b36e5b5b3966df64b7517ee92914ddab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b36e5b5b3966df64b7517ee92914ddab_JaffaCakes118
Size

332KB
MD5

b36e5b5b3966df64b7517ee92914ddab
SHA1

a8c7dd33f913a3a974eb25ab146e5a2e4dddb013
SHA256

c701f4d238fc3d1bb5b8c5a3cdfd5a80b9aaff17fd3c7630a6cfd0f2484b3bf4
SHA512

3c9bb9d8c90c70e5cb39a53572ae54c3cd506c0d8878648b9abc7c9de5a5159e60037ebd657096d60e723d5aa4c0b0b68818e53b3ce359ab90329d30c9e56c8d
SSDEEP

6144:G23pt55ekYQVhXsEz+6pI56M544Z2vDkNT2upb1QyQqng:Rt5MkxnXVSrZQDkNCy1fDng

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b36e5b5b3966df64b7517ee92914ddab_JaffaCakes118

Files

b36e5b5b3966df64b7517ee92914ddab_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ce337b53137755850c8a34ee793b904e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetProcessImageFileNameW

gdi32

SaveDC
ExtCreateRegion
CreateEnhMetaFileA
GetTextExtentPoint32A
SetViewportExtEx
SetTextAlign
CloseMetaFile
DeleteEnhMetaFile
GetLayout
GetRegionData
GetGlyphIndicesW
OffsetWindowOrgEx
GetTextColor
SetStretchBltMode
SetLayout
PlayEnhMetaFile
LineTo
CombineRgn
CreateFontIndirectW
GetTextExtentPointW
SetBrushOrgEx
CreateHalftonePalette
SetMapMode
SetRectRgn
ExtTextOutW
GetPixel
TextOutW
GetTextMetricsW
CreateFontIndirectA
GetObjectA
SetBkColor
DeleteDC
SetWindowOrgEx
CreateSolidBrush
SetDCPenColor
CreatePalette
TextOutA
CreateCompatibleBitmap
SetTextColor
GetBkColor
SetWindowExtEx
CloseEnhMetaFile
RectVisible
SelectPalette
CreatePolygonRgn
SetBkMode
CreateRectRgnIndirect
GetBrushOrgEx
CreateBitmap
GetStockObject
GetDeviceCaps
CreateDCA
OffsetRgn
SelectObject
SetViewportOrgEx
CreateDCW
GetTextExtentPoint32W
CreateRectRgn
IntersectClipRect
CreateDIBSection
GetTextExtentExPointI
PatBlt
Rectangle
GetTextAlign
MoveToEx
GetRgnBox
CreateCompatibleDC
GetSystemPaletteEntries
StretchDIBits
RestoreDC
CreateFontW
BitBlt
DeleteObject
EqualRgn
CreatePen
GetPaletteEntries
GetDIBits
GetClipBox
CreateDIBPatternBrushPt
CreateMetaFileW
SetPaletteEntries
RealizePalette
GetObjectW
CreatePatternBrush
GetTextCharset
GetDCOrgEx
GetBkMode
LPtoDP
StretchBlt

advapi32

IsTextUnicode
UnregisterTraceGuids
CryptHashData
GetUserNameW
OpenProcessToken
CryptDestroyHash
RegDeleteKeyA
RegCreateKeyA
RegCloseKey
RegEnumValueA
GetTraceEnableFlags
SetThreadToken
DuplicateTokenEx
RegSetValueExA
RegOpenKeyW
RegQueryValueExW
RegDeleteValueW
RegOpenCurrentUser
RegQueryValueExA
RegDeleteValueA
SetTokenInformation
ImpersonateSelf
CryptReleaseContext
TraceEvent
OpenThreadToken
ConvertSidToStringSidW
GetTokenInformation
RegDeleteKeyW
GetTraceLoggerHandle
RegOpenKeyExW
RegOpenKeyExA
CryptGetHashParam
RegEnumKeyW
RegEnumKeyExW
CryptAcquireContextW
GetTraceEnableLevel
CreateProcessAsUserW
ConvertStringSidToSidW
RegQueryValueW
RegCreateKeyExA
RegCreateKeyExW
CryptCreateHash
RegSetValueExW
RegisterTraceGuidsW
GetLengthSid
RegQueryInfoKeyW
TraceMessage
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegEnumValueW

