b95b00c99e16d30b9b90a9e83636d950_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b95b00c99e16d30b9b90a9e83636d950_JaffaCakes118
Size

6.9MB
MD5

b95b00c99e16d30b9b90a9e83636d950
SHA1

480657cb6dd2ce6538a5cbf15b2fa23ad80c1735
SHA256

676349abee2a248ac58a6d310297d7495aa373e50b14f30c260cd9e5130dadf9
SHA512

b69afb94197b28a26018f04550fc3b1a8bbc0a0dd4c042dd901cd97da58437fcd9793df61fcb11f4d73519b6de75461b7d4491b334b296221b17d8731565dccc
SSDEEP

196608:7uJsdx+1Qk0zBOgRYK46bz6KlzilWLgM6NQA9B1:7pdx+1B0zYP6iKJs9B1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b95b00c99e16d30b9b90a9e83636d950_JaffaCakes118

Files

b95b00c99e16d30b9b90a9e83636d950_JaffaCakes118
.exe windows:5 windows x86 arch:x86

51271f4c8426393a7fccf3d5e5a07d98

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\BranchAI\win\Release\stubs\x86u\ExternalUi.pdb

Imports

kernel32

CreateFileW
lstrcmpW
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
GetLastError
GetDriveTypeW
CompareStringW
lstrcmpiW
lstrlenW
FreeLibrary
GetProcAddress
WriteFile
CreateMutexW
GetFileSize
ReadFile
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
LoadLibraryW
IsValidCodePage
GetOEMCP
GetACP
HeapCreate
GlobalFree
LCMapStringW
LCMapStringA
GetCPInfo
RtlUnwind
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoW
IsDebuggerPresent
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetLocaleInfoA
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
PeekNamedPipe
OpenEventW
TerminateProcess
OpenProcess
SearchPathW
ConnectNamedPipe
CreateNamedPipeW
ResetEvent
MoveFileW
TerminateThread
GetEnvironmentVariableW
GetSystemDirectoryW
GetLocalTime
OutputDebugStringW
GlobalMemoryStatus
GetVersion
GetWindowsDirectoryW
GetUserDefaultLangID
GetSystemDefaultLangID
GetLocaleInfoW
EnumResourceLanguagesW
CopyFileW
SetCurrentDirectoryW
GetTempPathW
GetTempPathA
GetSystemTime
GetTempFileNameW
DeleteFileW
GetTempFileNameA
DeleteFileA
FindFirstFileW
RemoveDirectoryW
FindNextFileW
GetLogicalDriveStringsW
WaitForMultipleObjects
GetSystemInfo
InterlockedExchange
WideCharToMultiByte
GetModuleHandleW
LoadLibraryExW
MultiByteToWideChar
FindClose
SetFileAttributesW
CreateFileA
GetFileAttributesW
GetStringTypeW
CreateDirectoryW
GetCurrentProcessId
CloseHandle
GetExitCodeThread
SetEvent
CreateEventW
SetLastError
Sleep
GetCurrentThreadId
MulDiv
WaitForSingleObject
lstrcpynW
GetCommandLineW
UnlockFile
LockFile
SetFilePointer
GetExitCodeProcess
CreateProcessA
FindResourceExW
CreateProcessW
GetStdHandle
DuplicateHandle
GetModuleFileNameA
FlushFileBuffers
GetCurrentThread
FormatMessageW
GetDiskFreeSpaceExW
GetShortPathNameW
CreateThread
SetUnhandledExceptionFilter
GetVersionExW
LoadLibraryA
LocalFree
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
RaiseException
FlushInstructionCache
ExitProcess
LocalAlloc
GetCurrentProcess

