8dcac983ad3b735e48bf922abf420fc0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8dcac983ad3b735e48bf922abf420fc0_JaffaCakes118
Size

332KB
MD5

8dcac983ad3b735e48bf922abf420fc0
SHA1

bc1c4ae63d36d65541dbd0e30e0dd8d30f5bb818
SHA256

54a557bbc28655812a38f9a66e49d44eddeb51970e14897a5ddcf95394f893bb
SHA512

847eb6dbb6b4eb3780475dde13f7eb93d551dad6d7cb6687964b11ea7fa83546d10dd6d09a44e861b80d4d749085e218d4bb59014323af97dcd9c385461bb0e9
SSDEEP

6144:6FPBw46kvIX8IYaCmuin1YbN9ZMWGhhQzdKJLVBSNpAtInn+nFU/7oaFVhCYQi6:6FPPvIX8IPCmuiGbN9ZhKyuy8iAO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8dcac983ad3b735e48bf922abf420fc0_JaffaCakes118

Files

8dcac983ad3b735e48bf922abf420fc0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cd8a57275a4205a701e4a473901fb352

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcW
DialogBoxIndirectParamA
GetNextDlgTabItem
TrackPopupMenuEx
SetClipboardData
GetComboBoxInfo
LoadStringW
EndDialog
GetMenuItemID
GetAsyncKeyState
SetWindowPos
GetClientRect
CallMsgFilterW
SetTimer
SetPropA
DeferWindowPos
GetSystemMenu
GetKeyState
DrawTextExW
TranslateAcceleratorW
OpenClipboard
SendDlgItemMessageW
MonitorFromWindow
SetCursorPos
PtInRect
GetActiveWindow
SetScrollPos
MapDialogRect
GetWindowDC
SetForegroundWindow
GetPropW
EndMenu
IsDlgButtonChecked
GetWindowTextW
DestroyWindow
CopyRect
GetWindowTextLengthW
GetMessagePos
DispatchMessageA
DrawFrameControl
MessageBoxIndirectA
GetShellWindow
DrawEdge
AdjustWindowRect
OffsetRect
CharPrevW
SetActiveWindow
GetWindowInfo
SetDlgItemInt
CloseClipboard
SendMessageTimeoutA
CreatePopupMenu
GetMonitorInfoW
CopyIcon
CallNextHookEx
DdeInitializeW
WindowFromPoint
GetClassInfoW
ReleaseDC
LoadAcceleratorsW
MessageBoxW
RegisterClipboardFormatW
CreateWindowExW
GetDlgItemTextW
ChildWindowFromPoint
GetKeyboardLayout
DdeUninitialize
GetMenuDefaultItem
LoadCursorW
SetWindowPlacement
GetForegroundWindow
IsMenu
GetCursor
TranslateMessage
SetMenuItemInfoW
SetCursor
GetIconInfo
GetWindowLongA
CharLowerBuffW
GetMenuState
GetAncestor
GetDlgItem
UpdateLayeredWindow
EnableMenuItem
GetDesktopWindow
TrackMouseEvent
GetClassInfoExW
DestroyIcon
SetWindowLongW
TrackPopupMenu
InflateRect
PostQuitMessage
MessageBoxExW
GetClipboardData
GetSubMenu
CopyImage
GetLastActivePopup
RegisterClassW
AdjustWindowRectEx
GetClassWord
CheckMenuRadioItem
KillTimer
ShowCaret
AttachThreadInput
EnumThreadWindows
SendNotifyMessageW
ShowScrollBar
GetTopWindow
GetDoubleClickTime
UnionRect
