854981d69788ff9c37811cc03cca9188_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

854981d69788ff9c37811cc03cca9188_JaffaCakes118
Size

332KB
MD5

854981d69788ff9c37811cc03cca9188
SHA1

a2583a095da6b4a372a0912306c4f55d54a86685
SHA256

b563e6f9d3ce8e9f65283f83295e63fcf6ddb9af594c9cb03e6a8fdc092967f8
SHA512

c450ceb84a08e3566db17da76c6c849fc4574c45b8ae37504a47b262892441d1c75e16b1eb6b88e6837532a0fbeb9950ed1dbca96dd4cf1bb9d1dde2ad0d13b6
SSDEEP

6144:+ytaiUDzlNFXXGrw/qpOkgx3F3oz2e+Qy8oKu5ji8ro+GT4qfSPF:9tnkNnXhF3ozsBBHG8F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
854981d69788ff9c37811cc03cca9188_JaffaCakes118

Files

854981d69788ff9c37811cc03cca9188_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dc2c039233d6c0c3beaa017d738dda2d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW
RegQueryValueExA
RegDeleteKeyW
DuplicateTokenEx
UnregisterTraceGuids
RegCloseKey
ConvertSidToStringSidW
RegOpenKeyExA
ConvertStringSecurityDescriptorToSecurityDescriptorW
TraceEvent
TraceMessage
RegEnumKeyW
RegCreateKeyExW
RegCreateKeyExA
IsTextUnicode
GetLengthSid
GetUserNameW
RegEnumValueW
CryptHashData
RegDeleteValueW
OpenProcessToken
SetTokenInformation
RegEnumKeyExW
RegCreateKeyA
GetTokenInformation
GetTraceEnableLevel
RegisterTraceGuidsW
RegQueryInfoKeyW
RegOpenKeyExW
CryptReleaseContext
OpenThreadToken
GetTraceLoggerHandle
RegEnumValueA
SetThreadToken
GetTraceEnableFlags
RegDeleteKeyA
CryptDestroyHash
CryptGetHashParam
CryptCreateHash
RegQueryValueW
RegDeleteValueA
ImpersonateSelf
RegSetValueExW
RegSetValueExA
ConvertStringSidToSidW
RegOpenKeyW
CreateProcessAsUserW
RegOpenCurrentUser
CryptAcquireContextW

psapi

GetProcessImageFileNameW

uxtheme

CloseThemeData
GetThemeAppProperties
GetThemePartSize
GetThemeBackgroundExtent
GetThemeMargins
IsThemeActive
GetThemeFont
DrawThemeParentBackground
OpenThemeData
GetThemeMetric
GetThemeBackgroundContentRect
GetThemeColor
DrawThemeBackground
IsAppThemed
SetWindowTheme

ntdll

NtAllocateVirtualMemory
LdrGetDllHandle
RtlUshortByteSwap

gdi32

SetStretchBltMode
LPtoDP
GetTextCharset
ExtTextOutW
RectVisible
GetSystemPaletteEntries
SetRectRgn
IntersectClipRect
GetBkMode
DeleteDC
CreateCompatibleDC
GetTextExtentExPointI
SelectObject
OffsetRgn
GetLayout
GetClipBox
SetTextColor
PlayEnhMetaFile
MoveToEx
TextOutA
CreateMetaFileW
CreateDIBSection
TextOutW
CreateRectRgn
SelectPalette
GetObjectW
DeleteEnhMetaFile
CreateBitmap
GetTextExtentPoint32W
GetDeviceCaps
Rectangle
CreateDCA
CreateEnhMetaFileA
RealizePalette
GetDCOrgEx
SetBkColor
CreateRectRgnIndirect
EqualRgn
CreateFontIndirectA
CreatePatternBrush
GetBrushOrgEx
GetTextMetricsW
CombineRgn
SetDCPenColor
CreatePen
CloseEnhMetaFile
SetWindowExtEx
GetPaletteEntries
LineTo
GetDIBits
StretchBlt
GetPixel
GetStockObject
GetTextAlign
SetLayout
CreateDCW
DeleteObject
SetWindowOrgEx
SetPaletteEntries
GetTextColor
GetTextExtentPoint32A
OffsetWindowOrgEx
ExtCreateRegion
SetTextAlign
SetViewportExtEx
GetTextExtentPointW
CreateDIBPatternBrushPt
CreateFontW
CreatePalette
CreatePolygonRgn
CreateHalftonePalette
CreateCompatibleBitmap
GetObjectA
CloseMetaFile
SetViewportOrgEx
GetRgnBox
GetBkColor
CreateSolidBrush
SetMapMode
GetRegionData
RestoreDC
SetBkMode
CreateFontIndirectW
PatBlt
GetGlyphIndicesW
StretchDIBits
BitBlt
SaveDC
SetBrushOrgEx

