b56f96349012799163ce18747bc8294c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b56f96349012799163ce18747bc8294c_JaffaCakes118
Size

45KB
MD5

b56f96349012799163ce18747bc8294c
SHA1

f6e4230d41e2875a7bc4e2fba588dc01cf83fe67
SHA256

14aa57e6353aed0282467e43046e7d36ef84e518325b376c4af6b438fe15d8f9
SHA512

8601965e8440b9da666953d4239a6a80722d12aa1851ceb412c44a46d786cc16d2f578b3dc004777767afd4411ba433e155d2bcd69e6d4d0c1cc2be541f7dfc3
SSDEEP

768:qpPJk2VQ4JMEhiaJS36kjQQF6+B+8GKf8XxbijmclYW/SVdar/dkBP2SwJMfG59:qpRXVQ4JMciKSJs9S8XF2lYWqOLdkB+d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b56f96349012799163ce18747bc8294c_JaffaCakes118

Files

b56f96349012799163ce18747bc8294c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1aac5776a20f720d978659d737d05ad5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyA
RegisterEventSourceA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueA
SetSecurityDescriptorDacl
RegQueryInfoKeyA
AdjustTokenPrivileges
RegEnumKeyA
RegSetValueA
RegSetValueExA
RegCreateKeyW
RegSetValueExW
RegDeleteKeyA
OpenProcessToken
RegDeleteKeyW
ReportEventA
DeregisterEventSource
RegEnumKeyW
RegEnumValueA
LookupPrivilegeValueA
RegOpenKeyW
RegQueryValueExW
RegCloseKey
RegQueryValueExA
RegEnumValueW
RegCreateKeyA
InitializeSecurityDescriptor
RegDeleteValueW

kernel32

IsBadCodePtr
InitializeCriticalSection
GlobalFree
_llseek
lstrcatA
GetFileType
LCMapStringW
InterlockedIncrement
CreateThread
VirtualFree
LoadLibraryExA
SetEnvironmentVariableA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
VirtualAlloc
GetFullPathNameA
GetCurrentThreadId
DeleteFileA
FindNextFileA
GetCurrentDirectoryA
lstrcpyA
FlushInstructionCache
CloseHandle
GetEnvironmentStringsW
SetFilePointer
HeapFree
GetCommandLineA
MoveFileA
VirtualQuery
CreateDirectoryA
SetLastError
GetStringTypeExA
TlsAlloc
TerminateProcess
DuplicateHandle
GetDateFormatA
GetVolumeInformationA
CreateEventA
ReleaseSemaphore
Sleep
GetWindowsDirectoryA
_lread
InterlockedDecrement
GetSystemDefaultLCID
_lclose
CreateProcessW
SystemTimeToFileTime
HeapSize
FileTimeToSystemTime
RaiseException
WaitForSingleObject
lstrlenA
lstrcmpiW
SetFileAttributesA
TlsFree
GetStringTypeW
ResetEvent
GetUserDefaultLCID
LockFile
FindResourceA
FileTimeToLocalFileTime
WinExec
CreateSemaphoreA
RtlUnwind
SetLocalTime
VirtualProtect
ExitThread
GetEnvironmentStrings
lstrcpynA
GetACP
lstrcmpA
LoadLibraryA
ExitProcess
HeapDestroy
GlobalHandle
FindClose
GetLastError
RemoveDirectoryA
WriteFile
GetSystemTime
CompareStringA
lstrcmpiA
LockResource
GetVersion
GetUserDefaultLangID
CreateProcessA
FreeLibrary
GetSystemInfo
SearchPathA
CompareStringW
GlobalAlloc
SetStdHandle
FormatMessageW
GetCurrentProcessId
GlobalReAlloc
SizeofResource
MulDiv
SetHandleCount
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
EnterCriticalSection
GetSystemDirectoryA
SetErrorMode
GlobalDeleteAtom
GlobalLock
GetOEMCP
UnlockFile
HeapReAlloc
SetEndOfFile
GetProcAddress
GetStartupInfoA
HeapAlloc
TlsGetValue
GetTempFileNameA
GetProfileStringA
GetModuleFileNameW
SetEvent
SetCurrentDirectoryA
GetDriveTypeA
GetShortPathNameA
DeleteCriticalSection
SetFileTime
GlobalSize
GetExitCodeProcess
GetFileTime
GetCPInfo
WideCharToMultiByte
LCMapStringA
GetTempPathA
IsBadReadPtr
FormatMessageA
GetFileAttributesA
UnhandledExceptionFilter
GlobalUnlock
GetCurrentProcess
CreateFileA
GetModuleFileNameA
GetVersionExA
LoadResource
GetTickCount
FlushFileBuffers
GetModuleHandleA
IsDBCSLeadByte
GlobalAddAtomA
GetLocalTime
FindFirstFileA
FreeResource
HeapCreate
ReadFile
LeaveCriticalSection
GetTimeZoneInformation
ResumeThread
GetSystemDefaultLangID
TlsSetValue
_lwrite
GetStdHandle