SetWindowRgn
CreateMenu
IsChild
MonitorFromPoint
FillRect
LoadImageW
DestroyMenu
UpdateWindow
wsprintfW
VkKeyScanExW
GetParent
CharUpperW
RemoveMenu
SetClipboardViewer
SetWindowTextW
CreateDialogParamW
UnhookWindowsHookEx
RegisterClipboardFormatA
GetCursorPos
SetPropW
WaitForInputIdle
GetSystemMetrics
EnumChildWindows
MapVirtualKeyW
AllowSetForegroundWindow
LoadMenuW
DdeFreeStringHandle
SystemParametersInfoA
GetMessageA
GetMenuItemInfoA
ShowWindow
GetClipboardFormatNameW
GetDC
IsCharAlphaNumericW
ReleaseCapture
PostThreadMessageW
MessageBoxIndirectW
PeekMessageA
CharNextA
SetMenu
DdeFreeDataHandle
GetCapture
DeleteMenu
SetParent
DdeCreateStringHandleW
RemovePropW
DialogBoxParamW
BeginDeferWindowPos
LoadCursorA
GetSysColor
DrawFocusRect
GetDlgCtrlID
PostMessageW
SetCapture
DialogBoxIndirectParamW
ScreenToClient
MsgWaitForMultipleObjects
CheckRadioButton
IsIconic
DdeClientTransaction
FindWindowA
GetWindowPlacement
IsRectEmpty
LoadIconW
DdeDisconnect
SetDlgItemTextW
WaitMessage
GetMenuStringW
GetMenuItemInfoW
DispatchMessageW
GetWindow
LoadBitmapW
InvalidateRect
HideCaret
MessageBeep
GetSysColorBrush
DdeCreateDataHandle
SendMessageW
SetRect
DdeQueryStringW
DrawIconEx
DefWindowProcW
GetMenuItemCount
DdeGetData
CheckMenuItem
EnableWindow
EmptyClipboard
BeginPaint
GetClassLongW
SetWindowLongA
LockSetForegroundWindow
WinHelpW
SetScrollInfo
GetWindowThreadProcessId
GetMessageW
RegisterWindowMessageA
IsDialogMessageW
GetClassNameW
GetKeyNameTextW
PeekMessageW
FindWindowW
GetLastInputInfo
IsWindowUnicode
ShowOwnedPopups
CharPrevA
EnumWindows
SetRectEmpty
SetWindowsHookExW
IsHungAppWindow
FindWindowExW
GetPropA
EndPaint
CheckDlgButton
GetMessageTime
SetMenuDefaultItem
IsWindowEnabled
PostThreadMessageA
EnumDesktopWindows
DdeConnect
GetWindowRgnBox
InsertMenuItemW
IsWindow
GetProcessWindowStation
CharLowerW
LoadStringA
MonitorFromRect
SendMessageTimeoutW
RedrawWindow
ClientToScreen
SetMenuItemBitmaps
RegisterClassExW
GetDialogBaseUnits
DefWindowProcA
CreateIconIndirect
PostMessageA
DrawTextW
SendMessageA
EndDeferWindowPos
EqualRect
DdeNameService
SystemParametersInfoW
InsertMenuW
MessageBoxExA
AppendMenuW
MoveWindow
IsWindowVisible
EnumDisplaySettingsW
SetFocus
RemovePropA
MsgWaitForMultipleObjectsEx
UnregisterClassW
DestroyAcceleratorTable
RegisterWindowMessageW
GetFocus
GetWindowRect
GetScrollInfo
GetWindowLongW
ChangeClipboardChain
MapWindowPoints
NotifyWinEvent
AnimateWindow
DialogBoxParamA
CharNextW
IntersectRect