shell32

SHGetDataFromIDListW
SHGetPathFromIDListA
SHGetFolderPathW
ExtractIconW
SHChangeNotify
SHCreateShellItem
SHBindToParent
SHGetFolderLocation
SHGetPathFromIDListW
Shell_NotifyIconA
ShellExecuteExW
SHPathPrepareForWriteW
SHAppBarMessage
Shell_NotifyIconW
SHGetDesktopFolder
ExtractIconExW
SHGetSpecialFolderLocation
ShellExecuteA
SHGetFileInfoW
SHGetFolderPathAndSubDirW
SHGetSpecialFolderPathW
DragQueryFileW
ShellExecuteW
SHFileOperationW
SHBrowseForFolderW
ShellAboutW
ExtractAssociatedIconExW
SHSetLocalizedName
SHGetInstanceExplorer

kernel32

FindAtomW
GetTickCount
ExpandEnvironmentStringsA
ReplaceFileW
GetProcAddress
ActivateActCtx
CompareStringW
FreeLibrary
GetFileAttributesA
LockFileEx
GetWindowsDirectoryW
GetUserDefaultLCID
Sleep
GlobalLock
RemoveDirectoryW
TlsSetValue
Process32NextW
OpenEventW
LeaveCriticalSection
QueryPerformanceCounter
ResetEvent
SetCurrentDirectoryW
VirtualFree
MultiByteToWideChar
SetUnhandledExceptionFilter
GetUserDefaultUILanguage
GetLongPathNameW
OpenProcess
EnumUILanguagesW
TlsGetValue
CreateFileA
Process32FirstW
OpenMutexA
GetCurrentThread
SizeofResource
lstrcmpiW
GetSystemDirectoryW
GlobalReAlloc
TlsFree
InitializeCriticalSection
GetSystemTimeAsFileTime
HeapFree
CreateEventW
UnhandledExceptionFilter
SetProcessShutdownParameters
IsWow64Process
GetVersion
OutputDebugStringA
FileTimeToLocalFileTime
GetPrivateProfileSectionNamesW
CloseHandle
SystemTimeToFileTime
RaiseException
WritePrivateProfileSectionW
GetTempPathW
GetEnvironmentVariableW
InterlockedExchange
GetLogicalDriveStringsW
ExitProcess
ReleaseActCtx
LocalFree
lstrlenA
GetModuleFileNameA
FreeLibraryAndExitThread
HeapDestroy
FindClose
LoadResource
lstrlenW
InterlockedDecrement
GetSystemTime
GlobalAddAtomW
DeleteAtom
GetPrivateProfileStringA
GetTimeFormatW
LocalAlloc
CreateSemaphoreW
LocalSize
CreateFileMappingA
QueryDosDeviceW
GetNumberFormatW
GetACP
GetLastError
WaitForSingleObjectEx
VirtualProtect
EnterCriticalSection
CreateMutexA
DebugBreak
CreateDirectoryA
MoveFileExW
CompareFileTime
CreateFileMappingW
QueueUserWorkItem
GetVersionExW
SetFileAttributesW
LockResource
CreateFileW
WaitForMultipleObjects
VirtualQuery
DuplicateHandle
AddAtomW
OpenMutexW
GetCurrentProcess
GlobalUnlock
SetFileTime
TlsAlloc
SetEnvironmentVariableW
GlobalSize
FlushInstructionCache
LocalReAlloc
GetThreadContext
LocalFileTimeToFileTime
GetProcessHeap
lstrcmpA
GetSystemDirectoryA
DeactivateActCtx
MapViewOfFile
InterlockedIncrement
WaitForSingleObject
GetSystemWow64DirectoryW
SetThreadPriority
GetVersionExA
FileTimeToSystemTime
ReleaseSemaphore
GetSystemDefaultUILanguage
VirtualAlloc
GetCurrentThreadId
GlobalAlloc
TerminateProcess
lstrcmpiA
CreateDirectoryW
SetLastError
GetPrivateProfileSectionW
CreateEventA
GetExitCodeThread
SetErrorMode
LoadLibraryA
GetAtomNameW
MoveFileW
GetThreadPriority
GetTempFileNameW
FormatMessageW
SearchPathW
GetFileAttributesW
CreateProcessW
GetFullPathNameW
HeapCreate
SetThreadExecutionState
GetModuleHandleExW
GetModuleHandleExA
GetCPInfo
DeleteFileW
ExpandEnvironmentStringsW
FindNextFileW
DeleteTimerQueueTimer
IsDBCSLeadByte
MulDiv
GlobalFree
CreateThread
GetFileInformationByHandle
GetDateFormatW
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
CreateMutexW
LoadLibraryW
WritePrivateProfileStringW
SetFilePointerEx
GetFileAttributesExW
GetModuleHandleW
UnlockFileEx
SetEvent
SetFilePointer
FindResourceExW
QueryPerformanceFrequency
TryEnterCriticalSection
FindFirstFileW
InterlockedCompareExchange
SetEndOfFile
CreateActCtxW
DeleteCriticalSection
ResumeThread
UnmapViewOfFile
ReadFile
TerminateThread
GetShortPathNameW
GetLocaleInfoW
SuspendThread
GetModuleFileNameW
GetLocalTime
WideCharToMultiByte
HeapReAlloc
GetFileSizeEx
WriteFile
FindResourceW
DisableThreadLibraryCalls
GetSystemDefaultLCID
GetFileSize
CreateTimerQueueTimer
lstrcmpW
GetCurrentDirectoryW
SetProcessWorkingSetSize
HeapAlloc
GetPrivateProfileStringW
GlobalFlags
LoadLibraryExW
GlobalDeleteAtom
CopyFileW
SetThreadContext
GetModuleHandleA
ReleaseMutex
GetThreadLocale
CompareStringA
LCMapStringW
GetSystemInfo
GlobalAddAtomA
GetCurrentProcessId
SetCurrentDirectoryA

