8a1fb1ae2fb0206da6e284a8968682f4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8a1fb1ae2fb0206da6e284a8968682f4_JaffaCakes118
Size

846KB
MD5

8a1fb1ae2fb0206da6e284a8968682f4
SHA1

c2335c9ad18720f5c83a952c2fe2652feafb4b36
SHA256

637c7e5be0547b60f0753d104c18b1871149ee029d8135bf426a872f3bd34d27
SHA512

be2d29a0e6ae1d3cf3a363bf072904743ea25fc49167f80352eae207b0f60484018ecd7463b2f827b74589ec55e4595e9479e39202e369158e225695db14d369
SSDEEP

24576:o170q1SV9pZFcfx2jYBP08W2qfbjZfKga:iSVzzcfx2MP08Zqj1fM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a1fb1ae2fb0206da6e284a8968682f4_JaffaCakes118

Files

8a1fb1ae2fb0206da6e284a8968682f4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5e62b875ff8a78c39611064201209a8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesW
InterlockedExchange
WriteProcessMemory
GetLastError
TlsGetValue
HeapReAlloc
WritePrivateProfileSectionW
SetHandleCount
GetConsoleMode
GetLocalTime
GetShortPathNameW
HeapSize
TlsFree
FindFirstFileW
MultiByteToWideChar
VirtualFree
CloseHandle
WriteConsoleW
GetProcessHeap
SetUnhandledExceptionFilter
GetStartupInfoW
GetWindowsDirectoryW
GetStdHandle
FreeEnvironmentStringsW
IsValidCodePage
GlobalFree
GetSystemTimeAsFileTime
FindResourceW
GetFileSize
GetStringTypeA
LockResource
Process32FirstW
ExitProcess
MulDiv
ResumeThread
GetLocaleInfoA
GetOEMCP
GetSystemDirectoryW
GetFullPathNameW
InterlockedIncrement
GetCPInfo
SetFileAttributesW
FormatMessageW
ExitThread
GetPrivateProfileSectionW
GlobalMemoryStatusEx
SetErrorMode
SizeofResource
InitializeCriticalSectionAndSpinCount
SetEvent
CreateEventW
GetTempPathW
GetModuleHandleW
TerminateProcess
GetDateFormatA
DuplicateHandle
WaitForSingleObject
CreateHardLinkW
LoadLibraryA
CompareStringA
FindClose
SetPriorityClass
CreateThread
Beep
GlobalAlloc
GlobalLock
IsDebuggerPresent
ReadFile
SetFilePointerEx
GetTickCount
VirtualProtect
GetCurrentProcess
LoadLibraryW
GlobalUnlock
GetConsoleOutputCP
LCMapStringW
CompareStringW
GetACP
GetTempFileNameW
SetFilePointer
SetLastError
FindNextFileW
VirtualFreeEx
HeapFree
LeaveCriticalSection
QueryPerformanceCounter
OutputDebugStringW
WritePrivateProfileStringW
SetVolumeLabelW
GetCommandLineW
FreeLibrary
GetProcessIoCounters
DeleteCriticalSection
GetSystemInfo
GetModuleHandleA
WriteFile
CopyFileW
SetCurrentDirectoryW
DeleteFileW
CreateToolhelp32Snapshot
EnterCriticalSection
CreateDirectoryW
GetCurrentThread
GetPrivateProfileSectionNamesW
GetComputerNameW
RaiseException
SetEnvironmentVariableA
MoveFileW
CreateFileA
CreatePipe
FileTimeToLocalFileTime
SetStdHandle
GetExitCodeProcess
GetDriveTypeW
GetPrivateProfileStringW
Process32NextW
SetFileTime
TlsAlloc
Sleep
RtlUnwind
OpenProcess
GetTimeZoneInformation
LCMapStringA
GetCurrentThreadId
GetFileAttributesW
GetEnvironmentStringsW
CreateProcessW
WriteConsoleA
GetVersionExW
CreateFileW
SystemTimeToFileTime
LoadResource
GetProcAddress
FlushFileBuffers
GetCurrentDirectoryW
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
GetModuleFileNameW
FileTimeToSystemTime
UnhandledExceptionFilter
ReadProcessMemory
GetTimeFormatA
GetCurrentProcessId
GetFileType
SetEnvironmentVariableW
TerminateThread
QueryPerformanceFrequency
lstrcmpiW
TlsSetValue
SetEndOfFile
GetEnvironmentVariableW
WideCharToMultiByte
GetStartupInfoA
LoadLibraryExW
InterlockedDecrement
GetModuleFileNameA
LocalFileTimeToFileTime
RemoveDirectoryW
DeviceIoControl
GetConsoleCP
VirtualAlloc
HeapAlloc