advapi32

RegDeleteValueW
CryptAcquireContextW
GetTraceLoggerHandle
GetTraceEnableFlags
RegCreateKeyExW
RegCreateKeyExA
RegQueryValueExA
RegDeleteValueA
CryptDestroyHash
GetLengthSid
CreateProcessAsUserW
RegCloseKey
IsTextUnicode
RegEnumValueA
CryptHashData
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegEnumKeyW
OpenThreadToken
CryptGetHashParam
RegDeleteKeyW
RegOpenCurrentUser
RegQueryValueExW
CryptReleaseContext
TraceEvent
OpenProcessToken
RegCreateKeyA
DuplicateTokenEx
GetTokenInformation
GetUserNameW
ConvertSidToStringSidW
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
SetTokenInformation
GetTraceEnableLevel
RegOpenKeyExW
RegisterTraceGuidsW
RegSetValueExW
RegQueryInfoKeyW
RegQueryValueW
CryptCreateHash
SetThreadToken
RegOpenKeyW
RegEnumValueW
UnregisterTraceGuids
TraceMessage
ImpersonateSelf
RegEnumKeyExW
ConvertStringSidToSidW

kernel32

ResumeThread
ExpandEnvironmentStringsW
CreateActCtxW
WaitForMultipleObjects
OpenMutexA
HeapCreate
GetThreadLocale
CreateProcessW
QueryDosDeviceW
TlsSetValue
GlobalFree
FindAtomW
SetEndOfFile
CreateToolhelp32Snapshot
WriteFile
ActivateActCtx
GetTickCount
QueueUserWorkItem
LoadLibraryW
WideCharToMultiByte
DeactivateActCtx
MoveFileExW
UnhandledExceptionFilter
GetFileInformationByHandle
DisableThreadLibraryCalls
CreateMutexW
ReadFile
ReleaseActCtx
FreeLibrary
FindNextFileW
EnterCriticalSection
ResetEvent
GetSystemDefaultUILanguage
GetDateFormatW
GetVersionExA
GetShortPathNameW
MulDiv
CreateDirectoryA
LockFileEx
GetTempPathW
MoveFileW
GetPrivateProfileSectionNamesW
GlobalFlags
InterlockedCompareExchange
GlobalAddAtomW
CreateFileW
CreateFileA
LocalReAlloc
SetCurrentDirectoryW
GetSystemTime
FileTimeToLocalFileTime
OpenProcess
TlsAlloc
TerminateThread
CreateThread
SetFilePointerEx
LockResource
lstrcmpA
GetTempFileNameW
GetCurrentThread
TryEnterCriticalSection
SetCurrentDirectoryA
CompareFileTime
GetACP
VirtualQuery
SizeofResource
LoadLibraryA
GetLocaleInfoW
OutputDebugStringA
WritePrivateProfileStringW
EnumUILanguagesW
InterlockedDecrement
VirtualFree
FileTimeToSystemTime
DeleteTimerQueueTimer
lstrcmpW
ReplaceFileW
SetFileTime
GlobalLock
WaitForSingleObject
GetSystemInfo
RemoveDirectoryW
FindClose
GetEnvironmentVariableW
Process32FirstW
GetModuleHandleExA
WritePrivateProfileSectionW
LocalFree
GetModuleHandleA
CreateEventW
GetSystemWow64DirectoryW
RaiseException
ReleaseSemaphore
DeleteCriticalSection
CreateSemaphoreW
SetThreadExecutionState
GetFullPathNameW
GetFileAttributesA
GetLastError
QueryPerformanceFrequency
SetProcessWorkingSetSize
lstrlenA
HeapAlloc
GetModuleFileNameA
GetSystemDirectoryW
InterlockedIncrement
SetLastError
HeapReAlloc
IsWow64Process
LoadLibraryExW
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
CompareStringA
GetCurrentDirectoryW
DuplicateHandle
CreateTimerQueueTimer
GetLogicalDriveStringsW
GlobalAddAtomA
GetCurrentProcess
CreateDirectoryW
VirtualAlloc
GetProcAddress
GetFileSizeEx
lstrlenW
SetEnvironmentVariableW
CopyFileW
SetThreadContext
ExpandEnvironmentStringsA
GetWindowsDirectoryW
UnmapViewOfFile
IsDBCSLeadByte
CloseHandle
SuspendThread
InterlockedExchange
LeaveCriticalSection
LocalAlloc
GetPrivateProfileStringA
CreateFileMappingA
GetPrivateProfileSectionW
GetCurrentThreadId
LocalFileTimeToFileTime
GetSystemDirectoryA
FindFirstFileW
OpenMutexW
lstrcmpiW
SetThreadPriority
LocalSize
Process32NextW
GetModuleFileNameW
lstrcmpiA
FindResourceExW
AddAtomW
SetErrorMode
GetPrivateProfileStringW
FindResourceW
GetUserDefaultUILanguage
GetUserDefaultLCID
GetFileAttributesW
InitializeCriticalSection
DeleteAtom
GlobalUnlock
GetFileAttributesExW
LoadResource
GetProcessHeap
GetVersionExW
SystemTimeToFileTime
SetEvent
TerminateProcess
UnlockFileEx
GlobalAlloc
HeapDestroy
GetModuleHandleExW
OpenEventW
GetVersion
SetFilePointer
GetSystemTimeAsFileTime
CreateFileMappingW
GetCurrentProcessId
MapViewOfFile
DeleteFileW
GetLocalTime
TlsGetValue
CreateMutexA
WaitForSingleObjectEx
Sleep
GetLongPathNameW
GetThreadContext
GlobalDeleteAtom
GlobalReAlloc
GetThreadPriority
GetCPInfo
HeapFree
ReleaseMutex
TlsFree
GetExitCodeThread
QueryPerformanceCounter
FlushInstructionCache
GlobalSize
LCMapStringW
GetAtomNameW
SetProcessShutdownParameters
ExitProcess
GetNumberFormatW
SetUnhandledExceptionFilter
GetFileSize
FreeLibraryAndExitThread
MultiByteToWideChar
FormatMessageW
SearchPathW
DebugBreak
GetTimeFormatW
VirtualProtect
GetSystemDefaultLCID
SetFileAttributesW
CreateEventA
CompareStringW