user32

PeekMessageW
RegisterClipboardFormatW
SystemParametersInfoA
SetTimer
CreateIconIndirect
HideCaret
BeginDeferWindowPos
SetForegroundWindow
CallWindowProcW
SetActiveWindow
PostMessageA
MapWindowPoints
GetWindowLongW
SystemParametersInfoW
DrawFocusRect
ChildWindowFromPoint
CopyRect
CheckMenuItem
DefWindowProcA
DialogBoxIndirectParamA
GetClassLongW
GetWindowTextW
SetClipboardViewer
IsChild
LoadAcceleratorsW
GetClassInfoExW
LoadIconW
GetAsyncKeyState
SetWindowLongW
SendMessageTimeoutA
EnumChildWindows
PostThreadMessageW
EndMenu
LoadBitmapW
PeekMessageA
PostThreadMessageA
GetScrollInfo
SetParent
GetMenuState
CharNextA
DialogBoxParamA
AllowSetForegroundWindow
AnimateWindow
EmptyClipboard
RegisterWindowMessageW
ReleaseDC
PostMessageW
SetCursor
EndPaint
GetTopWindow
GetCursor
ShowScrollBar
SendMessageW
InvalidateRect
DrawEdge
ReleaseCapture
ShowWindow
AppendMenuW
FillRect
GetClipboardFormatNameW
DialogBoxParamW
GetShellWindow
GetDC
MessageBoxW
RegisterClassW
LockSetForegroundWindow
ChangeClipboardChain
CheckRadioButton
CreatePopupMenu
DestroyWindow
GetWindow
CloseClipboard
FindWindowA
SetWindowPlacement
LoadStringW
NotifyWinEvent
CheckDlgButton
CharPrevA
GetDesktopWindow
GetComboBoxInfo
DdeCreateDataHandle
IntersectRect
DdeGetData
MoveWindow
CharLowerBuffW
SendNotifyMessageW
GetSysColor
UpdateWindow
AdjustWindowRectEx
MessageBoxIndirectA
GetWindowRgnBox
GetActiveWindow
DispatchMessageW
EndDeferWindowPos
GetClipboardData
CharLowerW
DdeFreeStringHandle
DdeInitializeW
DialogBoxIndirectParamW
LoadCursorA
MsgWaitForMultipleObjects
GetSubMenu
SendMessageA
AdjustWindowRect
CharPrevW
InsertMenuW
SetMenu
RegisterClassExW
SetScrollPos
DrawFrameControl
FindWindowW
DestroyAcceleratorTable
GetClassNameW
GetParent
GetDlgItem
GetMenuItemInfoA
DdeNameService
MapDialogRect
EnumDesktopWindows
GetMenuStringW
SetPropA
IsWindowVisible
GetProcessWindowStation
RegisterWindowMessageA
InflateRect
GetClientRect
GetKeyboardLayout
SetDlgItemInt
MsgWaitForMultipleObjectsEx
InsertMenuItemW
DestroyIcon
IsIconic
SetWindowsHookExW
GetMonitorInfoW
DdeQueryStringW
GetDoubleClickTime
RemovePropA
CreateDialogParamW
MonitorFromWindow
GetKeyNameTextW
DeleteMenu
GetLastInputInfo
TranslateAcceleratorW
WinHelpW
CreateMenu
IsHungAppWindow
GetNextDlgTabItem
SetWindowPos
SetRectEmpty
UnhookWindowsHookEx
IsDlgButtonChecked
DefWindowProcW
SetClipboardData
