8b9d70365d9c19f2695f91443fd1d5de_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8b9d70365d9c19f2695f91443fd1d5de_JaffaCakes118
Size

79KB
MD5

8b9d70365d9c19f2695f91443fd1d5de
SHA1

2eef21ff4f261c0588dec511296fa18405b968f5
SHA256

dc25046753ffa2b4bfb713f0717f7ddb45c2fe291bd88420d420a3eac30a0d7c
SHA512

f5c4d43283c640da35b3d6e13de59b2d2dbec9a406269cf98ce11c346b846e51313f0c42e13a0e77bd5a475dfbbb987b17e132dffd831924a81d0851a307f41d
SSDEEP

1536:DJwT/MzC5+yjwekahbvgWu0ZSppKh5fVSfSvFKxa19Vy236IBWKMFN:yCi+ONZhDgWu0IppKhQ+m8Vx36IBWKM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b9d70365d9c19f2695f91443fd1d5de_JaffaCakes118

Files

8b9d70365d9c19f2695f91443fd1d5de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c5decca1d8541b181be4e3923f6cfe8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
ClientToScreen
LoadBitmapW
IsWindowVisible
GetCaretPos
RegisterClipboardFormatA
DrawAnimatedRects
SendIMEMessageExA
EnumDesktopsA
AppendMenuW
IsCharAlphaNumericA
IsWindowEnabled
BeginDeferWindowPos
GetClassInfoExA
TileChildWindows
EnumDisplaySettingsExW
LoadBitmapA
SetClipboardData
ImpersonateDdeClientWindow
SetWindowTextW
GetClientRect
RegisterDeviceNotificationA
GetDialogBaseUnits
MapVirtualKeyExA
RemovePropW
GetKeyState
MonitorFromPoint
PaintDesktop
ChangeDisplaySettingsExA
PostMessageA
DdeImpersonateClient
IsChild
UnregisterHotKey
SetMessageQueue
DdeNameService
CheckRadioButton
SetSystemCursor
RegisterClipboardFormatW
GetMenuDefaultItem
GetAsyncKeyState
IsMenu
DrawIconEx
RedrawWindow
GetScrollPos
SetCaretBlinkTime
GetComboBoxInfo
EnumWindowStationsW
LoadKeyboardLayoutW
SetMenuContextHelpId
WINNLSEnableIME
IsRectEmpty
DefWindowProcA
CreateWindowStationW
OemToCharBuffA
TranslateMessage
SendNotifyMessageW
TrackPopupMenuEx
CreateWindowExW
SetUserObjectInformationW
RegisterClassExW
RegisterHotKey
DrawEdge
CopyIcon
DlgDirSelectComboBoxExW
MapVirtualKeyA
LoadCursorA
CallMsgFilterW
SetSysColors
CharUpperA
GetPropW
IsWindowUnicode
EnumPropsExA
DrawStateA
DrawTextExW
CreateCursor
DdeQueryNextServer
GetSysColor
DrawMenuBar
OpenClipboard
DdePostAdvise
GetMenuStringA
InternalGetWindowText
IsCharLowerW
DialogBoxParamA
ExcludeUpdateRgn
ScrollDC
MsgWaitForMultipleObjectsEx
EnumThreadWindows
OpenIcon
ScreenToClient
SetClassLongW
GetMenuInfo
GetClassLongW
RealChildWindowFromPoint
CreateIconFromResourceEx
WinHelpW
CharNextW
DefMDIChildProcW
GetMenuBarInfo
DrawStateW
CallWindowProcW
GetKeyboardState
IsIconic
EnumPropsA
IsCharAlphaA
DrawTextA
CharLowerA
MapDialogRect
CreateMenu
GetCursorPos
GetInputDesktop
GetSystemMenu
LoadKeyboardLayoutA
DlgDirListW
DdeFreeStringHandle
GetDlgItem
GetScrollInfo
AdjustWindowRectEx
GetGuiResources
RemoveMenu
GetClassInfoA
BroadcastSystemMessageA
GetProcessDefaultLayout
SetScrollInfo
GetForegroundWindow
InSendMessageEx
SetDlgItemTextA
GetScrollRange
DrawTextExA
IsCharLowerA
SetMenuInfo
EnumChildWindows
SetRectEmpty
GetSubMenu
DragObject
SetDebugErrorLevel
GetMenuCheckMarkDimensions
GetInputState
OemToCharA
GetMonitorInfoW