user32

DrawTextExW
RegisterClipboardFormatA
SetWindowRgn
KillTimer
ClientToScreen
IsWindow
SetWindowsHookExW
DispatchMessageW
SendMessageW
GetWindowDC
GetActiveWindow
GetClassWord
RegisterWindowMessageW
GetSystemMetrics
IsCharAlphaNumericW
GetWindowLongW
CharLowerW
IsHungAppWindow
OpenClipboard
SendMessageA
GetWindowTextLengthW
DrawFocusRect
MapVirtualKeyW
GetProcessWindowStation
DestroyIcon
DdeUninitialize
SetCursor
CloseClipboard
EmptyClipboard
GetKeyNameTextW
CheckMenuItem
SetScrollInfo
WindowFromPoint
GetClassInfoExW
IsChild
DialogBoxParamW
GetMessageTime
GetShellWindow
GetFocus
TranslateMessage
SetWindowLongA
BeginPaint
InsertMenuItemW
DdeCreateDataHandle
GetSysColor
DdeFreeStringHandle
ShowOwnedPopups
MapWindowPoints
IsWindowUnicode
CreateWindowExW
DdeGetData
FindWindowW
ScreenToClient
GetCursorPos
MonitorFromWindow
AdjustWindowRectEx
CopyIcon
GetWindowPlacement
EnableMenuItem
DdeCreateStringHandleW
GetWindow
GetMonitorInfoW
LockSetForegroundWindow
MessageBeep
GetIconInfo
CharPrevA
SetDlgItemTextW
SystemParametersInfoA
LoadCursorW
SetParent
LoadImageW
CharLowerBuffW
AdjustWindowRect
EndDialog
GetKeyboardLayout
PeekMessageW
DispatchMessageA
IsDialogMessageW
CharUpperW
GetMenuState
GetMenuItemInfoW
GetAncestor
EnumDesktopWindows
WaitForInputIdle
MonitorFromRect
FindWindowA
GetWindowThreadProcessId
GetClassLongW
DdeConnect
SetCapture
EnumThreadWindows
GetWindowLongA
SetClipboardViewer
GetSystemMenu
WaitMessage
EndDeferWindowPos
DdeNameService
GetMessagePos
UpdateWindow
EndPaint
DialogBoxIndirectParamA
GetCapture
DeleteMenu
MsgWaitForMultipleObjects
IsRectEmpty
SendMessageTimeoutA
SendMessageTimeoutW
MessageBoxIndirectA
IsMenu
AnimateWindow
SetMenu
GetWindowInfo
SetScrollPos
DialogBoxParamA
CheckRadioButton
TrackMouseEvent
ReleaseCapture
GetSysColorBrush
IsDlgButtonChecked
MonitorFromPoint
MessageBoxIndirectW
UpdateLayeredWindow
GetDesktopWindow
PtInRect
GetTopWindow
GetLastActivePopup
LoadStringA
UnhookWindowsHookEx
GetPropA
CallMsgFilterW
GetKeyState
GetDlgCtrlID
GetClientRect
DestroyAcceleratorTable
BeginDeferWindowPos
GetForegroundWindow
DeferWindowPos
MessageBoxW
DrawEdge
SetWindowPos
PostThreadMessageW
GetMenuItemCount
SetActiveWindow
GetDlgItem
NotifyWinEvent
RegisterClassExW
RegisterClassW
SetPropW
DrawFrameControl
CreateDialogParamW
DrawIconEx
ShowWindow
MapDialogRect
DdeQueryStringW
CheckMenuRadioItem
GetMenuItemInfoA
DialogBoxIndirectParamW
DrawTextW
RemovePropA
PostMessageW
SetDlgItemInt
CreatePopupMenu
EnumDisplaySettingsW
GetMessageW
GetDC
SetPropA
FindWindowExW
LoadStringW
ChildWindowFromPoint
CallNextHookEx
GetMenuDefaultItem
CreateMenu
GetAsyncKeyState
CallWindowProcW
AppendMenuW
DestroyMenu
DdeClientTransaction
GetDlgItemTextW
IsWindowVisible
InsertMenuW
CharPrevW
GetWindowRgnBox
SetTimer
ChangeClipboardChain
GetMessageA
MessageBoxExW
SendNotifyMessageW
RedrawWindow
EnumWindows
CheckDlgButton
DdeInitializeW
CharNextA
GetClassInfoW
MsgWaitForMultipleObjectsEx
ShowCaret
CopyRect
RegisterWindowMessageA
EnableWindow
GetParent
SetClipboardData
UnregisterClassW
GetClipboardData
GetMenuStringW
SetWindowPlacement
GetWindowRect
RemovePropW
SetRect
WinHelpW
SetForegroundWindow
SetWindowLongW
SystemParametersInfoW
GetPropW
GetWindowTextW
TrackPopupMenuEx
SetMenuDefaultItem
GetLastInputInfo
FillRect
GetSubMenu
GetCursor
EnumChildWindows
AllowSetForegroundWindow
InflateRect
EndMenu
wsprintfW
EqualRect
InvalidateRect
IsIconic
PostQuitMessage
SendDlgItemMessageW
UnionRect
RemoveMenu
GetMenuItemID
PostMessageA
CreateIconIndirect
TrackPopupMenu
DdeFreeDataHandle
DefWindowProcW
LoadBitmapW
CopyImage
TranslateAcceleratorW
HideCaret
ReleaseDC
DdeDisconnect
GetDialogBaseUnits
AttachThreadInput
VkKeyScanExW
GetComboBoxInfo
RegisterClipboardFormatW
MessageBoxExA
LoadMenuW
CharNextW
PostThreadMessageA
GetScrollInfo
LoadIconW
IntersectRect
GetDoubleClickTime
ShowScrollBar
SetRectEmpty
IsWindowEnabled
MoveWindow
DestroyWindow
DefWindowProcA
PeekMessageA
LoadCursorA
SetMenuItemInfoW
SetMenuItemBitmaps
SetFocus
OffsetRect
LoadAcceleratorsW
GetClipboardFormatNameW
GetClassNameW
SetCursorPos
SetWindowTextW
GetNextDlgTabItem

