStatus
MkParseDisplayName
CLSIDFromString
CreateILockBytesOnHGlobal
UtConvertDvtd16toDvtd32
OleRun
CoCreateInstance
CoLockObjectExternal
GetConvertStg
GetHGlobalFromILockBytes
CoFreeAllLibraries
CreateGenericComposite
GetHookInterface
OleGetIconOfClass
CoFileTimeToDosDateTime
OleCreateLinkFromData
CoTaskMemFree
OleQueryCreateFromData
OleDoAutoConvert
WriteFmtUserTypeStg
StgSetTimes
CoCopyProxy
ReadFmtUserTypeStg
OleMetafilePictFromIconAndLabel
StgOpenStorageOnILockBytes
CoIsHandlerConnected
OleConvertIStorageToOLESTREAM
CoQueryProxyBlanket
CoGetPSClsid
OleCreate
OleSaveToStream
GetHGlobalFromStream
BindMoniker
DoDragDrop
ReadClassStg
StgCreateStorageEx
CoGetCurrentProcess
ReleaseStgMedium
FreePropVariantArray
CoQueryClientBlanket
SetDocumentBitStg
CoTaskMemRealloc
OleCreateEmbeddingHelper
OleSave
OleIsCurrentClipboard

user32

CharNextW
CallMsgFilter
InvertRect
UnhookWindowsHookEx
SetParent
GetMenuContextHelpId
OpenDesktopA
DdeSetQualityOfService
IsCharLowerA
DrawFrame
SetCaretBlinkTime
ChildWindowFromPointEx
UnregisterClassA
GetWindowDC
CharUpperA
GetMenuCheckMarkDimensions
GetKeyboardLayoutNameA
InsertMenuItemA
TranslateAcceleratorW
DdeCreateStringHandleW
GetWindowTextLengthW
GetDlgCtrlID
GetPriorityClipboardFormat
ShowOwnedPopups
SetWinEventHook
ChangeDisplaySettingsW
CallMsgFilterA
LoadImageW
GetWindowTextW
MessageBoxA
KillTimer
SetMenuInfo
SystemParametersInfoW
WinHelpA
MessageBoxW
IsCharAlphaNumericW
CopyAcceleratorTableA
SetDlgItemInt
EnumThreadWindows
SetMenuItemBitmaps
FindWindowExA
DlgDirSelectExA
GetThreadDesktop
SetMenuDefaultItem
UnpackDDElParam
DrawEdge
EnumDisplaySettingsExW
CascadeChildWindows
TabbedTextOutA
OemToCharW
MenuItemFromPoint
EnableScrollBar
SendDlgItemMessageW
SendMessageA
ShowCursor
CreateWindowExW
DispatchMessageW
ReleaseDC
GetProcessDefaultLayout
MapDialogRect
GetWindowRgn
DefDlgProcA
ScrollDC
GetSysColor
DrawFrameControl
BringWindowToTop
MapVirtualKeyExA
SetDlgItemTextW
OpenDesktopW
CreateAcceleratorTableW
GetSystemMenu
LoadCursorFromFileW
DdeInitializeA
InsertMenuW
GetClassInfoExW
GetTopWindow
CreateDialogParamW
CheckRadioButton
DdeConnectList
GetMonitorInfoW
MessageBeep
SetPropW
AdjustWindowRect
ClientToScreen
OemToCharA
GetMenuInfo
GrayStringW
GetKeyboardType
WindowFromPoint
GetClipboardData
CallMsgFilterW
DefWindowProcA
SetWindowPlacement
GetClipboardSequenceNumber
RegisterClassA
GetMenuItemCount
ShowWindow
CreateDesktopA
DrawFocusRect
GetLastActivePopup
RegisterWindowMessageW
DdeCmpStringHandles
GetWindowRect
SetActiveWindow
GetForegroundWindow
GetKeyNameTextW
SetDoubleClickTime
CharNextExA
GetSysColorBrush
GetParent
RegisterClipboardFormatW
MessageBoxIndirectW
DialogBoxParamA
SetWindowLongA
DdeGetData
CreateIconFromResource
CreateDialogIndirectParamA
SetDlgItemTextA
GetAltTabInfo
AppendMenuW
CascadeWindows
CreateMDIWindowA
GetDlgItem
WaitForInputIdle
DdeEnableCallback
DestroyIcon

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 243B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9b55b1db58eb611296fa3c7079e0c5a5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shlwapi

ole32

user32

Sections

.text Size: 61KB - Virtual size: 61KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 243B

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 243B