b4bf64d5c75fe1c5bcf9117fff81c2a1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b4bf64d5c75fe1c5bcf9117fff81c2a1_JaffaCakes118
Size

70KB
MD5

b4bf64d5c75fe1c5bcf9117fff81c2a1
SHA1

abcc6e4c29c5be21af1cd9b309fed26f3cbc5ebf
SHA256

820b45f3ca345b75dce6498fe925647f67aa12c7239ae75ea44cb5163d108c42
SHA512

cb5972a2b3f3aaa8453d911308a85c6da3b612dcb70e8098787482a3438f7031924aa2ace5ed7ef3d1652d8de9e91a977450b36178e5802323734a5eb4ff2ddd
SSDEEP

1536:V2pEBRW66gngAl70oI4TMOdPCkddh8uEsCz1RQpfbyFfWa6opJ8BZ3J:VZDW66gngAl7094PpdfwsC4yFfLwBj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4bf64d5c75fe1c5bcf9117fff81c2a1_JaffaCakes118

Files

b4bf64d5c75fe1c5bcf9117fff81c2a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b8d7c17b3b5584f2852b9835c707bf6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeQueryStringW
CharNextW
SwitchToThisWindow
DdeNameService
GetClipCursor
SetClipboardData
GetWindowDC
GetFocus
GetClassLongW
SetUserObjectSecurity
GetWindowTextLengthA
DialogBoxIndirectParamW
GetScrollInfo
PaintDesktop
EnumDisplayMonitors
CreateMenu
GetKeyNameTextW
LoadImageW
GetDlgItemTextA
GetDC
GetMenuStringA
OpenInputDesktop
GetMenuCheckMarkDimensions
HiliteMenuItem
LookupIconIdFromDirectoryEx
LoadIconW
GetAncestor
SetWindowLongA
GetClassNameA
DdeGetLastError
FrameRect
RealGetWindowClass
SetMessageQueue
GetMenuItemID
OemToCharBuffA
GetShellWindow
ClipCursor
PostQuitMessage
GetCursorInfo
OemKeyScan
DdeQueryConvInfo
ChildWindowFromPoint
GetMenuDefaultItem
GetListBoxInfo
LoadIconA
GetKeyboardType
SetPropA
SetMenuItemInfoW
GetSystemMetrics
RemovePropA
ValidateRect
OpenWindowStationW
CreateIconFromResourceEx
DefWindowProcA
LoadBitmapW
OpenIcon
CloseClipboard
DdeFreeDataHandle
CreateCursor
RegisterClassW
IsCharAlphaNumericW
GetMenuItemInfoW
EnumDisplayDevicesA
TileWindows
DdeKeepStringHandle
CharLowerBuffA
GetSubMenu
SetCursor
SetTimer
ModifyMenuW

kernel32

FindNextFileA
BuildCommDCBW
SetLocaleInfoA
EnumResourceLanguagesA
GetLastError
ExitProcess
SystemTimeToTzSpecificLocalTime
FillConsoleOutputAttribute
VirtualProtect
lstrcpyA
GetPrivateProfileStructW
SetConsoleCursorPosition
DeleteFileA
RemoveDirectoryW
SetConsoleCursorInfo
FileTimeToDosDateTime
GetSystemDefaultLangID
GlobalFindAtomA
WriteConsoleOutputA
GlobalUnfix
GlobalAlloc
Heap32ListFirst
GlobalHandle
FreeLibraryAndExitThread
MapViewOfFileEx
OutputDebugStringW
VirtualAlloc
GetCommState
Thread32First
GetBinaryTypeW
lstrcmpiW
CreateRemoteThread
GetCommConfig
FormatMessageA
GetFullPathNameW
WriteProfileStringA
VirtualUnlock
VirtualQueryEx
Toolhelp32ReadProcessMemory
SetCalendarInfoW
GetLocaleInfoA
UpdateResourceW
UnhandledExceptionFilter
SizeofResource
GetStdHandle
Process32Next
GetProcessPriorityBoost
FindCloseChangeNotification
CreateMutexW
SetConsoleTitleW
GetSystemDefaultLCID
TlsSetValue
GetCommandLineA
GetProfileIntW
GetOEMCP
Module32First
Heap32Next
GetCommMask
FindFirstFileExW
GetCurrencyFormatA
GetQueuedCompletionStatus
GetProfileSectionA
GlobalUnWire
GetBinaryType
LockFile
SetCalendarInfoA
SetConsoleCP
SetLastError
GetStringTypeExA
GetNumberOfConsoleInputEvents
GetShortPathNameA
GetFileType

