8503bff4f298e4adde2ce7749897a675_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8503bff4f298e4adde2ce7749897a675_JaffaCakes118
Size

697KB
MD5

8503bff4f298e4adde2ce7749897a675
SHA1

0108576cacc897ba2d5ab8262f451c8a0b613e08
SHA256

c93de8bdbab335c780dc12716199b6a113490ac71a67b1aee77d155eda0c6ec8
SHA512

85f34ce9e7bdf8cd988fe5bb9033673d2df540c8e89760a57e0ca32d32e396913d1c26d7179bbb5f94e7941eb618e01d12ea4f33053ab583d12b5d9a860780ad
SSDEEP

6144:QqMCmeOr0v+f7F8pdlbLIV2MfleKkhQNiEFwBdmIpPWvrSgNc4C89QLek07O:XGf7FkdlHIV2MfwKkhQN6PWvegwj0a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8503bff4f298e4adde2ce7749897a675_JaffaCakes118

Files

8503bff4f298e4adde2ce7749897a675_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee47a9782a545964456ceafea7fb3a14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Parent
CM_Request_Device_EjectW
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceInstanceIdW
CM_Get_Child
CM_Get_DevNode_Registry_PropertyW
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
CM_Get_Device_IDW
SetupDiDestroyDeviceInfoList

shlwapi

PathFindExtensionW
PathFindFileNameW

kernel32

GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
GetThreadLocale
DuplicateHandle
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTickCount
GetStartupInfoW
ExitProcess
RtlUnwind
HeapFree
HeapAlloc
CreateThread
ExitThread
RaiseException
TerminateProcess
SetStdHandle
GetFileType
HeapSize
HeapReAlloc
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
TlsAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
LocalAlloc
FindResourceA
GlobalAddAtomA
GetProfileStringA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetDriveTypeW
GetVolumeNameForVolumeMountPointW
GetLogicalDrives
GetVolumeNameForVolumeMountPointA
QueryDosDeviceW
GetLogicalDriveStringsW
lstrcmpW
CloseHandle
DeviceIoControl
CreateFileW
Sleep
QueryDosDeviceA
CreateFileA
GetLastError
CreateEventW
ResetEvent
WaitForSingleObject
SetEvent
GetOverlappedResult
WaitForMultipleObjects
ReadDirectoryChangesW
lstrcmpiW
FindClose
FindNextFileW
FindFirstFileW
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileSizeEx
VirtualAlloc
DeleteFileW
SetFileAttributesW
SetFileTime
CopyFileExW
GetTempFileNameW
WritePrivateProfileStringW
GlobalAlloc
lstrcmpA
lstrcmpiA
GetCurrentThread
FormatMessageW
LocalFree
GlobalGetAtomNameW
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalFree
GlobalLock
GlobalUnlock
SetLastError
GetModuleHandleA
LoadLibraryA
lstrlenA
MultiByteToWideChar
GetVersion
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenW
lstrcpynW
MulDiv
GetWindowsDirectoryW
lstrcatW
LoadLibraryW
FreeLibrary
lstrcpyW
GetLongPathNameW
CopyFileW
FindResourceW
SizeofResource
LoadResource
LockResource
CreateDirectoryW
OpenProcess
CreateMutexW
ReleaseMutex
ExpandEnvironmentStringsW
GetModuleHandleW
GetProcAddress
GetCurrentProcess
GetUserDefaultUILanguage
GetVersionExW
GetModuleFileNameW
GetCurrentDirectoryW
GetCurrentProcessId
ReadFile
WriteFile
GetFileTime
MoveFileExW
MoveFileW
GetTempPathW

