b250d87b2816fbc70af611ecc9733f97_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b250d87b2816fbc70af611ecc9733f97_JaffaCakes118
Size

1.9MB
MD5

b250d87b2816fbc70af611ecc9733f97
SHA1

4d8804cc18bb3b0d5a48550298f69a1a8080a94d
SHA256

ed5eb42697f635b1f2ffb3f0b1d079e496792d76e43eced3d23a572f387092e1
SHA512

5aaccbe2aaa7058ed5a12a2fd8acf5d61c9fc0350452e52813ade632201a948c697ac8180881872a6983bfcb4f59d1cae9589b4686c3fada07d2272947690bb6
SSDEEP

24576:ABdX27+/Bd9DcYC7+RUvRKoW/LqAQJeNwrR7RAa58Bazwt45fbNAiQoj+CKTkLjk:otA+ZdeYfGpAQiwrPMMwSfRAj1Wwr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b250d87b2816fbc70af611ecc9733f97_JaffaCakes118

Files

b250d87b2816fbc70af611ecc9733f97_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e2f3a860d5f113813b835054e94f859d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetConsoleMode
GetConsoleAliasesW
GetConsoleAliasA
GetCommandLineA
GetCPInfoExA
GetACP
FreeLibrary
FlushInstructionCache
FindResourceExW
FindNextVolumeMountPointW
FindNextFileW
FindFirstFileW
GetEnvironmentStringsW
FillConsoleOutputCharacterW
ExitThread
ExitProcess
EnterCriticalSection
DeleteFileW
DeleteFileA
DeleteCriticalSection
DefineDosDeviceA
CreateProcessW
CreateMutexW
CreateMutexA
CreateFileW
CreateFileMappingA
CreateFileA
CreateEventA
CloseHandle
ChangeTimerQueueTimer
GetEnvironmentVariableA
GetExitCodeProcess
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoA
GetLogicalDriveStringsW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetProcessVersion
GetStartupInfoA
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount
GetTimeFormatW
GetVersion
GetVersionExA
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAlloc
LoadLibraryA
lstrcpyW
lstrcmpiW
lstrcmpiA
lstrcatA
_lread
WriteProcessMemory
WritePrivateProfileStringW
WriteFile
WaitForSingleObject
WaitForMultipleObjects
VirtualProtect
VirtualFree
VirtualAlloc
UnmapViewOfFile
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateProcess
SystemTimeToFileTime
Sleep
SetUnhandledExceptionFilter
SetFileTime
SetFilePointer
SetFileApisToOEM
SetEnvironmentVariableW
SetEnvironmentVariableA
SetEndOfFile
SetCurrentDirectoryW
SetCurrentDirectoryA
SetConsoleDisplayMode
SetComputerNameA
SearchPathW
RtlUnwind
ResetEvent
RemoveDirectoryA
ReleaseMutex
QueryPerformanceCounter
QueryDosDeviceW
PurgeComm
PulseEvent
ProcessIdToSessionId
Process32FirstW
PeekNamedPipe
OutputDebugStringW
OutputDebugStringA
OpenProcess
OpenMutexA
OpenJobObjectW
OpenFile
MulDiv
MoveFileW
MoveFileExW
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryW
LeaveCriticalSection
IsBadWritePtr
IsBadReadPtr
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
BuildCommDCBW
HeapSize
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalWire
GlobalFree
FindClose
GlobalFindAtomA

user32

SetWindowPos
SetWindowRgn
SetWindowTextA
SetWindowTextW
SetWindowsHookExA
ShowCaret
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
TabbedTextOutA
TrackPopupMenu
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UpdateWindow
ValidateRect
WinHelpA
WindowFromPoint
wsprintfA
wsprintfW
IsMenu
CharNextW
OemKeyScan
IsCharAlphaA
VkKeyScanA
GetKeyboardLayout
VkKeyScanW
GetClipboardSequenceNumber
LoadCursorFromFileA
GetListBoxInfo
GetMenuContextHelpId
CharLowerA
GetThreadDesktop
GetDoubleClickTime
IsCharUpperA
CountClipboardFormats
GetProcessWindowStation
PaintDesktop
IsGUIThread
EnumClipboardFormats
CloseWindow
CloseClipboard
GetCaretBlinkTime
DestroyCursor
GetClipboardData
EndMenu
WindowFromDC
AnyPopup
SendMessageA
SendDlgItemMessageA
ScreenToClient
RemovePropW
RemovePropA
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RegisterClipboardFormatA
RegisterClassA
RedrawWindow
PtInRect
PostThreadMessageA
PostQuitMessage
PostMessageW
PostMessageA
PeekMessageA
OffsetRect
MsgWaitForMultipleObjects
MoveWindow
ModifyMenuW
ModifyMenuA
MessageBoxW
MessageBoxExA
MessageBoxA
MessageBeep
MapWindowPoints
MapDialogRect
LockWindowUpdate
LoadStringA
LoadImageW
LoadImageA
LoadIconA
LoadCursorW
LoadCursorA
LoadBitmapA
KillTimer
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageW
IsDialogMessageA
IsClipboardFormatAvailable
IsChild
IsCharAlphaW
InvalidateRect
IntersectRect
InflateRect
SetWindowLongW
GrayStringA
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowTextLengthA
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowLongA
GetWindowDC
GetWindow
GetTopWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollInfo
GetScrollBarInfo
GetPropA
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageTime
GetMessagePos
GetMessageA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItemTextA
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassNameA
GetClassLongA
GetClassInfoA
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowW
FindWindowExW
FindWindowA
FillRect
ExitWindowsEx
ExcludeUpdateRgn
EqualRect
EnumWindows
EnumDesktopsA
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableMenuItem
DrawTextW
DrawTextExW
DrawTextExA
DrawTextA
DrawStateA
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DlgDirSelectComboBoxExA
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DeregisterShellHookWindow
DeleteMenu
DeferWindowPos
DefWindowProcW
DefWindowProcA
DefDlgProcA
DdeCmpStringHandles
CreateWindowExW
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateMDIWindowW
CreateDialogParamW
CreateDialogParamA
CreateDialogIndirectParamA
CreateDesktopA
CopyRect
CopyIcon
CopyAcceleratorTableA
ClientToScreen
CheckMenuRadioItem
CheckMenuItem
SetWindowLongA
SetWindowContextHelpId
SetUserObjectSecurity
SetTimer
SetScrollInfo
SetRectEmpty
SetRect
SetPropA
SetParent
SetMenuItemBitmaps
SetForegroundWindow
SetFocus
SetDlgItemTextW
SetDlgItemTextA
SetCursorPos
SetCursor
SetClipboardViewer
SetCapture
SetActiveWindow
HideCaret
SendMessageW
AdjustWindowRectEx
AppendMenuA
AppendMenuW
ArrangeIconicWindows
AttachThreadInput
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallMsgFilterW
CallNextHookEx
CallWindowProcA
ChangeClipboardChain
ChangeDisplaySettingsA
CharNextA
CharNextExA
CharUpperA
RegisterClipboardFormatW

