bb18079cc03f7bff1fbf2c9fb2643a7a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb18079cc03f7bff1fbf2c9fb2643a7a_JaffaCakes118
Size

30KB
MD5

bb18079cc03f7bff1fbf2c9fb2643a7a
SHA1

a37c997fcb374948f40a634d0d697b4b4091c332
SHA256

62b555a856052e4477f947be197214ff19eb0a7c5e884559aef50807026007d2
SHA512

eaa9cecb7b6bb1fb6a79d2eb55a7d7a56ab9ad62b79ca846866201c7d589a554a666c4ffdf86bbc79e767467be088f145dc99cf88a2aac031e86c4f3078f13bc
SSDEEP

768:L3/VjNelYhREkwed9lQXGfzq8R2ZZaeS:DNjNBhREkwedxf8Et

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb18079cc03f7bff1fbf2c9fb2643a7a_JaffaCakes118

Files

bb18079cc03f7bff1fbf2c9fb2643a7a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2cc72b6f7058b5186b5de39f2b85212d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
GetLocaleInfoW
GetCurrentProcessId
GetSystemTime
SetUnhandledExceptionFilter
GetModuleHandleA
TlsSetValue
CloseHandle
UnhandledExceptionFilter
ReleaseSemaphore
QueryPerformanceFrequency
LocalSize
SystemTimeToFileTime
InterlockedCompareExchange
WaitForSingleObject
InterlockedDecrement
LoadLibraryExA
GlobalUnlock
TlsGetValue
GlobalMemoryStatus
ResetEvent
InitializeCriticalSection
EnterCriticalSection
InterlockedIncrement
lstrcmpA
InterlockedExchange
GetSystemInfo
GetProcAddress
OpenProcess
TlsFree
QueryPerformanceCounter
OpenEventA
DisableThreadLibraryCalls
MultiByteToWideChar
TlsAlloc
GetCurrentThreadId
GetThreadPriority
GetCurrentProcess
DuplicateHandle
WideCharToMultiByte
CreateThread
CompareFileTime
LocalReAlloc
GetStartupInfoW
GetCommandLineW
DeleteCriticalSection
lstrlenA
LoadLibraryW
GetVersionExW
FreeConsole
GlobalFree
FormatMessageA
GlobalAlloc
GetLastError
ReleaseMutex
GetModuleHandleW
lstrcpynW
LeaveCriticalSection
SetThreadPriority
MulDiv
GetCurrentThread
HeapDestroy
Sleep
FindClose
TerminateProcess
OpenMutexA
GetVersionExA
SetEvent
RaiseException
FreeLibrary
GlobalLock
VirtualAlloc
LoadLibraryA
GetSystemTimeAsFileTime
ResumeThread
lstrcpynA
lstrlenW
GetTickCount
CreateEventA

shlwapi

StrCatBuffW
SHRegQueryUSValueW
SHGetValueW
SHCopyKeyW
PathParseIconLocationW
SHRegDuplicateHKey
StrCmpNIW
AssocQueryKeyW
StrDupW
SHRegOpenUSKeyA
StrStrIW
PathIsDirectoryW
PathStripToRootW
PathRemoveFileSpecW
AssocCreate
PathAddExtensionW
SHRegSetUSValueW
PathCommonPrefixW
UrlUnescapeA
StrCpyNW
PathCombineW
PathRemoveExtensionA
AssocQueryStringByKeyW
PathIsRelativeW
PathRemoveExtensionW
SHQueryValueExW
GetMenuPosFromID
PathMakePrettyW
PathIsRootW
SHDeleteValueW
PathIsUNCW
StrChrIW
StrChrW
AssocQueryStringW
SHDeleteKeyA
PathCompactPathW
SHOpenRegStream2W
PathRemoveBackslashW
StrCmpNW
ColorRGBToHLS
StrCmpIW
PathIsContentTypeW
StrRChrW
PathIsURLW
PathCreateFromUrlW
SHSetThreadRef
PathFindFileNameA
StrRStrIW
StrCmpW
PathCreateFromUrlA
SHRegEnumUSKeyW
PathFindFileNameW
SHEnumValueW
SHCreateThreadRef
SHDeleteKeyW
StrStrW
SHStrDupW
SHRegGetBoolUSValueW
SHSetValueW
PathUnquoteSpacesW
SHCreateShellPalette
SHRegOpenUSKeyW
ColorHLSToRGB
PathIsUNCServerW
UrlEscapeW
SHRegGetValueW
SHIsLowMemoryMachine
PathFileExistsW
UrlCreateFromPathW
UrlCanonicalizeW
SHRegGetUSValueW
SHRegCloseUSKey
PathFindExtensionW
StrPBrkW
StrToIntW
SHGetThreadRef
PathIsUNCServerShareW
wnsprintfW
PathRemoveBlanksW
PathRemoveArgsW
StrRetToBufW
PathGetArgsW