advapi32

LookupAccountSidA
GetSecurityDescriptorGroup
ClearEventLogW
InitializeSid
LookupPrivilegeValueA
CryptEnumProviderTypesA
QueryServiceStatus
BackupEventLogA
SetSecurityDescriptorOwner
GetOldestEventLogRecord
RegSetValueW
LockServiceDatabase
GetSidIdentifierAuthority
StartServiceA
ConvertSecurityDescriptorToAccessW
EnumServicesStatusA
RegSetValueExA
GetTokenInformation
IsValidSid
ReadEventLogW
SetServiceBits
RegDeleteValueW
RegSetValueA
CryptGenRandom
GetNamedSecurityInfoA
RegisterServiceCtrlHandlerA
GetKernelObjectSecurity
SetNamedSecurityInfoW
AccessCheckAndAuditAlarmW
CancelOverlappedAccess
CreateProcessAsUserW
RegEnumValueA
AddAce
GetFileSecurityA
BuildSecurityDescriptorA
ConvertAccessToSecurityDescriptorW
GetCurrentHwProfileA
AddAccessDeniedAce
ObjectDeleteAuditAlarmA
BuildImpersonateExplicitAccessWithNameW
RegQueryMultipleValuesA
SetServiceStatus
GetAccessPermissionsForObjectA
RegGetKeySecurity
DestroyPrivateObjectSecurity
RegEnumValueW
LookupSecurityDescriptorPartsA
BuildSecurityDescriptorW
ReportEventA
RegCreateKeyA
BuildTrusteeWithNameA
BuildExplicitAccessWithNameW
ObjectCloseAuditAlarmA
GetSecurityDescriptorOwner
BuildExplicitAccessWithNameA
CryptDestroyKey
ObjectDeleteAuditAlarmW
OpenProcessToken
SetSecurityDescriptorSacl
AccessCheck
GetServiceKeyNameA
BuildTrusteeWithNameW
InitiateSystemShutdownW
IsValidSecurityDescriptor
IsValidAcl
CryptEnumProviderTypesW
GetSidSubAuthorityCount
ControlService
ObjectPrivilegeAuditAlarmA
GetAce
RegRestoreKeyA
BuildTrusteeWithSidW
QueryServiceLockStatusW
DuplicateTokenEx
QueryServiceConfigW
AdjustTokenPrivileges
GetEffectiveRightsFromAclW
OpenSCManagerA
CryptSignHashW
SetEntriesInAccessListW
GetAccessPermissionsForObjectW
StartServiceW
CryptAcquireContextA
OpenEventLogW
CreateServiceW
AbortSystemShutdownA
RevertToSelf
PrivilegeCheck
RegNotifyChangeKeyValue
SetFileSecurityA
GetSecurityInfoExW
GetSecurityInfo
SetEntriesInAccessListA
RegConnectRegistryW
GetMultipleTrusteeW
SetEntriesInAuditListW
EnumDependentServicesW
ChangeServiceConfigW
GetFileSecurityW
OpenBackupEventLogA
ImpersonateLoggedOnUser
RegReplaceKeyW
InitializeSecurityDescriptor
GetExplicitEntriesFromAclW
CryptImportKey
CryptSetProviderW
SetSecurityDescriptorGroup