user32

GetKeyboardState
TranslateMessage
KillTimer
CountClipboardFormats
OpenDesktopW
IsWindowEnabled
SetCursor
GetSystemMetrics
GetMenuStringW
SetKeyboardState
GetDlgCtrlID
GetMonitorInfoW
GetCursorPos
SendDlgItemMessageW
GetWindowDC
GetCaretPos
SendMessageW
GetSubMenu
GetForegroundWindow
MessageBeep
GetProcessWindowStation
InsertMenuItemW
BeginPaint
GetWindowLongW
PostMessageW
IsIconic
FlashWindow
DialogBoxParamW
IsCharLowerW
TranslateAcceleratorW
WindowFromPoint
SetActiveWindow
GetDesktopWindow
GetWindowTextLengthW
InvalidateRect
GetUserObjectSecurity
CreatePopupMenu
OpenWindowStationW
VkKeyScanW
DefWindowProcW
GetClassLongW
GetMenuItemID
SetForegroundWindow
DeleteMenu
SetFocus
LoadIconW
SetWindowLongW
OpenClipboard
CopyImage
FindWindowExW
LoadImageW
IsZoomed
SendInput
GetParent
GetCursorInfo
PeekMessageW
SetUserObjectSecurity
EnableWindow
GetClipboardData
ClientToScreen
mouse_event
IsClipboardFormatAvailable
TrackPopupMenuEx
PostQuitMessage
IsMenu
SetMenuDefaultItem
CloseWindowStation
SetWindowPos
DrawFrameControl
DispatchMessageW
DestroyAcceleratorTable
CheckMenuRadioItem
GetDC
SetClipboardData
CloseDesktop
MapVirtualKeyW
CharNextW
CreateAcceleratorTableW
UnregisterHotKey
FrameRect
SetWindowTextW
keybd_event
SetMenu
GetClientRect
CreateWindowExW
SetProcessWindowStation
MoveWindow
CharUpperBuffW
CreateMenu
CopyRect
GetKeyboardLayoutNameW
GetMenu
DrawFocusRect
DrawTextW
EnumThreadWindows
GetWindowThreadProcessId
GetDlgItem
DestroyWindow
GetWindowTextW
PtInRect
RegisterClassExW
GetWindowRect
DefDlgProcW
ShowWindow
ReleaseDC
CreateIconFromResourceEx
SystemParametersInfoW
FillRect
SetCapture
GetActiveWindow
SetLayeredWindowAttributes
SendMessageTimeoutW
ReleaseCapture
SetMenuItemInfoW
GetSysColor
FindWindowW
GetFocus
LockWindowUpdate
MonitorFromRect
RegisterHotKey
GetMenuItemCount
IsCharAlphaNumericW
IsDialogMessageW
EndPaint
RedrawWindow
CharLowerBuffW
GetMessageW
ExitWindowsEx
DestroyIcon
IsCharAlphaW
EndDialog
EnumWindows
GetKeyState
MessageBoxW
AdjustWindowRectEx
GetClassNameW
ScreenToClient
DrawMenuBar
GetMenuItemInfoW
DestroyMenu
MonitorFromPoint
IsWindowVisible
IsCharUpperW
SetTimer
LoadStringW
InflateRect
EnumChildWindows
CloseClipboard
SetRect
BlockInput
AttachThreadInput
MessageBoxA
RegisterWindowMessageW
IsWindow
IsDlgButtonChecked
wsprintfW
EmptyClipboard
LoadCursorW
GetAsyncKeyState

gdi32

Ellipse
MoveToEx
SetTextColor
SetBkMode
StrokeAndFillPath
DeleteDC
SetViewportOrgEx
StrokePath
GetTextExtentPoint32W
StretchBlt
SelectObject
DeleteObject
BeginPath
CreateFontW
CreateCompatibleBitmap
Rectangle
RoundRect
GetPixel
CreateSolidBrush
GetDIBits
GetTextFaceW
CreateDCW
EndPath
CreatePen
CloseFigure
PolyDraw
CreateCompatibleDC
GetStockObject
SetPixel
LineTo
SetBkColor
GetObjectW
GetDeviceCaps
ExtCreatePen
AngleArc

