a4fdeb62094fb8e8750ff45335794767_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a4fdeb62094fb8e8750ff45335794767_JaffaCakes118
Size

533KB
MD5

a4fdeb62094fb8e8750ff45335794767
SHA1

237226e742ba5c93b736a4c2f72796c6aa90563f
SHA256

4825a04d88fd174b4e5119f2807a02d827910a139c5a19307d0cebe3ba6ac5c5
SHA512

6d4cbdc0108b4a4ff468ed7e23c2ec9c15bac1cc2fe0b267161cc33e9c889937f65bf99afc4a9c9c3f4ca7e127b1932eb9001f00d35f12128b071b25e50f88e9
SSDEEP

12288:iEMMnMMMMMU3TObpSihWZVRw8k075fkSoEtWeI1bk0i8/C:iEMMnMMMMM+T2heLwF0CSoEAbZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4fdeb62094fb8e8750ff45335794767_JaffaCakes118

Files

a4fdeb62094fb8e8750ff45335794767_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e320d1d82ed32969cb158a4bd2603bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate

psapi

GetProcessImageFileNameW

shell32

ExtractAssociatedIconExW
SHCreateShellItem
ShellExecuteExW
ShellExecuteA
SHGetDataFromIDListW
SHSetLocalizedName
Shell_NotifyIconA
ShellAboutW
SHBrowseForFolderW
DragQueryFileW
SHPathPrepareForWriteW
ShellExecuteW
Shell_NotifyIconW
ExtractIconW
SHGetFolderPathAndSubDirW
SHChangeNotify
SHGetInstanceExplorer
SHGetDesktopFolder
SHFileOperationW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
SHGetPathFromIDListA
SHBindToParent
SHAppBarMessage
ExtractIconExW
SHGetFolderLocation
SHGetPathFromIDListW
SHGetFolderPathW
SHGetFileInfoW

uxtheme

DrawThemeBackground
IsAppThemed
DrawThemeParentBackground
GetThemeMetric
GetThemeBackgroundContentRect
IsThemeActive
OpenThemeData
GetThemePartSize
GetThemeFont
GetThemeColor
SetWindowTheme
GetThemeMargins
GetThemeBackgroundExtent
CloseThemeData
GetThemeAppProperties

gdi32

BitBlt
GetObjectA
SetTextColor
SetBkMode
GetBkMode
CreateDCA
Rectangle
SetWindowExtEx
SetLayout
SaveDC
CreateCompatibleDC
GetTextExtentExPointI
ExtCreateRegion
SetTextAlign
SetBrushOrgEx
CreateRectRgnIndirect
RestoreDC
GetRegionData
ExtTextOutW
GetObjectW
CreateFontIndirectA
LineTo
SetStretchBltMode
CreateRectRgn
SetMapMode
GetLayout
GetStockObject
CreateSolidBrush
GetTextAlign
GetTextMetricsW
IntersectClipRect
CreateHalftonePalette
CombineRgn
CreateFontIndirectW
GetBrushOrgEx
GetTextExtentPoint32W
DeleteDC
CreateDIBPatternBrushPt
GetBkColor
CreateBitmap
GetGlyphIndicesW
TextOutA
CreateEnhMetaFileA
CreatePatternBrush
SetPaletteEntries
MoveToEx
TextOutW
EqualRgn
SetBkColor
CreateFontW
CreateCompatibleBitmap
SelectObject
GetSystemPaletteEntries
SetWindowOrgEx
GetDCOrgEx
CreatePen
GetTextExtentPoint32A
GetTextExtentPointW
GetTextColor
DeleteEnhMetaFile
OffsetRgn
SetDCPenColor
SelectPalette
OffsetWindowOrgEx
CreateDCW
GetDeviceCaps
LPtoDP
GetDIBits
CreatePolygonRgn
PlayEnhMetaFile
RectVisible
DeleteObject
SetViewportOrgEx
StretchBlt
SetViewportExtEx
CreateMetaFileW
GetPixel
CloseMetaFile
StretchDIBits
GetTextCharset
PatBlt
CreateDIBSection
GetRgnBox
GetPaletteEntries
SetRectRgn
RealizePalette
GetClipBox
CreatePalette
CloseEnhMetaFile