kernel32

GetCurrencyFormatW
SystemTimeToTzSpecificLocalTime
GetTempFileNameA
InitAtomTable
SetPriorityClass
GetCPInfoExA
CreateFileA
OpenSemaphoreW
CreateRemoteThread
SetTimeZoneInformation
BackupWrite
CompareStringW
LocalShrink
RemoveDirectoryA
IsBadStringPtrW
OpenEventA
WritePrivateProfileSectionW
lstrlenA
GetQueuedCompletionStatus
FindAtomA
CancelWaitableTimer
GetComputerNameW
QueryDosDeviceA
Heap32ListFirst
FillConsoleOutputAttribute
IsProcessorFeaturePresent
FindNextChangeNotification
UnmapViewOfFile
PeekConsoleInputW
GetNumberFormatA
DeleteFileW
GetLocaleInfoA
RequestWakeupLatency
GlobalCompact
SetConsoleActiveScreenBuffer
RaiseException
MulDiv
FindFirstFileA
GetTempPathA
GlobalSize
FlushInstructionCache
GlobalLock
CallNamedPipeW
GetPrivateProfileSectionW
GetCompressedFileSizeW
IsBadStringPtrA
GetOEMCP
LCMapStringA
GlobalReAlloc
GetDiskFreeSpaceA
VirtualProtect
VirtualAlloc
GetTapeParameters
SetThreadIdealProcessor
SetCommMask
WritePrivateProfileStructA
GetComputerNameA
GetStringTypeA
ReadFileEx
SetTapePosition
EnumResourceLanguagesA
GetWriteWatch
GetNamedPipeInfo
VirtualUnlock
ReadProcessMemory
GetEnvironmentVariableA
ClearCommError
GetProfileIntW
SetFilePointer
GetCPInfo
SearchPathW
BeginUpdateResourceW
ResumeThread
SetMessageWaitingIndicator
CreateTapePartition
ReadConsoleOutputCharacterW
FindResourceW
UnlockFile
EnumDateFormatsExW
lstrcpyA
GetFileAttributesExA
GetFileTime
GetPrivateProfileStructA
SetErrorMode
lstrlen
OpenMutexW
GetSystemTimeAsFileTime
OpenProcess
GetProfileStringW
BuildCommDCBAndTimeoutsA
SetFileApisToOEM
ClearCommBreak
IsDBCSLeadByte
SetThreadPriority
WritePrivateProfileStructW
GetLogicalDriveStringsA
GlobalFindAtomA
UpdateResourceW
LoadLibraryExW
DefineDosDeviceA
WriteProfileStringW
VirtualFree
GetSystemDirectoryW
GetPrivateProfileIntA
GetCurrentDirectoryW
UpdateResourceA
LockResource
CreateThread
WriteConsoleOutputAttribute
ReadConsoleInputA
CreateWaitableTimerA
WritePrivateProfileStringA
GetTickCount
WaitNamedPipeA
GetPrivateProfileStringA
SetFileAttributesA
SetConsoleCursorInfo
EnumResourceTypesW
GetDevicePowerState
EnumSystemLocalesW
SetSystemTimeAdjustment
ReadConsoleW
GetLastError
GetVersionExW
EscapeCommFunction
GetDefaultCommConfigW
WriteConsoleA
GetFullPathNameW
CreateProcessA
CreateEventW
CreateMailslotW
SetMailslotInfo

shlwapi

PathIsSameRootA
SHSkipJunction
StrCatBuffA
SHGetValueW
UrlHashA
IntlStrEqWorkerA
PathMakePrettyW
StrRStrIW
SHRegWriteUSValueA
StrStrW
PathIsUNCA
PathMakeSystemFolderA
PathGetDriveNumberW
PathCompactPathW
PathCombineW
StrCSpnW
wnsprintfA
SHRegQueryUSValueW
StrRChrIW
PathRemoveArgsA
StrFormatByteSizeW
UrlCompareA
PathStripPathA
PathFindNextComponentA
StrFormatKBSizeA
PathIsRelativeA
StrStrIA
StrCpyNW
SHRegDeleteEmptyUSKeyA
PathBuildRootW
AssocQueryStringByKeyW
SHRegGetBoolUSValueA
PathGetCharTypeA
PathFileExistsW
SHRegCreateUSKeyW
PathAddExtensionW
SHOpenRegStreamW
GetMenuPosFromID
PathSearchAndQualifyW
UrlGetLocationA
SHDeleteEmptyKeyA
PathCompactPathExW
PathGetArgsA
UrlIsA
UrlUnescapeW
PathIsFileSpecA
PathIsRootA
StrIsIntlEqualW
PathSkipRootA
StrIsIntlEqualA
UrlIsNoHistoryW
SHCopyKeyA
SHRegCloseUSKey
SHRegDeleteUSValueA
StrFormatByteSizeA
StrTrimA
SHRegSetUSValueW
StrRetToStrA
StrCmpNIW
PathStripPathW
UrlGetPartW
StrSpnA
StrFormatByteSize64A
PathUnquoteSpacesA
PathUnmakeSystemFolderA
AssocQueryKeyW
PathFindExtensionW
PathCompactPathExA
PathRenameExtensionA
PathFileExistsA
SHSetValueA
PathGetArgsW
PathIsSameRootW
StrToIntW
UrlApplySchemeW
UrlCombineA
UrlEscapeA
PathGetCharTypeW
PathIsSystemFolderW
SHCreateStreamOnFileW
PathUnquoteSpacesW
SHRegQueryInfoUSKeyW
PathSetDlgItemPathW
UrlApplySchemeA
PathUndecorateA
UrlHashW
PathIsFileSpecW
SHRegSetUSValueA
AssocQueryStringW
UrlCanonicalizeA
PathIsDirectoryEmptyA
SHRegEnumUSValueW
StrRChrIA
PathIsDirectoryEmptyW
SHCreateShellPalette
SHEnumValueA
UrlIsNoHistoryA
UrlIsOpaqueW
PathRelativePathToA
StrFromTimeIntervalW
PathRemoveBlanksA
StrRetToBufA
SHQueryInfoKeyA
SHDeleteValueA
ColorRGBToHLS
StrCSpnA