user32

MessageBoxW
SetWindowLongW
GetWindowLongW
DefWindowProcW
CallWindowProcW
GetClientRect
MapWindowPoints
GetParent
GetWindow
SendMessageW
GetWindowTextW
GetWindowTextLengthW
IsWindow
ShowWindow
GetWindowRect
UnionRect
IsWindowVisible
ScreenToClient
SetWindowPos
GetWindowDC
ReleaseDC
GetDC
DrawFrameControl
RegisterWindowMessageW
InvalidateRgn
GetDesktopWindow
GetKeyState
DrawStateW
DrawTextExW
ValidateRect
DestroyMenu
AppendMenuW
CreatePopupMenu
TrackPopupMenu
InflateRect
LoadBitmapW
CharNextW
DrawFocusRect
GetClassNameW
ReleaseCapture
GetCapture
SetCapture
UpdateWindow
DestroyIcon
GetDlgCtrlID
SetScrollInfo
GetScrollPos
GetClassInfoExW
RegisterClassExW
SetScrollPos
SetRect
MoveWindow
GetScrollInfo
GetMessagePos
GetSysColor
SystemParametersInfoW
GetActiveWindow
TrackMouseEvent
GetAsyncKeyState
DestroyCursor
GetWindowRgn
CopyRect
IsZoomed
SetWindowRgn
GetComboBoxInfo
DestroyAcceleratorTable
CreateAcceleratorTableW
TranslateAcceleratorW
CreateDialogParamW
EndDialog
DialogBoxParamW
InvalidateRect
GetNextDlgTabItem
SetFocus
SetCursor
FillRect
GetMonitorInfoW
LoadImageW
IsDialogMessageW
IsChild
GetFocus
PostQuitMessage
LoadStringW
MonitorFromWindow
PostMessageW
SetForegroundWindow
SetCursorPos
GetCursorPos
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
LoadCursorW
RedrawWindow
IsWindowEnabled
EnableWindow
DestroyWindow
DrawTextW
DrawIconEx
GetSystemMetrics
LoadIconW
DialogBoxIndirectParamW
GetForegroundWindow
GetPropW
GetSystemMenu
EnableMenuItem
MsgWaitForMultipleObjects
ModifyMenuW
FindWindowW
MessageBeep
ExitWindowsEx
GetScrollRange
SetPropW
RemovePropW
LoadMenuW
GetSubMenu
OpenClipboard
CloseClipboard
EmptyClipboard
SetClipboardData
FrameRect
UnregisterClassA
ClientToScreen
OffsetRect
SetRectEmpty
PtInRect
GetSysColorBrush
IntersectRect
IsRectEmpty
SendMessageA
SetWindowTextW
GetDlgItem
CreateWindowExW
EqualRect
SetTimer
KillTimer
EndPaint
BeginPaint

gdi32

ExtTextOutW
SetBkColor
GetLayout
GetBrushOrgEx
CreateFontIndirectW
CreateSolidBrush
GetRgnBox
EqualRgn
CreatePolygonRgn
CreateRectRgnIndirect
GetStockObject
CreateFontW
ExcludeClipRect
SetBkMode
SetTextColor
GetBitmapBits
CreatePatternBrush
FillRgn
SelectClipRgn
CombineRgn
CreateRectRgn
GetObjectW
GetDeviceCaps
SetViewportOrgEx
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
DeleteDC
CreateDIBSection
CreateBitmapIndirect
SetBrushOrgEx

advapi32

LockServiceDatabase
LookupPrivilegeValueW
OpenProcessToken
StartServiceW
QueryServiceStatus
OpenServiceW
RegDeleteValueA
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegCreateKeyA
RegDeleteKeyA
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
GetUserNameW
OpenSCManagerW
AdjustTokenPrivileges
UnlockServiceDatabase
CloseServiceHandle
RegOpenKeyExA
RegEnumValueA
RegOpenKeyW

shell32

SHGetFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetFileInfoW
ShellExecuteW
ShellExecuteExW

ole32

CreateStreamOnHGlobal
CoCreateInstance
OleLockRunning
CLSIDFromProgID
CLSIDFromString
OleInitialize
CoInitializeEx
StringFromGUID2
CoTaskMemAlloc
OleUninitialize
CoUninitialize
CoInitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoTaskMemFree
CoTaskMemRealloc
CoGetClassObject

oleaut32

VarUI4FromStr
VarDateFromStr
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
LoadTypeLi
LoadRegTypeLi
SysStringLen
OleCreateFontIndirect
VariantCopy
VariantInit
VariantClear
SysAllocString
SysFreeString
OleLoadPicture

dbghelp

SymSetOptions
SymFunctionTableAccess
SymGetModuleBase
SymGetLineFromAddr
SymSetSearchPath
SymCleanup
SymInitialize
StackWalk

shlwapi

PathIsDirectoryW
PathAddBackslashW
PathIsUNCW
PathFileExistsW

comctl32

ImageList_Destroy
_TrackMouseEvent
ImageList_Add
ImageList_Create
ImageList_LoadImageW
InitCommonControlsEx
DestroyPropertySheetPage
PropertySheetW
CreatePropertySheetPageW
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_AddMasked

msimg32

AlphaBlend
TransparentBlt

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

netapi32

NetUserGetLocalGroups

comdlg32

GetOpenFileNameW
GetSaveFileNameW

Sections

.text
Size: 859KB - Virtual size: 859KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51271f4c8426393a7fccf3d5e5a07d98

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

dbghelp

shlwapi

comctl32

msimg32

version

netapi32

comdlg32

Sections

.text Size: 859KB - Virtual size: 859KB

.rdata Size: 211KB - Virtual size: 210KB

.data Size: 11KB - Virtual size: 35KB

.rsrc Size: 99KB - Virtual size: 98KB

.reloc Size: 84KB - Virtual size: 83KB

.text
Size: 859KB - Virtual size: 859KB

.rdata
Size: 211KB - Virtual size: 210KB

.data
Size: 11KB - Virtual size: 35KB

.rsrc
Size: 99KB - Virtual size: 98KB

.reloc
Size: 84KB - Virtual size: 83KB