af8134ef2e2be51fc91f25f73cb4e179_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

af8134ef2e2be51fc91f25f73cb4e179_JaffaCakes118
Size

841KB
MD5

af8134ef2e2be51fc91f25f73cb4e179
SHA1

2e4989b33d4bde23e643f31246137378816befd7
SHA256

4df6879513f6fe472fb104b7ccf69d9af6118f3e32913718a483e1cbf1c467a2
SHA512

8ab8047daf842dcf61c779ff8169a4468d156934c5f50cfe81c94f826ca8cbfed19de4ff835beb35ec0d30b1dbe839a6bd3f5597accdc0c3e720a2bee593ea8c
SSDEEP

24576:ESEwBH4x9RbybrXXXmHixpc8CgijnxnaBq1+9:ECBTbrHXtczxnah

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af8134ef2e2be51fc91f25f73cb4e179_JaffaCakes118

Files

af8134ef2e2be51fc91f25f73cb4e179_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cce827bb21a19fc68eb46d60fc6e977d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
GetPrivateProfileIntW
GetTempFileNameW
IsDebuggerPresent
SetThreadExecutionState
DeleteFileA
GetPrivateProfileStructA
DuplicateHandle
lstrcpyW
GetCurrentThread
FindClose
GetSystemTime
SetThreadPriority
OutputDebugStringA
SetPriorityClass
GetStringTypeExW
SetEvent
CompareStringW
LoadLibraryExW
ResetEvent
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
Sleep
SetEnvironmentVariableW
ExitProcess
ReadFile
lstrcpynW
lstrcpynA
GetVersionExA
GetCurrentProcessId
GetEnvironmentVariableW
GetLogicalDrives
MoveFileExW
CreateEventA
QueryPerformanceFrequency
GetLastError
LoadLibraryW
SetFilePointer
GetTickCount
CreateProcessA
SizeofResource
RaiseException
GetPrivateProfileIntA
GetACP
OpenProcess
lstrcmpiA
QueryPerformanceCounter
WaitForSingleObject
TlsGetValue
CompareStringA
GetTimeFormatW
TryEnterCriticalSection
GetCurrentThreadId
TlsAlloc
FindNextFileW
RemoveDirectoryA
HeapAlloc
FindResourceA
GetVersionExW
SetUnhandledExceptionFilter
LocalFree
lstrlenW
HeapFree
GetSystemTimeAsFileTime
DeleteFileW
lstrcmpiW
GetLocaleInfoW
SetEndOfFile
GlobalFree
GetProcessHeap
VirtualAlloc
InterlockedExchange
MultiByteToWideChar
GlobalDeleteAtom
SetCurrentDirectoryW
CreateDirectoryW
CloseHandle
CreateEventW
InterlockedIncrement
lstrlenA
FindFirstFileA
GetModuleHandleA
MapViewOfFile
FreeLibrary
FindFirstFileW
CreateWaitableTimerA
GetDriveTypeW
WaitForMultipleObjectsEx
SetCurrentDirectoryA
LoadLibraryA
ReleaseSemaphore
WideCharToMultiByte
WritePrivateProfileStringA
GetSystemDirectoryW
CopyFileW
WritePrivateProfileStringW
GetExitCodeThread
GetPrivateProfileStringW
QueueUserAPC
WaitForMultipleObjects
DeleteCriticalSection
GetShortPathNameW
OpenEventW
LockResource
WritePrivateProfileSectionW
FreeResource
GetPrivateProfileStringA
GlobalAddAtomW
GlobalAlloc
GetShortPathNameA
ReadProcessMemory
WritePrivateProfileStructA
TlsSetValue
GetProcAddress
GetCurrentProcess
WriteFile
GetModuleFileNameA
MulDiv
EnterCriticalSection
CreateFileA
GetStringTypeExA
GetLongPathNameW
CreateFileMappingA
GlobalLock
TerminateProcess
GetCurrentDirectoryW
UnmapViewOfFile
InitializeCriticalSection
SetLastError
GetFileSize
MoveFileW
RemoveDirectoryW
GetCommandLineW
CreateFileW
UnhandledExceptionFilter
GetStartupInfoA
GlobalUnlock
SystemTimeToFileTime
lstrcmpW
CreateSemaphoreA
LocalAlloc
FindResourceW
CreateThread
SetWaitableTimer
SetErrorMode
InterlockedCompareExchange
GetFullPathNameW
GetLocalTime
GetModuleFileNameW
LoadResource
LeaveCriticalSection
GetVersion
FindNextFileA
FindResourceExW
GetTempPathW
RtlUnwind