gdi32

CreateDIBSection
CreateDIBitmap
CreateFontA
CreateFontIndirectA
CreateFontIndirectW
CreateHalftonePalette
CreatePalette
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
DPtoLP
DeleteDC
DeleteObject
EngCreateBitmap
EngMultiByteToWideChar
EnumFontFamiliesExA
Escape
ExcludeClipRect
ExtTextOutA
GdiEntry11
GdiEntry2
GetBkColor
GetCharWidth32W
GetCharWidthA
GetClipBox
GetCurrentObject
GetDIBits
GetDeviceCaps
GetKerningPairsW
GetLayout
GetMapMode
GetNearestPaletteIndex
GetObjectA
GetObjectType
GetObjectW
GetPaletteEntries
GetStockObject
GetTextColor
GetTextExtentExPointW
GetTextExtentPoint32W
GetTextExtentPointA
GetTextMetricsA
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
CreateCompatibleDC
LPtoDP
OffsetViewportOrgEx
PatBlt
Polygon
PtVisible
RealizePalette
RectVisible
ResizePalette
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetRectRgn
SetStretchBltMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetVirtualResolution
SetWindowExtEx
StretchBlt
StretchDIBits
TextOutA
GetPolyFillMode
DeleteEnhMetaFile
DeleteColorSpace
AbortDoc
CancelDC
GetStretchBltMode
CloseMetaFile
GetSystemPaletteUse
GdiGetBatchLimit
AddFontResourceW
GetTextCharacterExtra
CreateMetaFileA
GetTextCharset
SwapBuffers
GetDCBrushColor
GetROP2
GetGraphicsMode
BeginPath
CreateMetaFileW
CreateCompatibleBitmap
CreateBitmap
CopyMetaFileA
IntersectClipRect
BitBlt
CombineRgn

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA
GetSaveFileNameW

advapi32

RegCloseKey
AdjustTokenPrivileges
ChangeServiceConfig2W
ChangeServiceConfigW
CloseServiceHandle
ControlService
CreateProcessAsUserW
CreateServiceW
DuplicateTokenEx
GetLengthSid
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
GetUserNameA
GetUserNameW
LockServiceDatabase
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
OpenSCManagerW
OpenServiceA
OpenServiceW
QueryServiceConfigW
QueryServiceLockStatusW
QueryServiceStatus
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyA
RegDeleteValueA
RegDeleteValueW
RegEnumKeyA
RegEnumKeyExA
RegEnumValueA
RegFlushKey
RegLoadKeyA
RegNotifyChangeKeyValue
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegQueryValueExW
RegRestoreKeyA
RegSaveKeyA
RegSetValueExA
RegSetValueExW
SetTokenInformation
StartServiceW
UnlockServiceDatabase
RegOpenKeyA

shell32

FindExecutableW
SHBrowseForFolderA
SHBrowseForFolderW
SHEmptyRecycleBinA
SHFileOperationA
SHFileOperationW
SHGetDesktopFolder
SHGetFileInfoA
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHLoadNonloadedIconOverlayIdentifiers
ShellExecuteA
ShellExecuteExA
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconA
ExtractIconExA

ole32

DoDragDrop
OleDuplicateData
OleFlushClipboard
OleGetClipboard
OleInitialize
OleIsCurrentClipboard
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
StringFromGUID2
CreateILockBytesOnHGlobal
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterMessageFilter
CoRegisterClassObject
CoLockObjectExternal
CoInitialize
CoGetObject
CoGetClassObject
CoFreeUnusedLibraries
CoDisconnectObject
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal

comctl32

CreatePropertySheetPageA
DestroyPropertySheetPage
ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Draw
ImageList_EndDrag
ImageList_GetIcon
ImageList_Remove
PropertySheetA

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2f3a860d5f113813b835054e94f859d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 137KB - Virtual size: 136KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 137KB - Virtual size: 136KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 2KB - Virtual size: 2KB