user32

ValidateRect
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
DestroyMenu
GetDesktopWindow
TranslateAcceleratorW
LoadAcceleratorsW
SetRectEmpty
EndDialog
GetActiveWindow
CreateDialogIndirectParamW
GrayStringW
TabbedTextOutW
GetWindowDC
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
SetMenuItemBitmaps
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
IsDialogMessageW
SetDlgItemTextW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
CharUpperW
IsChild
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthW
GetDlgCtrlID
GetKeyState
SetWindowsHookExW
CallNextHookEx
UnhookWindowsHookEx
DefWindowProcW
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageW
OffsetRect
IntersectRect
SystemParametersInfoW
GetWindowPlacement
ClientToScreen
WindowFromPoint
EqualRect
RegisterClipboardFormatW
LoadCursorW
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
SetCursor
SetCapture
ReleaseCapture
ChildWindowFromPoint
GetPropW
CallWindowProcW
BeginPaint
FillRect
DrawTextW
EndPaint
CreateWindowExW
GetWindowRect
ScreenToClient
MoveWindow
MapWindowPoints
GetDC
ReleaseDC
CopyIcon
PostQuitMessage
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableW
CharNextW
GetSysColorBrush
PtInRect
GetClassNameW
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
GetTopWindow
SetWindowTextW
DestroyCursor
RemovePropW
DestroyWindow
GetWindowLongW
SetWindowLongW
SetPropW
GetWindowTextW
LoadStringW
LoadStringA
SetProcessDefaultLayout
ExcludeUpdateRgn
GetWindowTextA
DrawTextA
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
SendMessageA
IsWindowUnicode
GetClassNameA
SetPropA
GetPropA
EnableWindow
InvalidateRect
GetDlgItem
SetWindowLongA
GetWindowLongA
AppendMenuW
wsprintfW
PostThreadMessageW
PostMessageW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
SetTimer
SendMessageW
MessageBoxW
LoadImageW
KillTimer
SetForegroundWindow
GetCursorPos
DeleteMenu
EnableMenuItem
UpdateWindow
CopyRect
InflateRect
DrawFrameControl
DrawStateW
DrawFocusRect
GetParent
GetSysColor
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
LoadIconW
LoadMenuW
GetSubMenu
ModifyMenuW
CheckMenuItem

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
MoveToEx
LineTo
SetMapMode
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
PatBlt
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
GetStockObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
SetBkColor
GetClipBox
GetTextExtentPointA
BitBlt
CreateCompatibleDC
SetTextColor
SetBkMode
SelectObject
GetObjectW
CreateFontIndirectW
GetDeviceCaps
Rectangle
CreatePen
GetTextExtentPoint32W
DeleteObject
CreateDIBitmap
ExtTextOutA
CreateSolidBrush

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
FreeSid
EqualSid
AllocateAndInitializeSid
RegSetValueExW
OpenProcessToken
GetTokenInformation

shell32

SHChangeNotify
DragQueryFileW
DragFinish
SHCreateDirectoryExW
ShellExecuteW
ExtractIconW
SHLoadNonloadedIconOverlayIdentifiers
SHGetFolderPathW
Shell_NotifyIconW
ord680
SHGetSpecialFolderPathW
ShellExecuteExW

comctl32

ord17

oledlg

OleUIBusyW

ole32

CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoCreateInstance
CoUninitialize
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantCopy
VariantChangeType
SysAllocString
VariantTimeToSystemTime
SysStringLen

Sections

.text
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 316KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.5rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ee47a9782a545964456ceafea7fb3a14

Headers

File Characteristics

Imports

setupapi

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 224KB - Virtual size: 223KB

.rdata Size: 52KB - Virtual size: 49KB

.data Size: 20KB - Virtual size: 1.6MB

.rsrc Size: 316KB - Virtual size: 313KB

.5rdata Size: 76KB - Virtual size: 76KB

.text
Size: 224KB - Virtual size: 223KB

.rdata
Size: 52KB - Virtual size: 49KB

.data
Size: 20KB - Virtual size: 1.6MB

.rsrc
Size: 316KB - Virtual size: 313KB

.5rdata
Size: 76KB - Virtual size: 76KB