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegEnumKeyExW
DuplicateTokenEx
LockServiceDatabase
RegEnumValueW
RegCreateKeyExW
AddAce
OpenSCManagerW
LookupPrivilegeValueW
InitializeSecurityDescriptor
RegDeleteValueW
OpenProcessToken
CloseServiceHandle
RegQueryValueExW
OpenThreadToken
GetSecurityDescriptorDacl
CreateProcessWithLogonW
InitializeAcl
UnlockServiceDatabase
AdjustTokenPrivileges
GetLengthSid
InitiateSystemShutdownExW
RegCloseKey
RegOpenKeyExW
GetTokenInformation
SetSecurityDescriptorDacl
RegConnectRegistryW
GetAce
LogonUserW
CreateProcessAsUserW
RegDeleteKeyW
CopySid
GetUserNameW
GetAclInformation
RegSetValueExW

shell32

SHEmptyRecycleBinW
SHGetFolderPathW
SHGetSpecialFolderLocation
Shell_NotifyIconW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetMalloc
SHGetPathFromIDListW
DragQueryPoint
DragQueryFileW
ExtractIconExW
ShellExecuteW
SHFileOperationW
ShellExecuteExW
DragFinish

ole32

CoTaskMemAlloc
OleSetContainedObject
OleUninitialize
IIDFromString
CoCreateInstanceEx
OleInitialize
OleSetMenuDescriptor
CoSetProxyBlanket
CreateBindCtx
CLSIDFromString
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoInitializeSecurity
CreateStreamOnHGlobal
MkParseDisplayName
CLSIDFromProgID
StringFromCLSID
CoInitialize
StringFromIID

oleaut32

VariantInit
SysAllocString
OleLoadPicture
LoadRegTypeLi
VariantClear
VariantTimeToSystemTime
SafeArrayAllocData
OACreateTypeLib2
SafeArrayUnaccessData
VariantCopy
SafeArrayAllocDescriptorEx
GetActiveObject
VarR8FromDec
SafeArrayDestroyDescriptor
SafeArrayGetVartype
SafeArrayAccessData

comctl32

InitCommonControlsEx
ImageList_DragEnter
ImageList_DragMove
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Create
ImageList_Remove
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_SetDragCursorImage
ImageList_DragLeave

shlwapi

SHQueryInfoKeyA

winmm

timeGetTime
mciSendStringW
waveOutSetVolume

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wininet

InternetQueryDataAvailable
InternetCloseHandle
HttpQueryInfoW
InternetSetOptionW
FtpOpenFileW
HttpOpenRequestW
InternetReadFile
InternetConnectW
HttpSendRequestW
InternetOpenUrlW
InternetOpenW
InternetCrackUrlW
InternetQueryOptionW
FtpGetFileSize

wsock32

accept
gethostbyname
recv
setsockopt
ntohs
select
send
connect
WSAGetLastError
gethostname
listen
inet_addr
WSAStartup
WSACleanup
__WSAFDIsSet
closesocket
htons
socket
sendto
bind
recvfrom
ioctlsocket

mpr

WNetCancelConnection2W
WNetGetConnectionW
WNetAddConnection2W
WNetUseConnectionW

psapi

EnumProcessModules
GetModuleBaseNameW
GetProcessMemoryInfo
EnumProcesses

userenv

UnloadUserProfile
DestroyEnvironmentBlock
LoadUserProfileW
CreateEnvironmentBlock

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kyul
Size: - Virtual size: 5.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 487KB - Virtual size: 487KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e62b875ff8a78c39611064201209a8e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

winmm

version

wininet

wsock32

mpr

psapi

userenv

Sections

.text Size: 9KB - Virtual size: 8KB

.kyul Size: - Virtual size: 5.4MB

.rdata Size: 487KB - Virtual size: 487KB

.data Size: 301KB - Virtual size: 301KB

.tls Size: 512B - Virtual size: 57B

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 9KB - Virtual size: 8KB

.kyul
Size: - Virtual size: 5.4MB

.rdata
Size: 487KB - Virtual size: 487KB

.data
Size: 301KB - Virtual size: 301KB

.tls
Size: 512B - Virtual size: 57B

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 13KB - Virtual size: 12KB