user32

ReleaseDC
DdeQueryStringA
DefWindowProcA
GetDCEx
DefFrameProcA
RegisterClassA
ScreenToClient
CreateAcceleratorTableA
SendDlgItemMessageA
GetScrollPos
GetMessageTime
CreateWindowExA
ShowWindow
SetCursorPos
CharUpperBuffW
SystemParametersInfoA
DdeAbandonTransaction
EnumThreadWindows
GetPropA
WindowFromPoint
EnableWindow
GetClassInfoA
EndDeferWindowPos
DdeCreateStringHandleA
BringWindowToTop
EqualRect
SetMenu
TrackPopupMenu
UpdateWindow
DdeSetUserHandle
SetWindowRgn
RemoveMenu
DrawFrameControl
CharToOemBuffA
FindWindowA
GetKeyboardLayout
LoadAcceleratorsA
GetMenu
GetDC
AppendMenuA
FillRect
GetMenuItemInfoA
DdeFreeDataHandle
LoadImageA
IntersectRect
EnableMenuItem
DefMDIChildProcA
CallNextHookEx
EndPaint
FindWindowW
IsWindowEnabled
PostMessageW
DdeNameService
SetWindowTextA
DdeClientTransaction
PeekMessageW
LoadIconA
IsRectEmpty
GetWindowTextA
SetMenuItemInfoA
SetPropA
MessageBeep
DrawMenuBar
EmptyClipboard
DdeGetLastError
DdeUninitialize
AttachThreadInput
GetCapture
SetCapture
ShowScrollBar
ModifyMenuA
SubtractRect
SetClipboardData
CopyRect
GetActiveWindow
IsWindow
CreateMenu
GetSystemMenu
UnregisterClassA
HideCaret
GetCursorPos
TranslateMDISysAccel
GetSysColor
SetTimer
GetWindowRgn
GetScrollInfo
CharLowerBuffW
DestroyIcon
MessageBoxA
SetScrollInfo
GetClipboardFormatNameA
GetSystemMetrics
ReleaseCapture
GetClassInfoExA
WaitMessage
ShowCursor
PtInRect
DeleteMenu
CreateCursor
GetMenuState
CreateIcon
GetMenuItemID
IsWindowVisible
BeginPaint
ClipCursor
CharToOemA
UnhookWindowsHookEx
VkKeyScanW
DeferWindowPos
GetParent
ClientToScreen
SendMessageA
wsprintfA
GetIconInfo
IsDialogMessageA
GetLastActivePopup
GetClientRect
GetCaretPos
SetScrollRange
GetWindowTextLengthA
SetDlgItemTextA
RegisterClipboardFormatA
DdeDisconnect
SetForegroundWindow
DrawTextA
DdeConnect
SetCursor
GetWindowThreadProcessId
InvalidateRgn
CharNextA
SetActiveWindow
CharUpperA
GetQueueStatus
DdeCreateDataHandle
IsChild
DrawFocusRect
DispatchMessageA
PeekMessageA
PostMessageA
DdeFreeStringHandle
CloseClipboard
InsertMenuA
RemovePropA
MsgWaitForMultipleObjects
SetWindowContextHelpId
GetAsyncKeyState
CopyAcceleratorTableA
IsClipboardFormatAvailable
LockWindowUpdate
DestroyWindow
GetTabbedTextExtentA
PostThreadMessageA
GetWindowDC
SetWindowPos
LoadCursorA
DdePostAdvise
GetWindowRect
GetSubMenu
AdjustWindowRect
BeginDeferWindowPos
GetCaretBlinkTime
SetScrollPos
WinHelpA
GetWindow
SetKeyboardState
MapWindowPoints
DestroyCursor
MoveWindow
CallWindowProcA
InflateRect
DdeInitializeA
CheckMenuItem
DestroyMenu
GetCursor
GetMessagePos
GetDesktopWindow
GetKeyboardState
SetMenuDefaultItem
IsZoomed
GetMenuStringA
SetWindowLongA
GetFocus
SetCaretPos
ShowCaret
GetDoubleClickTime
MessageBoxIndirectA
ToAscii
TabbedTextOutA
SetParent
DestroyAcceleratorTable
GetUpdateRgn
EnumClipboardFormats
CreatePopupMenu
CharPrevA
GetMenuItemCount
SetWindowsHookExW
TranslateMessage
LoadStringA
GetUpdateRect
keybd_event
WaitForInputIdle
VkKeyScanA
CreateCaret
OemToCharA
DdeGetData
DialogBoxParamA
OpenClipboard
GetClassNameA
GetKeyState
DdeQueryConvInfo
FrameRect
AdjustWindowRectEx
LoadBitmapA
RegisterClassExA
CharUpperBuffA
SetRect
DrawIcon
PostQuitMessage
KillTimer
DestroyCaret
OffsetRect
GetForegroundWindow
DdeCmpStringHandles
IsIconic
CharLowerBuffA
GetDlgItem
CharLowerA
SetFocus
IsCharAlphaA
EndDialog
SetWindowsHookExA
GetWindowLongA
CreateDialogParamA
GetClipboardData
InvalidateRect