shell32

ShellExecuteA
SHBindToParent
ShellExecuteExW
ExtractIconW
ShellAboutW
SHGetFolderPathAndSubDirW
SHGetDesktopFolder
SHChangeNotify
ShellExecuteW
SHGetInstanceExplorer
SHGetSpecialFolderPathW
Shell_NotifyIconW
SHSetLocalizedName
DragQueryFileW
SHBrowseForFolderW
SHAppBarMessage
SHCreateShellItem
SHPathPrepareForWriteW
ExtractAssociatedIconExW
SHGetDataFromIDListW
ExtractIconExW
SHGetFolderLocation
Shell_NotifyIconA
SHGetFolderPathW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHGetPathFromIDListW
SHFileOperationW
SHGetPathFromIDListA

ntdll

NtAllocateVirtualMemory
LdrGetDllHandle
RtlUshortByteSwap

uxtheme

GetThemeBackgroundExtent
IsAppThemed
GetThemeMetric
CloseThemeData
DrawThemeParentBackground
DrawThemeBackground
GetThemeAppProperties
GetThemeMargins
GetThemePartSize
SetWindowTheme
GetThemeColor
GetThemeBackgroundContentRect
GetThemeFont
OpenThemeData
IsThemeActive

kernel32

GlobalUnlock
ReplaceFileW
GetTimeFormatW
TlsGetValue
GetUserDefaultLCID
FileTimeToLocalFileTime
GetVersion
GetNumberFormatW
GetThreadContext
GetACP
FreeLibrary
LocalReAlloc
GetFileSize
CreateTimerQueueTimer
CompareStringW
SetEndOfFile
ExitProcess
lstrcmpiA
CopyFileW
GetTickCount
DeleteTimerQueueTimer
InterlockedDecrement
ReleaseActCtx
lstrcmpA
GetLogicalDriveStringsW
FindResourceExW
LockFileEx
LoadLibraryExW
RemoveDirectoryW
GetTempPathW
QueryPerformanceFrequency
FindAtomW
GetFileAttributesExW
GetAtomNameW
CreateFileW
SetThreadExecutionState
HeapDestroy
GetFullPathNameW
WaitForSingleObject
lstrcmpiW
GetSystemTimeAsFileTime
GetUserDefaultUILanguage
GlobalFlags
SetFileTime
LoadLibraryW
GetCurrentProcessId
CreateFileMappingW
IsWow64Process
DeleteCriticalSection
GetSystemDirectoryA
ExpandEnvironmentStringsA
TryEnterCriticalSection
FileTimeToSystemTime
ReadFile
InterlockedCompareExchange
WritePrivateProfileStringW
TerminateThread
GetShortPathNameW
SetThreadContext
GlobalAddAtomA
GetExitCodeThread
GetWindowsDirectoryW
GetSystemInfo
CreateSemaphoreW
InitializeCriticalSectionAndSpinCount
GetLastError
SetFilePointer
Process32FirstW
WideCharToMultiByte
GetModuleHandleExW
WaitForSingleObjectEx
LocalFileTimeToFileTime
ActivateActCtx
MapViewOfFile
GetModuleFileNameA
GetVersionExA
VirtualProtect
GlobalAddAtomW
CloseHandle
TerminateProcess
SizeofResource
GetCurrentThreadId
Sleep
SetUnhandledExceptionFilter
CompareStringA
CreateDirectoryW
UnhandledExceptionFilter
GetEnvironmentVariableW
SetProcessShutdownParameters
SetFileAttributesW
GetSystemDefaultLCID
DeactivateActCtx
FlushInstructionCache
EnterCriticalSection