user32

IsDlgButtonChecked
PostMessageA
DrawFocusRect
SetWindowLongA
KillTimer
ValidateRect
CharUpperW
CreateDialogParamA
IsWindowVisible
DeleteMenu
SendDlgItemMessageA
DestroyIcon
EndPaint
SetRectEmpty
UnhookWindowsHookEx
TranslateAcceleratorW
GetPropW
ShowCursor
ReplyMessage
CharUpperBuffA
CheckDlgButton
IsWindowUnicode
GetWindowRect
LoadImageA
CharPrevW
AppendMenuA
CallWindowProcA
IsIconic
SendDlgItemMessageW
SendNotifyMessageA
RedrawWindow
IsDialogMessageA
LoadAcceleratorsW
GetClassInfoExW
OpenClipboard
IsMenu
RegisterWindowMessageW
GetSubMenu
GetDesktopWindow
RegisterClassW
GetClipboardData
InsertMenuItemW
GetMenu
SetCapture
CloseClipboard
GetDlgItem
DispatchMessageW
ClientToScreen
LoadAcceleratorsA
GetWindowTextA
LoadStringA
SetWindowTextW
IsDialogMessageW
SetWindowTextA
SetPropW
SetCursor
GetMenuItemInfoW
GetSysColorBrush
GetMenuItemCount
CharLowerW
GetWindowDC
PostQuitMessage
GetDlgItemInt
SetWindowRgn
EnableMenuItem
RegisterWindowMessageA
RegisterClassExW
FillRect
UpdateWindow
GetMenuItemRect
GetCapture
TrackPopupMenu
RegisterClipboardFormatA
MessageBeep
ChildWindowFromPoint
LoadCursorA
IsWindowEnabled
SetScrollPos
GetScrollInfo
EnableWindow
WindowFromPoint
BeginPaint
GetCursorPos
GetWindowLongA
GetClassInfoW
GetSysColor
RegisterClassA
SendMessageTimeoutA
SetTimer
SetWindowsHookExA
GetMenuState
OffsetRect
DestroyMenu
GetWindow
CreateIconIndirect
AttachThreadInput
DrawTextW
CharNextA
GetWindowTextLengthW
TrackMouseEvent
FlashWindowEx
SetParent
EnumDisplaySettingsA
CreateDialogIndirectParamW
InvalidateRect
EmptyClipboard
CreateDialogParamW
DrawTextA
GetClassLongA
FindWindowW
EndDeferWindowPos
CreateWindowExW
RemovePropW
GetDlgCtrlID
GetSystemMenu
SystemParametersInfoA
DefWindowProcA
PeekMessageW
SetWindowPos
GetMenuItemID
SetDlgItemTextA
GetKeyState
AppendMenuW
CreatePopupMenu
MessageBoxA
ShowWindowAsync
SetActiveWindow
SendMessageA
GetSystemMetrics
LoadMenuW
BringWindowToTop
GetDC
InsertMenuItemA
GetMessageW
PtInRect
SetDlgItemTextW
SetForegroundWindow
SendMessageW
SendMessageCallbackA
GetDCEx
CopyRect
GetActiveWindow
LoadMenuA
EndDialog
LoadImageW
RemovePropA
GetFocus
GetKeyboardState
LoadBitmapW
ReleaseDC
FindWindowA
FindWindowExA
DrawIconEx
DeferWindowPos
SetClipboardData
ShowWindow
GetWindowThreadProcessId
GetWindowTextLengthA
CharNextW
DialogBoxParamW
GetClientRect
GetNextDlgTabItem
CheckMenuItem
PostThreadMessageA
MapDialogRect
MonitorFromPoint
GetDlgItemTextA
GetMenuStringW
SetWindowLongW
CallWindowProcW
ChildWindowFromPointEx
MonitorFromRect
ModifyMenuW
GetAsyncKeyState
GetUpdateRgn
CallMsgFilterA
DialogBoxIndirectParamW
MonitorFromWindow
GetAncestor
MapWindowPoints
MessageBoxW
GetUpdateRect
GetClassLongW
SystemParametersInfoW
InsertMenuW
SetScrollInfo
GetMessageA
SetClassLongA
DialogBoxParamA
CallNextHookEx
BeginDeferWindowPos
SetCursorPos
InflateRect
GetDlgItemTextW
EnumThreadWindows
GetWindowRgn
IsChild
PeekMessageA
GetMenuItemInfoA
IsWindow
SetMenuItemInfoA
ScreenToClient
GetMonitorInfoA
CharPrevA
InsertMenuA
TranslateMessage
RemoveMenu
DefWindowProcW
IsCharAlphaA
SetRect
FindWindowExW
GetMessagePos
DestroyWindow
ReleaseCapture
PostMessageW
GetClassNameW
LoadStringW
GetWindowTextW
SetMenuItemInfoW
LoadIconA
GetParent
GetWindowLongW
SetDlgItemInt
MsgWaitForMultipleObjectsEx
GetForegroundWindow
DispatchMessageA
EqualRect
DestroyCursor
AdjustWindowRectEx
SetFocus