advapi32

RegOpenKeyExW
RegCreateKeyA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
CryptAcquireContextW
RegDeleteValueW
RegDeleteKeyW
RegEnumValueW
RegDeleteValueA
GetTraceEnableLevel
CreateProcessAsUserW
RegEnumKeyW
RegisterTraceGuidsW
TraceEvent
RegCreateKeyExW
RegQueryValueExA
CryptHashData
CryptGetHashParam
RegEnumValueA
RegEnumKeyExW
CryptReleaseContext
RegSetValueExA
GetLengthSid
RegOpenCurrentUser
SetThreadToken
RegOpenKeyW
ConvertStringSidToSidW
RegDeleteKeyA
GetTokenInformation
RegOpenKeyExA
ImpersonateSelf
OpenProcessToken
GetTraceEnableFlags
RegQueryValueExW
UnregisterTraceGuids
RegQueryInfoKeyW
GetTraceLoggerHandle
OpenThreadToken
IsTextUnicode
RegQueryValueW
SetTokenInformation
RegSetValueExW
GetUserNameW
TraceMessage
CryptCreateHash
CryptDestroyHash
DuplicateTokenEx
RegCreateKeyExA
ConvertSidToStringSidW

kernel32

VirtualAlloc

ntdll

RtlAddAccessAllowedObjectAce
RtlAdjustPrivilege
NtQuerySemaphore
NtSetSystemEnvironmentValueEx