user32

GetWindowLongA
LoadStringA
CreateMenu
EqualRect
LoadCursorA
EnableWindow
DrawIconEx
GetMenuItemCount
GetKeyboardState
InSendMessage
SetRect
GetWindow
UnhookWindowsHookEx
SetForegroundWindow
SetFocus
GetMessagePos
EnableMenuItem
DestroyIcon
IntersectRect
GetKeyState
GetScrollInfo
ShowWindow
IsWindowEnabled
GetSysColorBrush
InsertMenuA
GetDlgItem
HideCaret
FillRect
GetSysColor
IsWindow
SetWindowPos
PostMessageW
WaitMessage
SetScrollPos
SetCursor
GetWindowRect
IsRectEmpty
GetShellWindow
ReleaseDC
SendMessageA
GetSystemMetrics
GetDlgCtrlID
SetMenu
MoveWindow
CloseClipboard
DestroyWindow
MessageBeep
GetCapture
GetProcessWindowStation
AdjustWindowRectEx
MapWindowPoints
MsgWaitForMultipleObjects
GetCursor
ReleaseCapture
ChildWindowFromPoint
RedrawWindow
DestroyAcceleratorTable
LoadMenuW
GetActiveWindow
GetFocus
DrawEdge
EndDialog
SetWindowPlacement
InflateRect
GetClipboardData
SetRectEmpty
InvalidateRect
ShowCaret
WaitForInputIdle
GetCursorPos
IsWindowVisible
ScreenToClient
OffsetRect
SystemParametersInfoA
SetCapture
SetParent
GetWindowDC
GetSubMenu
CharNextW
GetDoubleClickTime
CreateIconIndirect
CopyRect
SetTimer
SetWindowLongA
GetDesktopWindow
BeginPaint
GetAsyncKeyState
RemoveMenu
GetCaretPos
MsgWaitForMultipleObjectsEx
CheckMenuItem
SetMenuDefaultItem
GetSystemMenu
SetKeyboardState
CallNextHookEx
OpenClipboard
TranslateMessage
LoadMenuA
GetMenuState
LockWindowUpdate
RegisterWindowMessageW
IsIconic
RegisterWindowMessageA
CharNextA
IsMenu
GetWindowPlacement
GetMenuItemID
EndPaint
GetForegroundWindow
PtInRect
ClientToScreen
GetWindowThreadProcessId
IsChild
SendMessageTimeoutA
GetIconInfo
SetWindowRgn
SetActiveWindow
GetClientRect
InsertMenuW
IsWindowUnicode
SetScrollInfo
GetClassWord
GetUpdateRect
UpdateWindow
KillTimer
EnumWindows
CopyIcon
WindowFromPoint
EnumChildWindows
ShowScrollBar
GetDC
GetParent
CreatePopupMenu

crypt32

CryptFormatObject

cmdial32

AutoDialFunc
CmCustomHangUp

gdi32

SelectPalette
LineTo
SetViewportOrgEx
GetPaletteEntries
GetDCOrgEx
GetClipBox
CreateRectRgnIndirect
SetWindowOrgEx
TextOutA
SetRectRgn
CreateCompatibleDC
GetPixel
EqualRgn
SaveDC
CreateRectRgn
OffsetWindowOrgEx
RestoreDC
SetMapMode
GetTextExtentPoint32A
SetViewportExtEx
CreatePen
BitBlt
CreatePolygonRgn
GetStockObject
SetWindowExtEx
SetStretchBltMode
CombineRgn
SetBkColor
GetDeviceCaps
CreateSolidBrush
SetTextColor
SetTextAlign
GetTextExtentPointW
DeleteObject
StretchBlt
MoveToEx
CreateBitmap
CreateFontIndirectA
CreateDIBSection
SetBkMode
SelectObject
PatBlt
RealizePalette
CreateCompatibleBitmap
DeleteDC
GetTextAlign

ole32

CoGetInterfaceAndReleaseStream
CoTaskMemAlloc
OleUninitialize
CoFileTimeNow
CreateStreamOnHGlobal
CoInitializeEx
ReleaseStgMedium
OleLoadFromStream
OleSaveToStream
CoCreateInstance
CoUninitialize
StringFromGUID2
OleInitialize
CreateBindCtx
CoMarshalInterface
CoTaskMemFree
CoFreeUnusedLibraries

msvcrt

_vsnwprintf
malloc
memmove
_initterm
_except_handler3
free
_adjust_fdiv

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

ws2_32

WSAEventSelect

Sections

.text
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2cc72b6f7058b5186b5de39f2b85212d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

user32

crypt32

cmdial32

gdi32

ole32

msvcrt

advapi32

ws2_32

Sections

.text Size: 512B - Virtual size: 464B

.rsrc Size: 14KB - Virtual size: 13KB

.rdata Size: 5KB - Virtual size: 4KB

.idata Size: 10KB - Virtual size: 9KB

.text
Size: 512B - Virtual size: 464B

.rsrc
Size: 14KB - Virtual size: 13KB

.rdata
Size: 5KB - Virtual size: 4KB

.idata
Size: 10KB - Virtual size: 9KB