89f631fad60d5e715fbf23e9f6b9d8f3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

89f631fad60d5e715fbf23e9f6b9d8f3_JaffaCakes118
Size

395KB
MD5

89f631fad60d5e715fbf23e9f6b9d8f3
SHA1

e4827e6b4725881bdef0908a483a6bcd12d862d3
SHA256

46533ccb3acdc310a99040c57c390d796dd4a86d92e6d7ea560449e2cbbbde0f
SHA512

86949bfb2024606479b945ffc462e082c776c55a822e85727c58628fa105028349c5a5bf384a38b9a117f51462c755ecc2e9321fa8d0ae2bd43a59815168794e
SSDEEP

12288:+QB5deJfM7xws8dLwnpVNh2qMN/JhgId:r5deM2XdLSN4p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89f631fad60d5e715fbf23e9f6b9d8f3_JaffaCakes118

Files

89f631fad60d5e715fbf23e9f6b9d8f3_JaffaCakes118
.exe windows:10 windows x86 arch:x86

5b1f68d7a62ea7c4185b2c6e5c8e1ff8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyW
GetTokenInformation
RegOpenKeyW
RegEnumKeyExW
OpenProcessToken
RegDeleteKeyW
RegSetValueExA
RegCreateKeyExW
AdjustTokenPrivileges
RegQueryValueExW
InitializeSecurityDescriptor
RegQueryValueExA
RegEnumKeyExW
OpenThreadToken
RegOpenKeyW
RegQueryValueExW
RegEnumKeyExW
RegCreateKeyExA
OpenProcessToken
CloseServiceHandle
RegCreateKeyExA
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegQueryInfoKeyW
RegDeleteKeyW
CloseServiceHandle
RegEnumKeyExW
AllocateAndInitializeSid
AllocateAndInitializeSid
RegOpenKeyExW
RegQueryValueExW
AdjustTokenPrivileges
RegQueryValueExA
SetSecurityDescriptorDacl
FreeSid
RegQueryInfoKeyW
AllocateAndInitializeSid
RegSetValueExW
RegCreateKeyExA
RegCreateKeyExW
RegDeleteValueW
CloseServiceHandle
SetSecurityDescriptorDacl
RegSetValueExW
FreeSid
OpenThreadToken
RegDeleteValueW
FreeSid
OpenProcessToken
RegCloseKey
GetTokenInformation
CloseServiceHandle
SetSecurityDescriptorDacl
RegCreateKeyExW
GetLengthSid
CloseServiceHandle
InitializeSecurityDescriptor
RegCreateKeyExW
AdjustTokenPrivileges
CloseServiceHandle
OpenThreadToken
RegCreateKeyExA
OpenThreadToken
RegOpenKeyExW
AdjustTokenPrivileges
GetTokenInformation

