86e36d6a61778f6a47077398a004aa82_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

86e36d6a61778f6a47077398a004aa82_JaffaCakes118
Size

906KB
MD5

86e36d6a61778f6a47077398a004aa82
SHA1

acca673c4bc965c98e088f3efaae07df1bb92fed
SHA256

1436e7d1398d191c9762607867f11a01e8c1213e84ac532a5fa12a356254c722
SHA512

e4cfa10e7e1ccb618a3f00ff9c38e03536b07432469e86133b02ca8b1fb2f78b87cdf62ea16994bd88e1cc8fe698a7ad112f5c9818e82db2fe56b8913fc6cc30
SSDEEP

12288:j6GST4NRPfQnedrBNlHcC6NdzIegdvs8RvZA9zoqVnmECsv02XQsc+NBO:jBbNRPfQnedrBTUN9+vsuCF/v02gU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86e36d6a61778f6a47077398a004aa82_JaffaCakes118

Files

86e36d6a61778f6a47077398a004aa82_JaffaCakes118
.exe windows:5 windows x86 arch:x86

91847bf32f8ce5d23bcde0ef7b322860

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
GetCPInfo
IsDebuggerPresent
InterlockedDecrement
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsGetValue
TlsSetValue
DecodePointer
GetModuleHandleW
SetLastError
GetCurrentThreadId
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
GetStringTypeW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
HeapFree
ExitProcess
Sleep
IsProcessorFeaturePresent
WriteFile
GetStdHandle
GetModuleFileNameW
LoadLibraryW
RtlUnwind
GetProcAddress
GetLastError
HeapCreate
GlobalAlloc
HeapAlloc
SetUnhandledExceptionFilter
MulDiv

user32

ShowCaret
UnregisterClassA
RedrawWindow
EmptyClipboard
CharUpperBuffW
GetKeyNameTextA
MapVirtualKeyA
DestroyWindow
ModifyMenuA
SetClassLongA
CreateWindowExW
GetLastActivePopup
DrawTextA
GetClassInfoW
CharUpperBuffA
GetForegroundWindow
EnableScrollBar
DefWindowProcA
IsWindowEnabled
GetCaretPos
WaitForInputIdle
FindWindowA
GetClassInfoA
SetTimer
FlashWindow
DeferWindowPos
GetWindow
CheckMenuItem
EnumThreadWindows
HideCaret
SetForegroundWindow
CreateIcon
SetRect
RegisterClassW
PtInRect
DrawTextExA
ClientToScreen
SetFocus
IntersectRect
GetSubMenu
GetClipboardFormatNameA
EnumWindows
InvalidateRect
SetMenuItemInfoA
LoadBitmapA
CharNextW
IsClipboardFormatAvailable
SetActiveWindow
PeekMessageA
GetWindowDC
DestroyCursor
DrawEdge
CreateMenu
GetIconInfo
TabbedTextOutA
GetClipboardData
DefMDIChildProcA
CreateWindowExA
DialogBoxParamA
DrawMenuBar
TranslateMessage
CallWindowProcA
EnableWindow
ShowWindow
SystemParametersInfoA
ReleaseDC
ValidateRect
SetKeyboardState
RegisterWindowMessageA
CallNextHookEx
EqualRect
UpdateWindow
DrawIcon
ShowScrollBar
EndPaint
IsZoomed
EndDeferWindowPos
DispatchMessageA
DefWindowProcW
GetTopWindow
GetWindowTextLengthW
DestroyCaret
FrameRect
GetKeyboardLayout
GetPropA
DeleteMenu
BringWindowToTop
IsCharAlphaA
InvalidateRgn
GetScrollRange
SetWindowTextW
MoveWindow
SetMenu
UnhookWindowsHookEx
MessageBeep
GetMessageA
DefFrameProcA
BeginDeferWindowPos
LoadCursorA
GetMenuCheckMarkDimensions
DrawCaption
IsWindow
GetAsyncKeyState
ToUnicode
CloseClipboard
PostMessageA
DrawTextW
RegisterClipboardFormatA
WindowFromPoint
OffsetRect
GetScrollPos
IsWindowVisible
GetMessageTime
CallWindowProcW
OpenClipboard
ToAscii
GetActiveWindow
IsChild
LoadKeyboardLayoutA
CreateDialogParamA
GetKeyState
SendNotifyMessageA
OemToCharA
GetMenuItemCount
GetKeyboardLayoutList
WinHelpA
GetMenuItemID
GetWindowTextA
ScrollWindow
ChildWindowFromPoint
GetSysColor
GetCapture
PostThreadMessageA
SetWindowRgn
GetMenuState
EnableMenuItem
DestroyIcon
SetParent
RemoveMenu
SetClipboardData
CharNextA
GetDlgItem
CreateCaret
BeginPaint
GetTabbedTextExtentA
MapWindowPoints
GetDoubleClickTime
RemovePropA
TrackPopupMenu
RegisterClassA
SetWindowPos
ActivateKeyboardLayout
CharLowerBuffA
LoadIconA
GetMessagePos
EndDialog
SetWindowsHookExA
ScreenToClient
TranslateMDISysAccel
GetSystemMetrics
GetMenu
GetCursorPos
IsIconic
CharUpperA
SetScrollInfo
DestroyMenu
GetCursor
DrawFrameControl
SendMessageW
InsertMenuItemA
InsertMenuA
GetUpdateRect
GetDesktopWindow
SetCapture
SendDlgItemMessageA
GetWindowThreadProcessId
EnumClipboardFormats
WaitMessage
GetWindowLongA
SetWindowLongW
GetMenuItemInfoA
InflateRect
FindWindowExA
LoadCursorFromFileA
DrawTextExW
ShowOwnedPopups
IsWindowUnicode
SetCursor
CreatePopupMenu
GetSystemMenu
SetWindowTextA
SetWindowPlacement
SendMessageTimeoutA
ReleaseCapture
GetClassNameA
IsCharAlphaNumericA
DrawIconEx
CopyImage
GetSysColorBrush
mouse_event
SetWindowLongA
PostQuitMessage
InvertRect
SubtractRect
CopyRect
AdjustWindowRectEx
SetScrollPos
LockWindowUpdate
WindowFromDC
IsDialogMessageA
SetScrollRange
GetFocus
CharLowerA
IsRectEmpty
UnionRect
wsprintfA
GetParent
MessageBoxA
GetDCEx
SendMessageA
MsgWaitForMultipleObjects
FillRect
ShowCursor
GetMenuStringA
GetDC
GetMenuItemRect
DrawFocusRect
SetRectEmpty
CharPrevW
GetWindowPlacement
SetCaretPos
ScrollWindowEx
ScrollDC
SetPropA
GetKeyboardState
GetClientRect
KillTimer
GetWindowRgn
GetWindowTextW
GetWindowRect
GetScrollInfo