PostQuitMessage
GetMessageW
TranslateMessage
GetWindowInfo
FindWindowExW
RedrawWindow
ShowCaret
SetWindowLongA
LoadMenuW
GetFocus
ClientToScreen
CallNextHookEx
EnumThreadWindows
DrawTextW
DdeConnect
CharUpperW
WaitMessage
SetWindowTextW
MessageBoxExW
GetWindowLongA
GetAncestor
EndDialog
GetMessagePos
DdeFreeDataHandle
MessageBoxIndirectW
MessageBoxExA
IsWindowUnicode
SetFocus
GetClassWord
EnumDisplaySettingsW
GetPropA
DrawTextExW
SetDlgItemTextW
GetMessageA
GetCapture
CopyImage
EnableWindow
SetScrollInfo
CallMsgFilterW
DrawIconEx
GetWindowThreadProcessId
WaitForInputIdle
EnumWindows
GetMenuDefaultItem
GetClassInfoW
MapVirtualKeyW
wsprintfW
SetMenuItemInfoW
SetWindowRgn
GetWindowDC
UpdateLayeredWindow
GetWindowRect
GetForegroundWindow
MonitorFromRect
DeferWindowPos
IsCharAlphaNumericW
GetMenuItemInfoW
GetDlgCtrlID
SetRect
ScreenToClient
SetCapture
TrackMouseEvent
GetWindowPlacement
IsWindowEnabled
IsWindow
DdeCreateStringHandleW
DispatchMessageA
DdeUninitialize
GetMessageTime
DestroyMenu
GetMenuItemID
GetDlgItemTextW
EqualRect
LoadStringA
IsRectEmpty
AttachThreadInput
LoadCursorW
DdeDisconnect
CopyIcon
RegisterClipboardFormatA
MonitorFromPoint
CheckMenuRadioItem
CreateWindowExW
GetDialogBaseUnits
UnionRect
ShowOwnedPopups
GetSystemMenu
GetPropW
RemovePropW
DdeClientTransaction
GetKeyState
SetMenuDefaultItem
SetMenuItemBitmaps
SendDlgItemMessageW
VkKeyScanExW
GetIconInfo
IsDialogMessageW
EnableMenuItem
SetPropW
GetCursorPos
GetSysColorBrush
GetWindowTextLengthW
UnregisterClassW
BeginPaint
GetLastActivePopup
SendMessageTimeoutW
MessageBeep
SetCursorPos
WindowFromPoint
CharNextW
RemoveMenu
KillTimer
GetMenuItemCount
OpenClipboard
TrackPopupMenuEx
GetSystemMetrics
TrackPopupMenu
PtInRect
OffsetRect
LoadImageW
IsMenu

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dc2c039233d6c0c3beaa017d738dda2d

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

psapi

uxtheme

ntdll

gdi32

shell32

kernel32

user32

Sections

.text Size: 183KB - Virtual size: 183KB

.rdata Size: 88KB - Virtual size: 88KB

.rsrc Size: 21KB - Virtual size: 21KB

.data Size: 37KB - Virtual size: 1.4MB

.tls Size: 512B - Virtual size: 4KB

.text
Size: 183KB - Virtual size: 183KB

.rdata
Size: 88KB - Virtual size: 88KB

.rsrc
Size: 21KB - Virtual size: 21KB

.data
Size: 37KB - Virtual size: 1.4MB

.tls
Size: 512B - Virtual size: 4KB