kernel32

FormatMessageW
GetModuleHandleA
GetCurrentProcessId
MultiByteToWideChar
GetCurrentThreadId
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceCounter
VirtualFree
GetTickCount
LocalFree
WaitForSingleObject
GetCurrentProcess
LocalAlloc
QueryPerformanceCounter
SetEvent
GetProcessHeap
GetCurrentProcess
GetModuleHandleW
FormatMessageW
SetUnhandledExceptionFilter
LocalFree
GetCurrentProcess
GetModuleHandleW
GetProcessHeap
MultiByteToWideChar
QueryPerformanceCounter
SetEvent
GetModuleHandleA
GetTickCount
GetACP
GetModuleFileNameA
WaitForSingleObject
LocalAlloc
GetCommandLineA
FormatMessageW
QueryPerformanceCounter
QueryPerformanceCounter
MultiByteToWideChar
SetUnhandledExceptionFilter
GetModuleHandleW
SetEvent
SetEvent
GetCurrentProcessId
GetProcessHeap
FormatMessageW
GetCurrentProcessId
GetCurrentThreadId
FormatMessageW
QueryPerformanceCounter
GetACP
GetACP
GetCommandLineA
QueryPerformanceCounter
GetCurrentThreadId
LocalAlloc
WaitForSingleObject
GetCurrentProcess
GetTickCount
GetCurrentProcessId
WaitForSingleObject
GetCommandLineA
GetModuleFileNameA
LocalFree
LocalFree
SetEvent
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcess
GetCommandLineA
SetUnhandledExceptionFilter
GetModuleHandleA
LocalFree
GetTickCount
SetEvent
GetModuleHandleW
GetCurrentProcess
GetCommandLineW
GetCommandLineA
GetModuleHandleW
GetCommandLineA
SetUnhandledExceptionFilter
LocalFree
GetProcessHeap
MultiByteToWideChar
GetACP
GetCommandLineW
GetCurrentThreadId
GetTickCount
LocalFree
GetCurrentThreadId
VirtualFree
SetEvent
GetCommandLineA
GetModuleFileNameA
FormatMessageW
GetCurrentProcess
LocalFree
GetACP
GetModuleFileNameA
GetModuleFileNameA
GetModuleHandleA
GetCurrentProcess
GetACP
GetACP
GetProcessHeap
MultiByteToWideChar
MultiByteToWideChar
SetUnhandledExceptionFilter
GetModuleFileNameA
SetUnhandledExceptionFilter
GetModuleHandleA
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
VirtualFree
GetCommandLineW
HeapAlloc
LocalAlloc
VirtualFree
GetCurrentThreadId
GetCurrentThreadId
GetCommandLineA
QueryPerformanceCounter
MultiByteToWideChar
GetCurrentProcess
GetCurrentProcessId
LocalFree
FormatMessageW
SetEvent
GetACP
SetUnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleW
SetUnhandledExceptionFilter
GetModuleHandleW
VirtualFree
GetModuleHandleA
GetCurrentProcessId
LocalAlloc
GetCommandLineW
SetEvent
GetProcessHeap
GetACP
SetEvent
GetCurrentThreadId
SetUnhandledExceptionFilter
WaitForSingleObject
GetModuleHandleA
SetUnhandledExceptionFilter
LocalAlloc
SetUnhandledExceptionFilter
GetTickCount
GetCurrentProcess
GetCurrentProcessId
LocalAlloc
GetCommandLineW
GetTickCount
GetCurrentThreadId
GetModuleFileNameA

user32

GetSystemMetrics
GetDlgItem
GetDlgItem
SetTimer
GetWindowRect
ReleaseDC
GetMessageW
GetDC
GetDC
GetSystemMetrics
GetSystemMetrics
PostMessageW
ShowWindow
CreateWindowExW
DefWindowProcW
PostMessageW
GetDC
SetTimer
LoadIconW
GetMessageW
DestroyWindow
CreateWindowExW
GetDlgItem
CreateWindowExW
GetDC
PostMessageW
SendMessageW
GetWindowRect
DefWindowProcW
SendMessageW
GetMessageW
DefWindowProcW
SetTimer
PostMessageW
DefWindowProcW
GetMessageW
GetDlgItem
SendMessageW
CreateWindowExW
CreateWindowExW
LoadIconW
SetTimer
GetSystemMetrics
GetSystemMetrics
ShowWindow
GetWindowRect
GetMessageW
PostMessageW
SendMessageW
GetMessageW
DefWindowProcW
GetDC
GetWindowRect
DefWindowProcW
GetDlgItem
LoadIconW
SetTimer
GetDlgItem
LoadIconW
SendMessageW
GetDC
DefWindowProcW
ReleaseDC
SetTimer
GetSystemMetrics
SetTimer
GetDC
GetMessageW
ReleaseDC
SetTimer
GetWindowRect
CreateWindowExW
ReleaseDC
GetMessageW
DefWindowProcW
GetWindowRect
GetSystemMetrics
GetSystemMetrics
GetWindowRect
GetMessageW
DestroyWindow
PostMessageW
GetDlgItem
SendMessageW
DefWindowProcW
CreateWindowExW
PostMessageW
GetDlgItem
GetWindowRect
DestroyWindow
PostMessageW
DefWindowProcW
CreateWindowExW
GetSystemMetrics
PostMessageW
SendMessageW
SetTimer
ShowWindow
GetDC
GetMessageW
GetMessageW
ReleaseDC
ShowWindow
GetDlgItem
DestroyWindow
DestroyWindow
DefWindowProcW
DestroyWindow
PostMessageW
GetSystemMetrics
GetDlgItem
ReleaseDC
GetSystemMetrics
SendMessageW
GetDlgItem
SetTimer
GetDlgItem
GetMessageW
SendMessageW
ShowWindow
PostMessageW
LoadIconW
LoadIconW
CreateWindowExW
GetWindowRect
GetMessageW
GetAncestor
LoadIconW
SendMessageW
CreateWindowExW
ShowWindow
LoadIconW
GetSystemMetrics
GetWindowRect
SetTimer
GetSystemMetrics
CreateWindowExW
SetTimer
GetSystemMetrics
DefWindowProcW
GetDC
LoadIconW
LoadIconW
DestroyWindow
CreateWindowExW