shlwapi

PathRemoveArgsW
PathFindFileNameA
StrRStrIA
ColorHLSToRGB
PathStripPathA
StrTrimA
PathAppendA
PathRenameExtensionW
StrToIntA
PathParseIconLocationA
PathRemoveBlanksW
StrCatBuffW
UrlEscapeW
StrCpyW
PathParseIconLocationW
PathIsPrefixA
SHRegWriteUSValueW
PathIsDirectoryA
SHGetValueW
StrCSpnIA
PathAddBackslashW
PathGetArgsW
PathIsUNCServerA
SHQueryInfoKeyA
StrTrimW
PathAddExtensionW
UrlGetPartA
UrlIsNoHistoryA
PathMakePrettyA
SHQueryInfoKeyW
SHRegDuplicateHKey
SHRegDeleteUSValueW
UrlApplySchemeA
SHGetThreadRef
StrRetToBufW
PathUnquoteSpacesW
PathIsContentTypeA
AssocQueryStringW
AssocQueryStringByKeyW
SHRegGetUSValueA
PathFindNextComponentA
StrIsIntlEqualW
SHOpenRegStreamW
SHRegGetBoolUSValueA
StrFormatByteSizeA
PathIsDirectoryW
PathGetArgsA
AssocQueryKeyA
StrNCatW
SHQueryValueExA

ole32

OleGetIconOfClass
CoTaskMemAlloc
CoQueryProxyBlanket
CoMarshalInterThreadInterfaceInStream
OleIsRunning
CoIsHandlerConnected
CreateDataAdviseHolder
WriteStringStream
OleCreateEmbeddingHelper
CoLockObjectExternal
CreateILockBytesOnHGlobal
OleCreateLinkEx
CoFreeLibrary
CoGetClassObject
OleGetClipboard
ReadFmtUserTypeStg
CreateFileMoniker
CoGetCallContext
CoRevokeMallocSpy
OleBuildVersion
StgOpenStorageEx
CoLoadLibrary
CoGetInterfaceAndReleaseStream
CoInitializeSecurity
CreateOleAdviseHolder
OleQueryLinkFromData
CoGetObject
OleSave
CoGetCurrentProcess
StgCreateDocfile
UtConvertDvtd32toDvtd16
CoBuildVersion
GetDocumentBitStg
OleFlushClipboard
CLSIDFromString
SetDocumentBitStg
CoRegisterMessageFilter
CreateGenericComposite
OleRegEnumFormatEtc
MonikerRelativePathTo
DoDragDrop
StgSetTimes
OleConvertOLESTREAMToIStorageEx
CoUnmarshalInterface
RevokeDragDrop
CoGetPSClsid
DllDebugObjectRPCHook
CoGetMarshalSizeMax
CoGetInstanceFromFile
OleGetIconOfFile
IIDFromString
CoInitializeEx
OleCreateLinkToFileEx
CoUnmarshalHresult
OleGetAutoConvert
RegisterDragDrop
OleCreateLinkFromData
OleCreate
CoCreateInstanceEx
OleLockRunning
OleDestroyMenuDescriptor
WriteOleStg
CoCopyProxy
OleInitialize
CoFreeAllLibraries
OleCreateFromDataEx
OleDraw

advapi32

ConvertSecurityDescriptorToAccessA
GetMultipleTrusteeOperationA
CryptCreateHash
RegDeleteValueW
PrivilegedServiceAuditAlarmW
RegConnectRegistryA
ObjectOpenAuditAlarmA
QueryServiceLockStatusA
RegSetKeySecurity
GetSecurityDescriptorOwner
RegLoadKeyW
OpenBackupEventLogA
RegOpenKeyW
AddAuditAccessAce
GetSecurityDescriptorDacl
InitializeAcl
AddAccessAllowedAce
SetEntriesInAclA
ReadEventLogA
MakeSelfRelativeSD
RegQueryValueW
CryptSetProviderA
GetKernelObjectSecurity
GetServiceKeyNameA
StartServiceA
InitiateSystemShutdownW
CryptDecrypt
RegSaveKeyW
EqualSid
RegLoadKeyA
ControlService
ChangeServiceConfigW
CryptDestroyKey
GetSecurityDescriptorGroup
LookupSecurityDescriptorPartsW
RegCreateKeyA
EnumServicesStatusW
SetSecurityDescriptorGroup
GetSecurityInfoExW
AreAllAccessesGranted
CryptImportKey
GetMultipleTrusteeA
RegUnLoadKeyW
RegEnumKeyA
CryptVerifySignatureW
GetServiceKeyNameW
GetCurrentHwProfileW
ImpersonateNamedPipeClient
CryptHashSessionKey
BuildTrusteeWithSidA
AllocateLocallyUniqueId
LookupAccountNameA
CryptDuplicateKey
GetLengthSid
RegCreateKeyExW

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8b8d7c17b3b5584f2852b9835c707bf6

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

shlwapi

ole32

advapi32

Sections

.text Size: 59KB - Virtual size: 59KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 12KB

.text
Size: 59KB - Virtual size: 59KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 12KB