user32

GetWindowDC
GetNextDlgTabItem
InflateRect
EnumWindows
GetPropA
GetDC
UpdateWindow
DialogBoxParamW
ReleaseDC
GetDesktopWindow
LockSetForegroundWindow
DialogBoxParamA
EnumDesktopWindows
IsRectEmpty
LoadCursorW
TrackMouseEvent
WindowFromPoint
DestroyMenu
DestroyAcceleratorTable
DdeFreeDataHandle
MessageBeep
EnableWindow
UnionRect
DispatchMessageA
EndMenu
GetActiveWindow
AnimateWindow
GetKeyNameTextW
MessageBoxExA
SetDlgItemInt
PostQuitMessage
TranslateAcceleratorW
IsWindowUnicode
PostThreadMessageA
AllowSetForegroundWindow
LoadStringW
CreateWindowExW
RedrawWindow
LoadCursorA
DdeConnect
IsMenu
SetWindowRgn
DrawFrameControl
CopyIcon
GetClientRect
DdeFreeStringHandle
BeginPaint
RemovePropW
DrawTextW
IsWindowEnabled
DdeGetData
GetIconInfo
RegisterClipboardFormatA
SetWindowLongA
GetProcessWindowStation
SetWindowPos
MessageBoxExW
FillRect
SendMessageA
GetWindow
SetFocus
SystemParametersInfoA
SetParent
CopyRect
GetClassLongW
MessageBoxIndirectW
GetWindowTextW
CopyImage
MessageBoxW
ClientToScreen
EndDialog
InvalidateRect
RemovePropA
DdeDisconnect
SendMessageW
IsChild
GetWindowTextLengthW
SetClipboardData
SetPropA
ScreenToClient
RegisterClipboardFormatW
CheckMenuItem
NotifyWinEvent
UnhookWindowsHookEx
SetMenu
GetAncestor
SetDlgItemTextW
LoadMenuW
MapVirtualKeyW
CharPrevW
GetDialogBaseUnits
SetPropW
ReleaseCapture
GetWindowRect
GetMessageTime
DeleteMenu
CharNextW
GetClassInfoExW
GetClassNameW
GetSysColorBrush
GetMessageW
DrawFocusRect
RemoveMenu
MsgWaitForMultipleObjects
CreatePopupMenu
SetMenuItemInfoW
AttachThreadInput
GetSystemMenu
GetComboBoxInfo
CheckMenuRadioItem
SendDlgItemMessageW
GetClipboardFormatNameW
GetMenuItemID
AdjustWindowRect
IsWindow
GetClassInfoW
GetMenuStringW
GetMenuDefaultItem
DdeCreateStringHandleW
SetCapture
SetRect
GetClipboardData
UnregisterClassW
MoveWindow
SendNotifyMessageW
RegisterWindowMessageW
DeferWindowPos
DialogBoxIndirectParamW
GetPropW
GetParent
CreateIconIndirect
DdeClientTransaction
PostMessageW
EmptyClipboard
WinHelpW
LoadAcceleratorsW
DispatchMessageW
EqualRect
CharUpperW
SendMessageTimeoutA
LoadImageW
MonitorFromWindow
IsHungAppWindow
TrackPopupMenu
FindWindowW
CharNextA
wsprintfW
GetWindowThreadProcessId
OpenClipboard
SendMessageTimeoutW
MessageBoxIndirectA
GetDlgItemTextW
EnumThreadWindows
GetMenuState
SetWindowsHookExW
GetCursorPos
CharPrevA
PostThreadMessageW
SetWindowLongW
CreateDialogParamW
TrackPopupMenuEx
SetCursorPos
SystemParametersInfoW
ShowScrollBar
DdeQueryStringW
EnableMenuItem
SetClipboardViewer
GetSystemMetrics
PostMessageA
GetDlgCtrlID
GetWindowLongW
DrawTextExW
RegisterClassExW
GetTopWindow
FindWindowA
SetTimer
GetMenuItemInfoW
BeginDeferWindowPos
GetCursor
CloseClipboard
EndPaint
DrawEdge
GetClassWord
GetKeyState
MapDialogRect
CreateMenu
IsDlgButtonChecked
GetShellWindow
PeekMessageW
SetWindowTextW
DestroyIcon
MapWindowPoints
EndDeferWindowPos
GetWindowRgnBox
InsertMenuItemW
RegisterClassW
SetCursor
SetScrollInfo
CharLowerBuffW
CallNextHookEx
CheckRadioButton
VkKeyScanExW
DdeUninitialize
DdeCreateDataHandle
SetRectEmpty
WaitForInputIdle
DdeNameService
ShowWindow
ShowOwnedPopups
GetLastActivePopup
GetMessageA
MonitorFromPoint
DestroyWindow
LoadBitmapW
GetWindowInfo
IsCharAlphaNumericW
AdjustWindowRectEx
GetWindowLongA
ChangeClipboardChain
HideCaret
DialogBoxIndirectParamA
CallMsgFilterW
LoadStringA
ShowCaret
MsgWaitForMultipleObjectsEx
FindWindowExW
GetMenuItemCount
GetDoubleClickTime
DrawIconEx
GetMonitorInfoW
InsertMenuW
GetLastInputInfo
SetActiveWindow
GetDlgItem
CallWindowProcW
GetWindowPlacement
CharLowerW
IsWindowVisible
SetScrollPos
UpdateLayeredWindow
WaitMessage
IsDialogMessageW
PtInRect
DefWindowProcA
GetAsyncKeyState
SetMenuDefaultItem
LoadIconW
SetWindowPlacement
RegisterWindowMessageA
CheckDlgButton
GetKeyboardLayout
DdeInitializeW
GetFocus
GetSubMenu
GetMessagePos
MonitorFromRect
SetMenuItemBitmaps
IsIconic
GetMenuItemInfoA
OffsetRect
AppendMenuW
GetForegroundWindow
GetScrollInfo
EnumDisplaySettingsW
IntersectRect
GetSysColor
GetCapture
SetForegroundWindow
TranslateMessage
DefWindowProcW
ChildWindowFromPoint
EnumChildWindows
KillTimer
PeekMessageA

rtutils

TraceDumpExW
TraceDumpExA

Sections

.text
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 489KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e320d1d82ed32969cb158a4bd2603bd

Headers

File Characteristics

Imports

ddraw

psapi

shell32

uxtheme

gdi32

advapi32

kernel32

ntdll

user32

rtutils

Sections

.text Size: 1024B - Virtual size: 1016B

.idata Size: 12KB - Virtual size: 12KB

.data Size: 5KB - Virtual size: 2.0MB

.rsrc Size: 489KB - Virtual size: 488KB

.rdata Size: 25KB - Virtual size: 24KB

.text
Size: 1024B - Virtual size: 1016B

.idata
Size: 12KB - Virtual size: 12KB

.data
Size: 5KB - Virtual size: 2.0MB

.rsrc
Size: 489KB - Virtual size: 488KB

.rdata
Size: 25KB - Virtual size: 24KB