ntdll

LdrGetDllHandle
NtAllocateVirtualMemory
RtlUshortByteSwap

uxtheme

IsThemeActive
DrawThemeParentBackground
GetThemeColor
GetThemeBackgroundExtent
DrawThemeBackground
GetThemeMargins
SetWindowTheme
IsAppThemed
GetThemeBackgroundContentRect
GetThemeMetric
GetThemePartSize
OpenThemeData
GetThemeAppProperties
GetThemeFont
CloseThemeData

psapi

GetProcessImageFileNameW

shell32

SHChangeNotify
SHAppBarMessage
SHFileOperationW
SHGetFolderPathW
SHCreateShellItem
SHGetDesktopFolder
ShellExecuteW
SHGetDataFromIDListW
SHGetFolderPathAndSubDirW
SHGetPathFromIDListW
Shell_NotifyIconW
SHBindToParent
ShellExecuteExW
SHGetPathFromIDListA
ShellExecuteA
SHGetFileInfoW
ShellAboutW
SHGetSpecialFolderLocation
SHSetLocalizedName
Shell_NotifyIconA
SHGetSpecialFolderPathW
ExtractIconW
SHGetInstanceExplorer
SHBrowseForFolderW
SHPathPrepareForWriteW
DragQueryFileW
SHGetFolderLocation
ExtractAssociatedIconExW
ExtractIconExW

gdi32

PlayEnhMetaFile
CreatePen
GetRegionData
GetTextMetricsW
TextOutA
GetBrushOrgEx
CreateDIBSection
GetLayout
CloseEnhMetaFile
OffsetRgn
GetPaletteEntries
CreatePalette
BitBlt
SetMapMode
LineTo
RestoreDC
GetTextExtentExPointI
CreateSolidBrush
GetTextAlign
SetDCPenColor
DeleteObject
GetStockObject
RealizePalette
GetRgnBox
GetBkMode
SetViewportOrgEx
GetTextExtentPoint32A
CreateFontIndirectW
CreateRectRgn
SetBrushOrgEx
GetTextCharset
CreateRectRgnIndirect
SetBkMode
CombineRgn
ExtTextOutW
Rectangle
CreateDCA
SetRectRgn
CreateMetaFileW
CreateDIBPatternBrushPt
TextOutW
CreateCompatibleBitmap
GetClipBox
CreateCompatibleDC
CreateHalftonePalette
PatBlt
GetObjectW
GetBkColor
MoveToEx
SelectObject
GetDeviceCaps
OffsetWindowOrgEx
GetPixel
EqualRgn
StretchBlt
DeleteEnhMetaFile
GetObjectA
CreateEnhMetaFileA
DeleteDC
SetTextAlign
CreateFontIndirectA
GetSystemPaletteEntries
LPtoDP
CloseMetaFile
GetDIBits
GetGlyphIndicesW
GetTextExtentPointW
GetTextExtentPoint32W
CreateFontW
SaveDC
SetPaletteEntries
ExtCreateRegion
CreateBitmap
SetStretchBltMode
StretchDIBits
CreateDCW
SetWindowExtEx
SetViewportExtEx
SelectPalette
SetWindowOrgEx
SetTextColor
IntersectClipRect
GetDCOrgEx
GetTextColor
CreatePolygonRgn
SetLayout
CreatePatternBrush
SetBkColor
RectVisible

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cd8a57275a4205a701e4a473901fb352

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

kernel32

ntdll

uxtheme

psapi

shell32

gdi32

Sections

.text Size: 183KB - Virtual size: 183KB

.rdata Size: 88KB - Virtual size: 88KB

.rsrc Size: 21KB - Virtual size: 21KB

.data Size: 37KB - Virtual size: 1.4MB

.tls Size: 512B - Virtual size: 4KB

.text
Size: 183KB - Virtual size: 183KB

.rdata
Size: 88KB - Virtual size: 88KB

.rsrc
Size: 21KB - Virtual size: 21KB

.data
Size: 37KB - Virtual size: 1.4MB

.tls
Size: 512B - Virtual size: 4KB