87b568c09267d8feeccedac29f4a1d02_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

87b568c09267d8feeccedac29f4a1d02_JaffaCakes118
Size

556KB
MD5

87b568c09267d8feeccedac29f4a1d02
SHA1

6b00c22a9110a2bdbea1710cc8380cd66ebcc5c3
SHA256

75fa2baa988c4ce1ef3398f796b07ccd586be7dd18fceb1257b61266efcebac4
SHA512

70f9298db0ec71afb581318d2ed737e8c2b837db1415d1a60c673db0c279101c07f8936d116697e9581540f7b70b7b641a963763612829d68fe7051e61cd9633
SSDEEP

12288:nQVMMnMMMMMqY5c6zo3EA+PjdDVE9og9RQL8FyXSIGo9Ow4FnpMoRQTN:nQVMMnMMMMMqY5ZzYx+JDyWg9mL2yXNz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87b568c09267d8feeccedac29f4a1d02_JaffaCakes118

Files

87b568c09267d8feeccedac29f4a1d02_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0a0bb39ad89a3201ff8f25ce049edc2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
GetFileType
FileTimeToLocalFileTime
GetSystemDirectoryA
GetStdHandle
lstrlenA
GetProfileStringA
SetErrorMode
FindNextFileA
GetShortPathNameA
SetEndOfFile
SetCurrentDirectoryA
SetEnvironmentVariableA
GetDateFormatA
GetFullPathNameA
InterlockedDecrement
CreateDirectoryA
SetHandleCount
SetStdHandle
LockResource
SystemTimeToFileTime
UnhandledExceptionFilter
ResetEvent
GetCurrentThreadId
HeapAlloc
GetTempPathA
WaitForSingleObject
GetVersionExA
lstrcmpA
ExitProcess
_llseek
GetACP
IsBadCodePtr
GetTimeZoneInformation
GetLastError
MulDiv
RaiseException
GetFileAttributesA
WinExec
CompareStringA
GetCurrentProcessId
GlobalFree
HeapDestroy
SetLastError
GlobalDeleteAtom
TerminateProcess
FreeResource
SizeofResource
SearchPathA
DeleteFileA
HeapSize
ReleaseSemaphore
CreateThread
lstrcatA
CreateSemaphoreA
DeleteCriticalSection
FlushInstructionCache
FormatMessageW
UnlockFile
GetModuleFileNameA
CreateProcessA
CreateFileA
WideCharToMultiByte
HeapCreate
TlsSetValue
GetModuleHandleA
GlobalAddAtomA
GlobalUnlock
GetEnvironmentStrings
lstrcmpiA
GlobalReAlloc
FreeLibrary
CreateProcessW
TlsFree
IsDBCSLeadByte
SetFilePointer
lstrcpynA
GetLocalTime
LoadLibraryA
WriteFile
Sleep
FindResourceA
GetSystemDefaultLCID
GetModuleFileNameW
GetProcAddress
SetFileTime
ResumeThread
SetFileAttributesA
RemoveDirectoryA
FreeEnvironmentStringsA
GetVersion
FlushFileBuffers
TlsGetValue
GetOEMCP
ReadFile
VirtualQuery
FindFirstFileA
EnterCriticalSection
GetStringTypeExA
GetLocaleInfoA
LoadResource
GetCPInfo
FindClose
InterlockedIncrement
GetStringTypeA
GlobalLock
LeaveCriticalSection
LCMapStringW
CompareStringW
TlsAlloc
GetTempFileNameA
lstrcpyA
VirtualProtect
CloseHandle
MoveFileA
HeapFree
HeapReAlloc
GetDriveTypeA
GetStartupInfoA
LockFile
LoadLibraryExA
MultiByteToWideChar
GetSystemTime
GetCurrentProcess
GetUserDefaultLangID
DuplicateHandle
GetWindowsDirectoryA
GetUserDefaultLCID
RtlUnwind
_lread
GlobalAlloc
GetEnvironmentStringsW
ExitThread
GetVolumeInformationA
CreateEventA
FreeEnvironmentStringsW
GetCurrentDirectoryA
VirtualFree
FormatMessageA
_lwrite
VirtualAlloc
GetFileTime
GetStringTypeW
FileTimeToSystemTime
GetSystemInfo
IsBadReadPtr
SetLocalTime
lstrcmpiW
GetSystemDefaultLangID
InitializeCriticalSection
GetCommandLineA
GetTickCount
SetEvent
GlobalSize
GlobalHandle
GetExitCodeProcess
_lclose