olecli32

OleClone

ws2_32

WSAConnect

ddraw

DirectDrawEnumerateA

ole32

OleDestroyMenuDescriptor
StringFromGUID2
CLSIDFromString
CreateBindCtx
CreateOleAdviseHolder
OleRun
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
CoCreateInstance
StgIsStorageILockBytes
OleSetClipboard
OleFlushClipboard
OleSaveToStream
CoGetMalloc
OleDuplicateData
OleTranslateAccelerator
OleSetMenuDescriptor
CreateILockBytesOnHGlobal
CLSIDFromProgID
OleRegGetUserType
CoRegisterMessageFilter
CreateDataAdviseHolder
CoUnmarshalInterface
OleQueryCreateFromData
CoFreeUnusedLibraries
StgOpenStorage
CoRegisterClassObject
CoGetClassObject
OleCreateFromData
CoRevokeClassObject
StgCreateDocfile
OleConvertIStorageToOLESTREAM
ReadClassStm
OleCreateLinkToFile
OleCreateLinkFromData
OleInitialize
OleCreateFromFile
IIDFromString
CoLockObjectExternal
CreateStreamOnHGlobal
ReleaseStgMedium
OleQueryLinkFromData
GetClassFile
BindMoniker
CoMarshalInterface
ReadClassStg
OleSave
WriteClassStg
RegisterDragDrop
ProgIDFromCLSID
RevokeDragDrop
OleCreateLink
OleDoAutoConvert
CoIsOle1Class
OleGetAutoConvert
OleCreateMenuDescriptor
DoDragDrop
OleConvertOLESTREAMToIStorage
CoDisconnectObject
OleUninitialize
IsAccelerator
OleIsRunning
OleLoad
MkParseDisplayName
OleGetClipboard
OleLoadFromStream
StgOpenStorageOnILockBytes
OleLockRunning
StringFromCLSID
OleGetIconOfClass

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 396KB - Virtual size: 394KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1aac5776a20f720d978659d737d05ad5

Headers

File Characteristics

Imports

advapi32

kernel32

user32

olecli32

ws2_32

ddraw

ole32

Sections

.text Size: 4KB - Virtual size: 1KB

.idata Size: 16KB - Virtual size: 12KB

.rdata Size: 396KB - Virtual size: 394KB

.data Size: 8KB - Virtual size: 2.0MB

.rsrc Size: 124KB - Virtual size: 123KB

.text
Size: 4KB - Virtual size: 1KB

.idata
Size: 16KB - Virtual size: 12KB

.rdata
Size: 396KB - Virtual size: 394KB

.data
Size: 8KB - Virtual size: 2.0MB

.rsrc
Size: 124KB - Virtual size: 123KB