gdi32

SetBrushOrgEx
RectVisible
ExtTextOutW
GetDeviceCaps
GetDIBits
CreateRectRgn
CreateSolidBrush
GetCurrentObject
CreatePolyPolygonRgn
DeleteObject
SetTextAlign
IntersectClipRect
RestoreDC
GetTextMetricsA
UpdateColors
GetObjectA
CreateRectRgnIndirect
GetTextExtentPoint32A
EnumFontsA
SetTextColor
ExtTextOutA
Rectangle
CreateFontW
GetTextMetricsW
SetPixel
CombineRgn
BitBlt
CreateCompatibleBitmap
SetBkMode
CreatePen
CreateFontIndirectA
LineTo
FillRgn
SelectPalette
CreatePalette
GetDIBColorTable
GetFontLanguageInfo
OffsetRgn
ChoosePixelFormat
MoveToEx
GetPixel
StretchBlt
SetStretchBltMode
CreatePatternBrush
CreateBrushIndirect
ExtSelectClipRgn
SetDIBits
GetStockObject
GetNearestColor
SaveDC
CreateFontA
DeleteDC
SetBkColor
CreateCompatibleDC
CreateFontIndirectW
CreateDIBSection
RealizePalette
GetObjectW
GetTextExtentPoint32W
SelectObject

advapi32

RegOpenKeyW
CryptGenRandom
RegDeleteKeyW
RegCreateKeyExW
CryptReleaseContext
RegOpenKeyA
RegCloseKey
RegSetValueExW
RegQueryValueExA
RegEnumKeyW
RegDeleteValueW
RegOpenKeyExW
CryptAcquireContextA
RegQueryValueExW
RegCreateKeyW

shell32

SHGetSpecialFolderPathW
Shell_NotifyIconW
DragQueryFileW
SHFileOperationW
SHBrowseForFolderW
DragFinish
SHAppBarMessage
ord680
DragQueryPoint
SHGetFolderPathW
SHGetDesktopFolder
SHChangeNotify
ShellExecuteW
SHGetPathFromIDListW

ole32

CoTaskMemFree
CoCreateInstance
CoRevokeClassObject
RegisterDragDrop
RevokeDragDrop
CoRegisterClassObject
CoTaskMemAlloc
OleRun
CoCreateGuid
CoUninitialize
CoInitialize
OleInitialize
OleUninitialize
CoGetObject
CoInitializeEx
StringFromGUID2

oleaut32

SysFreeString
VariantInit
SafeArrayCreateVector
SafeArrayAccessData
VariantClear
SysAllocString
SafeArrayCopy
DispGetParam
SafeArrayUnaccessData
SysAllocStringLen

shlwapi

PathIsNetworkPathW
PathStripToRootW
PathCombineA
PathQuoteSpacesA
PathAppendW
PathRemoveBackslashW
PathQuoteSpacesW
PathIsRelativeW
PathCombineW
PathFindExtensionW
StrCmpIW
PathIsUNCW
PathFileExistsW
UrlGetPartW
PathAddExtensionW
PathAppendA
PathIsSameRootW
PathIsRootW
ord29
PathRemoveExtensionW
PathFindFileNameW
PathAddBackslashW
PathRemoveFileSpecA
StrCmpNW
PathRemoveFileSpecW
PathUnquoteSpacesW
StrToIntExW
PathIsFileSpecW
PathIsDirectoryW
PathFindFileNameA
StrToIntW
PathStripPathW
StrCmpNIW
PathIsURLW
PathCanonicalizeW
StrChrW
PathRemoveBlanksW
PathCommonPrefixW
UrlIsW

rpcrt4

RpcStringFreeW
UuidFromStringW
UuidCreate
UuidToStringW

netapi32

NetApiBufferFree

wtsapi32

WTSVirtualChannelClose

wldap32

ord319
ord41

Sections

.text
Size: 511KB - Virtual size: 510KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.stroke
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.char
Size: 512B - Virtual size: 41B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.joke
Size: 512B - Virtual size: 147B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.poke
Size: 512B - Virtual size: 113B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.key
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cond
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cce827bb21a19fc68eb46d60fc6e977d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

rpcrt4

netapi32

wtsapi32

wldap32

Sections

.text Size: 511KB - Virtual size: 510KB

.stroke Size: 56KB - Virtual size: 55KB

.char Size: 512B - Virtual size: 41B

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 512B - Virtual size: 64KB

.joke Size: 512B - Virtual size: 147B

.poke Size: 512B - Virtual size: 113B

.key Size: 194KB - Virtual size: 193KB

.cond Size: 52KB - Virtual size: 52KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 511KB - Virtual size: 510KB

.stroke
Size: 56KB - Virtual size: 55KB

.char
Size: 512B - Virtual size: 41B

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 512B - Virtual size: 64KB

.joke
Size: 512B - Virtual size: 147B

.poke
Size: 512B - Virtual size: 113B

.key
Size: 194KB - Virtual size: 193KB

.cond
Size: 52KB - Virtual size: 52KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 5KB - Virtual size: 4KB