olecli32

OleClone

ws2_32

WSAConnect

ole32

StringFromGUID2
CreateDataAdviseHolder
CoRegisterClassObject
CreateILockBytesOnHGlobal
IIDFromString
CoMarshalInterface
CreateOleAdviseHolder
MkParseDisplayName
CoIsOle1Class
OleIsRunning
OleQueryLinkFromData
CoGetMalloc
OleDestroyMenuDescriptor
OleUninitialize
CoLockObjectExternal
OleTranslateAccelerator
OleInitialize
IsAccelerator
CoDisconnectObject
CoCreateInstance
CoRegisterMessageFilter
StgOpenStorage
CreateBindCtx
OleCreateLinkToFile
OleCreateFromFile
OleConvertOLESTREAMToIStorage
OleCreateLink
OleCreateLinkFromData
OleGetClipboard
ReadClassStm
CLSIDFromProgID
OleIsCurrentClipboard
WriteClassStg
OleRegGetUserType
OleDuplicateData
StgIsStorageILockBytes
CreateStreamOnHGlobal
OleSaveToStream
OleConvertIStorageToOLESTREAM
OleLoadFromStream
OleQueryCreateFromData
CoRevokeClassObject
BindMoniker
CLSIDFromString
OleCreateFromData
StgOpenStorageOnILockBytes
RevokeDragDrop
OleFlushClipboard
DoDragDrop
OleRun
CoGetClassObject
StgCreateDocfileOnILockBytes
StringFromCLSID
StgCreateDocfile
RegisterDragDrop
CoUnmarshalInterface
OleCreateMenuDescriptor
CoFreeUnusedLibraries
OleSave
OleSetClipboard
ProgIDFromCLSID
OleLoad
ReleaseStgMedium
ReadClassStg
OleGetIconOfClass
OleGetAutoConvert
OleDoAutoConvert
OleLockRunning
GetClassFile
OleSetMenuDescriptor

advapi32

SetSecurityDescriptorDacl
RegCreateKeyA
RegCreateKeyW
RegOpenKeyW
RegOpenKeyExA
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegDeleteKeyA
RegDeleteValueA
DeregisterEventSource
RegEnumValueA
InitializeSecurityDescriptor
AdjustTokenPrivileges
RegEnumKeyW
LookupPrivilegeValueA
RegEnumKeyA
RegQueryValueExA
ReportEventA
RegQueryValueA
RegEnumValueW
RegOpenKeyA
RegisterEventSourceA
RegSetValueExA
RegSetValueA
OpenProcessToken
RegQueryInfoKeyA