ole32

OleCreateLinkFromDataEx
CreateOleAdviseHolder
GetHookInterface
OleCreateEmbeddingHelper
StringFromIID
WriteClassStg
CoFileTimeNow
OleLoadFromStream
GetRunningObjectTable
CreateDataAdviseHolder
CoLoadLibrary
OleGetIconOfClass
RevokeDragDrop
CoFreeAllLibraries
CoCreateGuid
OleDoAutoConvert
CreateFileMoniker
CoGetInstanceFromIStorage
SetDocumentBitStg
CoGetPSClsid
OleSetClipboard
StgCreateDocfile
OleSetMenuDescriptor
IsAccelerator
OleCreateStaticFromData
StgOpenStorage
CoRevokeMallocSpy
GetDocumentBitStg
CoCreateFreeThreadedMarshaler
UtGetDvtd16Info
CoReleaseServerProcess
MkParseDisplayName
CoRegisterMallocSpy
StgOpenStorageEx
CoQueryAuthenticationServices
ReadClassStm
CoInitializeSecurity
CoQueryClientBlanket
CoGetCallerTID
GetClassFile
OleSetContainedObject
OleCreateLinkFromData
StgSetTimes
GetConvertStg
ReadStringStream
ReadFmtUserTypeStg
CreateGenericComposite
CoTaskMemAlloc
CoGetCurrentLogicalThreadId
CreateDataCache
ReadClassStg
CLSIDFromString
OleDestroyMenuDescriptor
EnableHookObject
OleIsRunning
FreePropVariantArray
OpenOrCreateStream
PropVariantCopy
CoFreeLibrary
CoResumeClassObjects
CoLockObjectExternal
UtConvertDvtd16toDvtd32
OleDuplicateData
CoGetTreatAsClass
CoInitializeEx
OleCreateDefaultHandler
MonikerRelativePathTo
CreateStreamOnHGlobal
CoRegisterChannelHook
OleSaveToStream
CoFileTimeToDosDateTime
CoGetInterfaceAndReleaseStream
StgCreateDocfileOnILockBytes
OleBuildVersion
OleCreateFromFileEx
OleCreateLinkToFile
OleCreateEx
CoSetProxyBlanket
StgOpenStorageOnILockBytes
IsEqualGUID
DllDebugObjectRPCHook
CoCopyProxy
CoCreateInstance
RegisterDragDrop
OleRun
IIDFromString
OleLockRunning
OleCreateMenuDescriptor
CoGetClassObject
OleConvertOLESTREAMToIStorageEx
StgIsStorageFile
CreateILockBytesOnHGlobal
CoInitialize
CoBuildVersion
OleConvertIStorageToOLESTREAM
OleGetAutoConvert
StgGetIFillLockBytesOnILockBytes
OleSetAutoConvert
OleUninitialize
WriteFmtUserTypeStg
GetHGlobalFromILockBytes
StringFromGUID2

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 311B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0c5decca1d8541b181be4e3923f6cfe8

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

kernel32

shlwapi

ole32

Sections

.text Size: 61KB - Virtual size: 61KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 311B

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 311B