GlobalSize
GetFileAttributesA
InterlockedExchange
CreateEventW
DuplicateHandle
ReleaseMutex
GetModuleHandleW
UnlockFileEx
LeaveCriticalSection
QueryPerformanceCounter
GetThreadPriority
EnumUILanguagesW
GetPrivateProfileSectionW
IsDBCSLeadByte
FreeLibraryAndExitThread
MulDiv
VirtualAlloc
SetEvent
FindResourceW
MultiByteToWideChar
GetSystemWow64DirectoryW
CreateProcessW
QueryDosDeviceW
HeapReAlloc
GetCurrentThread
ResumeThread
OutputDebugStringA
SetFilePointerEx
LCMapStringW
WriteFile
OpenProcess
GetCurrentProcess
GetProcessHeap
FindNextFileW
LoadResource
WritePrivateProfileSectionW
FindFirstFileW
InitializeCriticalSection
HeapCreate
ReleaseSemaphore
GlobalReAlloc
VirtualQuery
MoveFileExW
GetModuleHandleExA
CreateFileA
lstrlenW
InterlockedIncrement
CreateMutexA
TlsAlloc
GetSystemTime
CompareFileTime
OpenEventW
CreateToolhelp32Snapshot
GlobalFree
CreateActCtxW
GetTempFileNameW
CreateFileMappingA
UnmapViewOfFile
lstrlenA
QueueUserWorkItem
SearchPathW
OpenMutexW
HeapFree
Process32NextW
GetCPInfo
FormatMessageW
CreateEventA
GetLocaleInfoW
SetCurrentDirectoryA
GetFileInformationByHandle
GlobalLock
CreateThread
ResetEvent
VirtualFree
GetPrivateProfileStringA
GetPrivateProfileSectionNamesW
HeapAlloc
GetProcAddress
FindClose
ExpandEnvironmentStringsW
GetPrivateProfileStringW
MoveFileW
GetModuleHandleA
CreateDirectoryA
SystemTimeToFileTime
DisableThreadLibraryCalls
SetCurrentDirectoryW
GetSystemDirectoryW
GetFileSizeEx
LocalFree
CreateMutexW
GetCurrentDirectoryW
LockResource
GetLongPathNameW
GlobalDeleteAtom
OpenMutexA
LocalAlloc
GetDateFormatW
AddAtomW
WaitForMultipleObjects
GetVersionExW
SuspendThread
SetThreadPriority
GetThreadLocale
DeleteFileW
DebugBreak
GetFileAttributesW
lstrcmpW
GetModuleFileNameW
SetErrorMode
GlobalAlloc
DeleteAtom
GetLocalTime
RaiseException
TlsSetValue
LocalSize
SetEnvironmentVariableW
SetLastError
LoadLibraryA
TlsFree
SetProcessWorkingSetSize
GetSystemDefaultUILanguage

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ce337b53137755850c8a34ee793b904e

Headers

DLL Characteristics

File Characteristics

Imports

psapi

gdi32

advapi32

user32

shell32

ntdll

uxtheme

kernel32

Sections

.text Size: 183KB - Virtual size: 183KB

.rdata Size: 88KB - Virtual size: 88KB

.rsrc Size: 21KB - Virtual size: 21KB

.data Size: 37KB - Virtual size: 1.4MB

.tls Size: 512B - Virtual size: 4KB

.text
Size: 183KB - Virtual size: 183KB

.rdata
Size: 88KB - Virtual size: 88KB

.rsrc
Size: 21KB - Virtual size: 21KB

.data
Size: 37KB - Virtual size: 1.4MB

.tls
Size: 512B - Virtual size: 4KB