ddraw

DirectDrawEnumerateA

user32

RemovePropA
SendMessageA
CopyAcceleratorTableA
SetCaretPos
GetMenuItemInfoA
GetPropA
VkKeyScanW
DdeDisconnect
DdeQueryStringA
EnableMenuItem
GetLastActivePopup
SetWindowPos
DialogBoxParamA
EndPaint
GetClipboardData
CreateAcceleratorTableA
SystemParametersInfoA
WaitForInputIdle
CopyRect
KillTimer
CharToOemA
CharPrevA
GetMessagePos
IsDialogMessageA
FrameRect
RegisterClipboardFormatA
CharLowerBuffW
DestroyCaret
MessageBoxA
GetFocus
SetForegroundWindow
SendDlgItemMessageA
RemoveMenu
TranslateMDISysAccel
GetCaretPos
wsprintfA
FindWindowA
RegisterClassA
DdeInitializeA
TranslateMessage
SetCapture
ShowScrollBar
EmptyClipboard
EndDialog
IsChild
WinHelpA
OffsetRect
ReleaseCapture
DdeGetLastError
GetKeyboardLayout
DdeFreeStringHandle
EndDeferWindowPos
GetMessageTime
ShowCaret
TabbedTextOutA
SetScrollRange
GetWindow
DefMDIChildProcA
SetMenuItemInfoA
DdePostAdvise
CallWindowProcA
GetMenuStringA
PostThreadMessageA
DestroyWindow
ModifyMenuA
IsWindow
SetParent
MessageBoxIndirectA
DrawFocusRect
DeleteMenu
GetMenu
GetMenuState
IsClipboardFormatAvailable
CreatePopupMenu
IsIconic
ShowCursor
GetWindowDC
LoadImageA
GetAsyncKeyState
SetCursor
CallNextHookEx
SetActiveWindow
GetParent
DdeGetData
SetScrollInfo
AppendMenuA
CreateDialogParamA
GetWindowRgn
EnumThreadWindows
OemToCharA
DestroyAcceleratorTable
SetFocus
DdeQueryConvInfo
LoadStringA
AttachThreadInput
ReleaseDC
PostQuitMessage
UpdateWindow
DdeAbandonTransaction
CharToOemBuffA
DeferWindowPos
MessageBeep
DdeCreateStringHandleA
DdeFreeDataHandle
BeginPaint
DefFrameProcA
IntersectRect
DdeCmpStringHandles
GetForegroundWindow
GetQueueStatus
WaitMessage
GetUpdateRgn
GetScrollInfo
GetKeyState
ShowWindow
SubtractRect
ClipCursor
DrawFrameControl
SetWindowTextA
DestroyMenu
SetClipboardData
LoadCursorA
DrawIcon
LoadAcceleratorsA
DrawMenuBar
FindWindowW
InvalidateRgn
DdeClientTransaction
TrackPopupMenu
EnableWindow
PtInRect
GetWindowTextLengthA
BringWindowToTop
GetDesktopWindow
AdjustWindowRect
GetActiveWindow
InflateRect
SetScrollPos
PeekMessageA
DdeUninitialize
GetDC
SetWindowsHookExA
EqualRect
MsgWaitForMultipleObjects
GetCursorPos
LockWindowUpdate
PeekMessageW
SetKeyboardState
GetSysColor
GetWindowLongA
DdeCreateDataHandle
LoadIconA
WindowFromPoint
GetCaretBlinkTime
SetWindowContextHelpId
GetKeyboardState
GetTabbedTextExtentA
GetIconInfo
BeginDeferWindowPos
PostMessageA
RegisterClassExA
LoadBitmapA
GetSubMenu
GetClassInfoExA
AdjustWindowRectEx
SetMenuDefaultItem
GetWindowThreadProcessId
InvalidateRect
DefWindowProcA
GetClipboardFormatNameA
GetCursor
CloseClipboard
GetSystemMetrics
DestroyIcon
GetMenuItemCount
CreateCaret
SetWindowsHookExW
IsWindowEnabled
EnumClipboardFormats
CreateIcon
GetSystemMenu
DdeSetUserHandle
SetRect
GetWindowTextA
CharNextA
SetMenu
SetWindowLongA
GetUpdateRect
ScreenToClient
keybd_event
CheckMenuItem
CharLowerA
CharUpperBuffW
SetCursorPos
SetTimer
IsCharAlphaA
IsWindowVisible
CreateCursor
DestroyCursor
DdeNameService
GetWindowRect
FillRect
CharLowerBuffA
SetDlgItemTextA
MapWindowPoints
GetClientRect
PostMessageW
VkKeyScanA
CharUpperBuffA
GetDCEx
HideCaret
UnhookWindowsHookEx
SetWindowRgn
CreateMenu
CharUpperA
SetPropA
GetDlgItem
CreateWindowExA
GetCapture
ClientToScreen
InsertMenuA
MoveWindow
IsRectEmpty
GetDoubleClickTime
GetClassInfoA
OpenClipboard
DrawTextA
IsZoomed
DdeConnect
GetScrollPos
GetClassNameA
UnregisterClassA
DispatchMessageA
ToAscii
GetMenuItemID

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 516KB - Virtual size: 513KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0a0bb39ad89a3201ff8f25ce049edc2

Headers

File Characteristics

Imports

kernel32

olecli32

ws2_32

ole32

advapi32

ddraw

user32

Sections

.text Size: 4KB - Virtual size: 1KB

.idata Size: 16KB - Virtual size: 12KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 2.0MB

.rsrc Size: 516KB - Virtual size: 513KB

.text
Size: 4KB - Virtual size: 1KB

.idata
Size: 16KB - Virtual size: 12KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 2.0MB

.rsrc
Size: 516KB - Virtual size: 513KB