gdi32

GetRandomRgn

comdlg32

GetSaveFileNameA
ChooseFontA
PrintDlgA
GetOpenFileNameA
ChooseColorA

advapi32

RegEnumValueA
RegQueryValueA
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyA
RegCloseKey
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA
RegFlushKey
RegOpenKeyExA
RegDeleteValueA
GetUserNameA
RegCreateKeyExA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder

ole32

OleUninitialize
OleInitialize

oleaut32

VarCmp
OleLoadPicture

comctl32

ImageList_Read
ImageList_DragShowNolock
ImageList_Write
ImageList_DrawEx
ImageList_DragEnter
ImageList_GetDragImage
ImageList_Add
ImageList_GetIcon
ImageList_SetIconSize
ImageList_GetBkColor
ImageList_SetDragCursorImage
ImageList_GetIconSize
ord17
ImageList_SetBkColor
ImageList_DragLeave
ImageList_Draw
ImageList_Destroy
ImageList_EndDrag
ImageList_DragMove
ImageList_GetImageCount
ImageList_Replace
ImageList_ReplaceIcon
ImageList_Remove
ImageList_Create
ImageList_BeginDrag
ImageList_GetImageInfo
ImageList_LoadImageA

winmm

timeBeginPeriod
timeGetTime
timeEndPeriod
mciSendCommandA
mciGetErrorStringA

msimg32

AlphaBlend

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wsock32

WSAStartup
gethostbyname
recvfrom
select
listen
connect
WSACleanup
getsockname
getsockopt
setsockopt
WSAAsyncSelect
socket
closesocket
accept
ioctlsocket
htons
bind
sendto
gethostname
inet_ntoa

mpr

WNetGetUniversalNameA
WNetGetConnectionA
WNetEnumResourceA
WNetOpenEnumA
WNetCloseEnum

imm32

ImmSetCompositionFontA
ImmGetCompositionStringA
ImmGetCompositionStringW
ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

ws2_32

WSARecv
WSAGetOverlappedResult
WSAEventSelect
WSAStringToAddressA
WSAAddressToStringA
WSASocketA
WSASend

wldap32

ord16
ord88
ord17

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xyue
Size: 771KB - Virtual size: 771KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 891KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91847bf32f8ce5d23bcde0ef7b322860

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

winmm

msimg32

version

wsock32

mpr

imm32

ws2_32

wldap32

Sections

.text Size: 55KB - Virtual size: 55KB

.xyue Size: 771KB - Virtual size: 771KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 38KB - Virtual size: 891KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 55KB - Virtual size: 55KB

.xyue
Size: 771KB - Virtual size: 771KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 38KB - Virtual size: 891KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 8KB