bd99e51707ff3294c7d9c2f6200860cc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bd99e51707ff3294c7d9c2f6200860cc_JaffaCakes118
Size

280KB
MD5

bd99e51707ff3294c7d9c2f6200860cc
SHA1

36cc00a42786e2b5dcd6de470b7a76e6f0656ab3
SHA256

146de6ff65ded7a0ee0fefc11015a418828c2b322012be4efc3f833839bbad32
SHA512

0daf7dda08ba49a953c681e3b8a0faaa4f4b850ee5c3d9b864fa350c45e8dc929f84374133ee8f09d2dba00a3ea1ca356c204bc94668ae97b8ecd52af6fdb4be
SSDEEP

6144:WYBgIjpRYw4Gn9+BUM4xigWQ3ZJpoa6OUE/DNjUy0DWkro:WYBPFCAn0oxjXvrlNjUE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd99e51707ff3294c7d9c2f6200860cc_JaffaCakes118

Files

bd99e51707ff3294c7d9c2f6200860cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4e98b483029f0f19d541677568748ab5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleProxyW

gdi32

GetObjectW
GetRegionData
GetStockObject
GetWorldTransform
ModifyWorldTransform
OffsetRgn
GetObjectA
RealizePalette
SelectObject
SelectPalette
SetBkColor
SetDIBitsToDevice
SetGraphicsMode
SetLayout
SetWorldTransform
GetLayout
GetDeviceCaps
GetDIBits
GetClipRgn
ExtTextOutW
ExtCreateRegion
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateDIBSection
CreateCompatibleDC
CombineTransform
BitBlt
PatBlt

advapi32

UnregisterTraceGuids
TraceEvent
RegisterTraceGuidsW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
CloseServiceHandle
RegSetValueExW

shell32

SHBindToParent
SHGetDesktopFolder
SHGetFileInfoW
SHGetFolderPathW
SHGetInstanceExplorer
SHGetSpecialFolderPathW
ShellExecuteA
ShellExecuteExW
ShellExecuteW
SHAddToRecentDocs

user32

UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
WindowFromDC
WindowFromPoint
TranslateMessage
TranslateAcceleratorW
TrackPopupMenuEx
TrackMouseEvent
SystemParametersInfoW
ShowWindow
ShowCursor
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetRectEmpty
SetRect
SetMenuInfo
SetMenuDefaultItem
SetMenu
SetForegroundWindow
SetFocus
SetCursor
SetCapture
SendMessageW
ScreenToClient
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterClipboardFormatW
RegisterClassExW
PtInRect
PostThreadMessageW
PostQuitMessage
PostMessageW
PeekMessageW
OffsetRect
NotifyWinEvent
MsgWaitForMultipleObjects
MoveWindow
MonitorFromRect
MonitorFromPoint
MessageBoxW
MessageBeep
MapWindowPoints
LoadStringW
LoadStringA
LoadMenuW
LoadImageW
LoadIconW
LoadCursorW
LoadAcceleratorsW
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageW
IsChild
InvalidateRect
IntersectRect
InsertMenuW
InsertMenuItemW
InflateRect
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetProcessDefaultLayout
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMonitorInfoW
GetMessageW
GetMessagePos
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetKeyState
GetForegroundWindow
GetFocus
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetCursor
GetClientRect
GetClassLongW
GetClassInfoExW
GetCapture
GetAncestor
AdjustWindowRectEx
AnimateWindow
AppendMenuW
BeginDeferWindowPos
BeginPaint
CallNextHookEx
CallWindowProcW
CharNextW
ChildWindowFromPointEx
ClientToScreen
CreatePopupMenu
CreateWindowExW
DefWindowProcW
DeferWindowPos
DeleteMenu
DestroyMenu
DestroyWindow
DispatchMessageW
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndMenu
EndPaint
GetActiveWindow
FindWindowW
FillRect
EnumDisplaySettingsW
EnumDisplayMonitors
EnumDisplayDevicesW
EnumChildWindows
SetMenuItemInfoW

kernel32

CopyFileW
CompareStringW
CloseHandle
CreateDirectoryW
CreateEventW
CreateFileMappingW
CreateFileW
CreateMutexW
CreateSemaphoreW
CreateThread
DeleteCriticalSection
DeleteFileW
DisableThreadLibraryCalls
EnterCriticalSection
EnumUILanguagesW
FillConsoleOutputCharacterW
FindResourceExW
FindResourceW
FlushInstructionCache
FormatMessageW
FreeLibrary
FreeLibraryAndExitThread
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeThread
GetFileAttributesExW
GetFileAttributesW
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetSystemDirectoryW
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathW
GetTickCount
GetUserDefaultUILanguage
GetVersion
GetVersionExW
GlobalAlloc
lstrlenW
lstrcmpiW
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
TerminateProcess
SystemTimeToFileTime
Sleep
SizeofResource
SetUnhandledExceptionFilter
SetThreadPriority
SetThreadExecutionState
SetLastError
SetEvent
ReleaseSemaphore
ReleaseMutex
RaiseException
QueryPerformanceCounter
PulseEvent
OutputDebugStringA
MultiByteToWideChar
MulDiv
MoveFileExW
LockResource
LocalFree
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryExW
LoadLibraryA
LeaveCriticalSection
IsProcessorFeaturePresent
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
HeapAlloc
GlobalUnlock
GlobalMemoryStatusEx
GlobalLock
GlobalFree
GetVersionExA

odbc32

ord18

ole32

ReleaseStgMedium
StringFromGUID2
PropVariantClear
OleUninitialize
OleSetClipboard
OleInitialize
OleGetClipboard
OleFlushClipboard
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterClassObject
CoMarshalInterThreadInterfaceInStream
CoLockObjectExternal
CoInitializeEx
CoInitialize
CoGetInterfaceAndReleaseStream
CoCreateInstance
CoAllowSetForegroundWindow
CLSIDFromString

oleaut32

SysAllocStringLen
SysFreeString
SysStringByteLen
SysStringLen
SysAllocStringByteLen
VariantClear
VariantCopy
VariantInit
SysAllocString
LoadTypeLi
VarUI4FromStr
LoadRegTypeLi

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ntdll

RtlInitUnicodeString

shlwapi

StrChrW
SHStrDupW
PathFindFileNameW
ord16
PathRenameExtensionW
PathRemoveFileSpecW
PathFindExtensionW
PathMatchSpecW
PathIsRootW
PathIsRelativeW
PathIsNetworkPathW
PathIsDirectoryW
StrStrIW
PathFileExistsW
PathAppendW
PathAddBackslashW
PathRemoveExtensionW

Sections

.text
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e98b483029f0f19d541677568748ab5

Headers

File Characteristics

Imports

oleacc

gdi32

advapi32

shell32

user32

kernel32

odbc32

ole32

oleaut32

version

ntdll

shlwapi

Sections

.text Size: 75KB - Virtual size: 76KB

.rdata Size: 156KB - Virtual size: 156KB

.data Size: 17KB - Virtual size: 40KB

.idata Size: 9KB - Virtual size: 11KB

.rsrc Size: 21KB - Virtual size: 23KB

.text
Size: 75KB - Virtual size: 76KB

.rdata
Size: 156KB - Virtual size: 156KB

.data
Size: 17KB - Virtual size: 40KB

.idata
Size: 9KB - Virtual size: 11KB

.rsrc
Size: 21KB - Virtual size: 23KB