b6edd3fe8f78d3e65b48748a33a7a8d1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b6edd3fe8f78d3e65b48748a33a7a8d1_JaffaCakes118
Size

352KB
MD5

b6edd3fe8f78d3e65b48748a33a7a8d1
SHA1

031ee020370669cb9a5e4c6262f776b5d1b0e6b0
SHA256

a64beb48686efa434cd1d39f0729a1374beb7663938cc97d7c2534bf481e49f7
SHA512

01db8e83cdfe9376ad6bfd89d73c8fed55543cd8d1d3a19b02dff9badce470e3370a3bf54b0c292f037885954aa10d6fb7e4f38bd92d0daa29b93fbbddd5800c
SSDEEP

6144:CEztDJpYC5/jHyKL1IVGvHlwIA4EMdDLwoFIuf:htDJiC5/jHyKLmGvHj53DLL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6edd3fe8f78d3e65b48748a33a7a8d1_JaffaCakes118

Files

b6edd3fe8f78d3e65b48748a33a7a8d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96a317274353b7c39f3c21ae46fb0fcb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\seww\joxlc\wnned\obypxefnj\weo.pdb

Imports

ole32

CoUninitialize
RegisterDragDrop
CoTaskMemAlloc
OleSave
StringFromGUID2
ReadFmtUserTypeStg
OleUninitialize
OleQueryCreateFromData
CreateFileMoniker
CoCreateGuid
OleRun
OleSetClipboard
OleGetIconOfClass
CLSIDFromProgID
CoSuspendClassObjects
WriteClassStm
IsAccelerator
StgOpenStorageOnILockBytes
OleDestroyMenuDescriptor
CoRevokeClassObject
CoRegisterClassObject
CoInitializeEx
OleRegGetUserType
ReleaseStgMedium
OleCreateLinkToFile
OleSetMenuDescriptor
CoGetMalloc
StgCreateDocfileOnILockBytes
CLSIDFromString
OleSaveToStream
OleSetContainedObject
RevokeDragDrop
GetClassFile
CoRegisterMessageFilter
OleGetClipboard
StgIsStorageFile
StgCreateDocfile
CreateILockBytesOnHGlobal
DoDragDrop
WriteClassStg
CoTaskMemRealloc
OleCreateLinkFromData
OleRegGetMiscStatus
CoInitialize
OleTranslateAccelerator
CoCreateInstance
CreateDataAdviseHolder
CoGetClassObject
CoLockObjectExternal
OleIsCurrentClipboard
WriteFmtUserTypeStg
CoDisconnectObject
OleInitialize
OleCreateStaticFromData
SetConvertStg
OleFlushClipboard
StgIsStorageILockBytes
GetHGlobalFromILockBytes
OleLockRunning
CoResumeClassObjects
OleCreate
CoFreeUnusedLibraries
OleRegEnumVerbs
CreateOleAdviseHolder
StringFromCLSID
OleCreateFromFile
OleQueryLinkFromData
StgOpenStorage
CreateBindCtx
CreateGenericComposite
OleCreateFromData
CoTaskMemFree
OleCreateMenuDescriptor
CreateStreamOnHGlobal

comctl32

CreateStatusWindowW
CreateToolbarEx
ImageList_SetDragCursorImage
ImageList_SetOverlayImage
ImageList_DrawEx
_TrackMouseEvent
ImageList_Merge
DestroyPropertySheetPage
PropertySheetA
ImageList_GetDragImage
ImageList_Create
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_EndDrag
ImageList_GetImageCount
ImageList_BeginDrag
ImageList_SetBkColor
ImageList_DragMove
ImageList_Write
ImageList_Read
InitCommonControlsEx
ImageList_DragShowNolock
ImageList_GetIconSize
ord17
ImageList_DragEnter
ImageList_DragLeave
CreatePropertySheetPageA
ImageList_Draw
ImageList_Destroy
ImageList_Add
ImageList_LoadImageA
ImageList_GetIcon
ImageList_Replace

user32

SetMenuItemBitmaps
SetMenu
EmptyClipboard
WinHelpW
LoadAcceleratorsA
ShowScrollBar
GetDlgCtrlID
GetMenuDefaultItem
CreateMenu
WinHelpA
GetSystemMenu
GetMenu
GetMenuCheckMarkDimensions
DestroyAcceleratorTable
IsIconic
SetWindowsHookExW
ReleaseCapture
DrawTextA
DrawIcon
IsZoomed
SystemParametersInfoW
DeleteMenu
GetWindowTextLengthA
MessageBoxA
GetMenuState
GetUpdateRect
GetClipboardData
TabbedTextOutW
GetCapture
PostMessageA
FindWindowW
UpdateWindow
FillRect
IsWindowEnabled
PostThreadMessageA
UnhookWindowsHookEx
GetAsyncKeyState
RegisterClassExW
GetMenuContextHelpId
DrawEdge
DefWindowProcA
SetForegroundWindow
GetMessagePos
SetDlgItemTextA
LoadCursorA
SetMenuContextHelpId
SetDlgItemTextW
GetScrollInfo
OffsetRect
GetMenuStringA
GetPropA
GetDlgItemTextA
DispatchMessageW
UnregisterClassA
TabbedTextOutA
IsMenu
MapWindowPoints
IsWindowVisible
ReuseDDElParam
EnableMenuItem
GetMenuItemID
ValidateRgn
EnableWindow
SetWindowPos
GetMenuItemInfoA
DlgDirSelectExA
GetCursorPos
FindWindowExW
RegisterClassExA
SetWindowRgn
CallNextHookEx
WindowFromDC
GetDCEx
DrawFocusRect
CopyRect
RemoveMenu
RegisterClassA
DlgDirListA
SetDlgItemInt
EndDialog
MapDialogRect
MoveWindow
CopyIcon
TranslateAcceleratorA
DestroyWindow
CreateDialogIndirectParamA
DispatchMessageA
GetIconInfo
DlgDirSelectComboBoxExA
DrawTextW
SetDoubleClickTime
CharUpperA
DestroyIcon
SystemParametersInfoA
LockWindowUpdate
IsDlgButtonChecked
CheckMenuItem
InvalidateRgn
TranslateMDISysAccel
FrameRect
GetNextDlgGroupItem
SetActiveWindow
LoadMenuA
UnionRect
SetParent
GetWindowTextW
IntersectRect
IsWindowUnicode
GetSysColorBrush
GetCursor
CopyAcceleratorTableA
GetMenuItemInfoW
SetRectEmpty
IsWindow
ModifyMenuA
GetSysColor
GetMessageTime
GetLastActivePopup
SetMenuItemInfoA
GetWindowThreadProcessId
wsprintfW
IsDialogMessageA
CheckRadioButton
GetNextDlgTabItem
DrawTextExW
ArrangeIconicWindows
PeekMessageW
RegisterClipboardFormatA
DrawTextExA
MessageBeep
CreateAcceleratorTableW
SubtractRect
CreateDialogIndirectParamW
DefDlgProcA
DestroyMenu
FindWindowA
SetWindowContextHelpId
GrayStringW
GetDC
SetFocus
UnregisterClassW
CallWindowProcA
CreateWindowExA
EnumWindows
GetWindowDC
DrawStateA
EndPaint
GetTopWindow
LoadBitmapW
TranslateMessage
InsertMenuW
InvalidateRect
RegisterClassW
RegisterClipboardFormatW
DefWindowProcW
GetKeyboardState
WindowFromPoint
SetClipboardData
SetCursorPos
LoadIconW
GetKeyState
GetClientRect
LoadIconA
GetMessageW
GetClassInfoA
KillTimer
BeginDeferWindowPos
ClientToScreen
wsprintfA
RedrawWindow
ShowOwnedPopups
DrawFrameControl
SetPropA
LoadMenuIndirectA
PtInRect
InflateRect
GetSubMenu
SetWindowsHookExA
CallWindowProcW
RegisterWindowMessageA
GetActiveWindow
GetDlgItem
GetPropW
ScreenToClient
SendMessageW
SetCaretPos
SetCapture
SendDlgItemMessageA
EnableScrollBar
GetFocus
GetScrollPos
EqualRect
GetParent
PostMessageW
GetWindowRect
InsertMenuA
CreateWindowExW
LoadBitmapA
ReleaseDC
FindWindowExA
BringWindowToTop
SetRect
GetClassNameW
IsChild
CopyImage
GetMenuItemCount
IsRectEmpty
RemovePropA
GetWindowPlacement
SetWindowTextA
SetTimer
GetForegroundWindow
DeferWindowPos
HideCaret
DefFrameProcA
GetWindowLongA
CreateIconFromResourceEx
BeginPaint
MessageBoxW
ShowWindow
GetSystemMetrics
SetClassLongW
PostQuitMessage
SetCursor
AdjustWindowRectEx
GetClassLongW
GetDesktopWindow
SetWindowLongA
GrayStringA
DestroyCursor
LoadStringA
GetWindow
RegisterWindowMessageW
CloseClipboard
IsCharLowerA
LoadMenuW
DlgDirListComboBoxA
GetWindowContextHelpId
GetWindowLongW
ValidateRect
EndDeferWindowPos
GetWindowTextA
mouse_event
GetMessageA

shell32

ExtractIconExA
SHGetDesktopFolder
Shell_NotifyIconW
ord155
SHGetPathFromIDListA
SHGetSpecialFolderPathA
SHBrowseForFolderA
SHGetFileInfoA
DragQueryFileA
ShellExecuteExW
Shell_NotifyIconA
SHGetMalloc
DragAcceptFiles
SHGetFileInfoW
SHBrowseForFolderW
DragQueryPoint
ShellExecuteA
ShellExecuteExA
DragFinish

comdlg32

FindTextA
ReplaceTextA
PrintDlgA
GetOpenFileNameA
PageSetupDlgA
ChooseFontA
GetSaveFileNameA
GetFileTitleA
CommDlgExtendedError

kernel32

GetTimeZoneInformation
GlobalSize
SetEnvironmentVariableA
GetCurrentDirectoryA
GetPrivateProfileIntA
GlobalFree
HeapDestroy
DeleteFileA
GetStdHandle
FatalAppExitA
GetTempFileNameA
GetStringTypeExW
GetVolumeInformationA
MoveFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
SetUnhandledExceptionFilter
GlobalAddAtomA
HeapFree
GlobalDeleteAtom
LeaveCriticalSection
GetVersionExA
GetFileTime
GetLongPathNameA
GetACP
GetTimeFormatA
LockResource
LCMapStringA
WideCharToMultiByte
GetSystemInfo
VirtualFree
EnterCriticalSection
FormatMessageW
CompareFileTime
WritePrivateProfileSectionA
GetFileAttributesA
CreateEventA
GetLocaleInfoA
GetFileSize
GetStartupInfoW
InterlockedIncrement
OpenMutexA
MapViewOfFile
GlobalReAlloc
InterlockedExchange
CreateDirectoryW
QueryPerformanceCounter
GlobalAlloc
GlobalUnlock
VirtualProtect
ConvertDefaultLocale
GetVersion
GetProcessHeap
VirtualAlloc
GetLocaleInfoW
FreeEnvironmentStringsW
lstrcmpiA
CloseHandle
InitializeCriticalSection
GlobalFlags
GetLocalTime
HeapAlloc
UnmapViewOfFile
GetEnvironmentStringsW
GetCurrentThread
SetFileAttributesA
LoadLibraryA
DuplicateHandle
SetCurrentDirectoryW
LoadResource
GetEnvironmentStrings
GetEnvironmentVariableA
CreateFileW
ExitProcess
WriteConsoleW
GetConsoleMode
WaitForSingleObject
HeapReAlloc
lstrcpyW
GetPrivateProfileSectionA
GetStringTypeW
IsBadWritePtr
GetCurrentProcess
IsValidLocale
HeapCreate
SetFilePointer
lstrlenA
WriteFile
GetModuleFileNameW
CreateThread
GetTempPathW
CreateMutexA
GetCurrentProcessId
lstrcmpW
GetConsoleOutputCP
CreateToolhelp32Snapshot
lstrcpynA
GetProcAddress
GlobalFindAtomA
TerminateThread
CreateProcessW
HeapSize
GetSystemTimeAsFileTime
SetLastError
GetSystemDirectoryA
WriteConsoleA
GetModuleFileNameA
IsProcessorFeaturePresent
GetStringTypeA
ExitThread
SetFileTime
GetStartupInfoA
LoadLibraryExW
IsDBCSLeadByte
GetProfileStringA
GetDateFormatA
FindResourceA
lstrlenW
lstrcpynW
LoadLibraryW
GetModuleHandleA
CreateFileA
GetTickCount
SuspendThread
TerminateProcess
LocalReAlloc
GetConsoleCP
GetCurrentThreadId
FreeEnvironmentStringsA
GetProcessVersion
SetEndOfFile
GetLastError
Sleep
FindFirstFileA
LockFile
IsBadReadPtr
GlobalLock
IsValidCodePage
SetErrorMode
EnumSystemLocalesA
CompareStringA
OpenEventA
GetOEMCP
GetCommandLineA
SetHandleCount
GetUserDefaultLangID
ReleaseSemaphore
VirtualQuery
FreeLibrary
ConnectNamedPipe
SetStdHandle
MultiByteToWideChar
lstrcatA
IsBadCodePtr
GlobalGetAtomNameA
lstrcpyA
SizeofResource
FlushFileBuffers
InterlockedDecrement
UnlockFile
TlsAlloc
EnumResourceLanguagesA
GetUserDefaultLCID
GetPrivateProfileStringA
GetFileAttributesW
LCMapStringW
CompareStringW
GetTempPathA
GlobalMemoryStatus
GetCPInfo
GetWindowsDirectoryA
GetThreadLocale
SystemTimeToFileTime
WritePrivateProfileStringA
FindNextFileA
DeleteCriticalSection
ReadFile
GetCommandLineW
IsDebuggerPresent
TlsFree
GlobalHandle
CopyFileA
RemoveDirectoryA
FreeResource
GetFullPathNameA
WinExec
CreateDirectoryA
lstrcmpA
UnhandledExceptionFilter
LocalAlloc
TlsGetValue
GetFileType
MulDiv
FindClose
LocalFree
CopyFileW
TlsSetValue
FormatMessageA
GetSystemDefaultLangID
GetFileAttributesExW
CreateProcessA
InterlockedCompareExchange

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96a317274353b7c39f3c21ae46fb0fcb

Headers

File Characteristics

PDB Paths

Imports

ole32

comctl32

user32

shell32

comdlg32

kernel32

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 76KB - Virtual size: 95KB

.rsrc Size: 96KB - Virtual size: 94KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 76KB - Virtual size: 95KB

.rsrc
Size: 96KB - Virtual size: 94KB