shell32

SHGetMalloc
Shell_NotifyIconW
DragQueryFileW
SHChangeNotify
SHGetPathFromIDListW
ExtractIconW
ExtractIconW
SHGetSpecialFolderLocation
DragAcceptFiles
DragFinish
SHGetPathFromIDListW
SHGetFileInfoW
ExtractIconW
SHGetFolderPathW
ExtractIconW
DragQueryFileW
SHGetMalloc
ShellAboutW
SHGetFolderPathW
DragQueryFileW
ShellAboutW
SHGetFolderPathW
SHGetMalloc
DragQueryFileW
CommandLineToArgvW
SHGetDesktopFolder
DragFinish
CommandLineToArgvW
SHGetPathFromIDListW
ExtractIconW
SHChangeNotify
SHGetFileInfoW
SHGetSpecialFolderLocation
DragAcceptFiles
CommandLineToArgvW
SHGetFileInfoW
ShellAboutW
SHGetSpecialFolderPathW
ShellAboutW
SHGetPathFromIDListW
ShellExecuteExW
ExtractIconExW
SHGetFolderPathW
CommandLineToArgvW
SHGetFileInfoW
ExtractIconW
DragFinish
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellAboutW
DragQueryFileW
DragQueryFileW
Shell_NotifyIconW
CommandLineToArgvW
CommandLineToArgvW
Shell_NotifyIconW
SHChangeNotify

gdi32

GetTextExtentPoint32W
CreateSolidBrush
GetDeviceCaps
CreateSolidBrush
SetBkMode
DeleteObject
PatBlt
CreateFontIndirectW
GetStockObject
DeleteDC
GetTextMetricsW
GetStockObject
TextOutW
TextOutW
BitBlt
CreateCompatibleDC
CreateSolidBrush
SelectObject
GetObjectW
MoveToEx
SelectObject
SetBkMode
GetDeviceCaps
CreateSolidBrush
CreateFontIndirectW
BitBlt
MoveToEx
DeleteDC
LineTo
GetDeviceCaps
GetStockObject
SelectObject
CreateBitmap
ExtTextOutW
PatBlt
CreateSolidBrush
SetTextColor
ExtTextOutW
LineTo
BitBlt
GetDeviceCaps
StretchBlt
TextOutW
SetTextColor
CreateSolidBrush
DeleteDC
GetObjectW
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 904KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 351KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b1f68d7a62ea7c4185b2c6e5c8e1ff8

Headers

File Characteristics

Imports

advapi32

kernel32

user32

shell32

gdi32

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 12KB - Virtual size: 904KB

.data Size: 351KB - Virtual size: 352KB

.edata Size: 512B - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 12KB - Virtual size: 904KB

.data
Size: 351KB - Virtual size: 352KB

.edata
Size: 512B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB