bbb76bb5923fe0c209804b688f7d58e8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bbb76bb5923fe0c209804b688f7d58e8_JaffaCakes118
Size

553KB
MD5

bbb76bb5923fe0c209804b688f7d58e8
SHA1

f8054e50b9334ad395a5915fb11c33602c0dac4a
SHA256

0d200b21d441fae80e704d5a63580629e7631293b62c2bea2663e713fdcd7133
SHA512

ecae091ac8178bcfe434308db39f0700cec8e0fcae29ae8b2643ab1bbca3680177a439bd22b50e185cd4a2bd53778ffb38b8a52977b938c2c99ed6842b4f969d
SSDEEP

12288:FMMnMMMMM+uhUheHBoKFiQrOkwNxNwI4uN867MhpYPdwg2OE4ihlxC:FMMnMMMMMXhUheHZAQSkwNxNX4ZFpYPu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbb76bb5923fe0c209804b688f7d58e8_JaffaCakes118

Files

bbb76bb5923fe0c209804b688f7d58e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cc428d90a8653191429172f5cffe0de0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyW
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegQueryInfoKeyA
RegCreateKeyA
RegSetValueA
AdjustTokenPrivileges
RegOpenKeyA
RegCreateKeyW
RegDeleteKeyW
RegQueryValueExA
RegSetValueExW
RegCloseKey
LookupPrivilegeValueA
InitializeSecurityDescriptor
RegDeleteKeyA
RegEnumKeyW
RegDeleteValueW
RegisterEventSourceA
RegEnumKeyA
RegQueryValueExW
RegEnumValueW
SetSecurityDescriptorDacl
OpenProcessToken
RegQueryValueA
RegEnumValueA
ReportEventA
DeregisterEventSource

oleacc

AccessibleChildren

kernel32

GlobalLock
GlobalDeleteAtom
GlobalSize
FindClose
GlobalUnlock
GetStringTypeExA
GetVersionExA
GetDateFormatA
LCMapStringA
VirtualProtect
GetShortPathNameA
lstrcpyA
WaitForSingleObject
SizeofResource
GetSystemDefaultLangID
lstrlenA
GetCPInfo
GetLastError
CreateSemaphoreA
FreeLibrary
GlobalFree
FlushInstructionCache
GetLocaleInfoA
VirtualFree
ExitProcess
LoadLibraryA
HeapDestroy
GetCurrentDirectoryA
LoadLibraryExA
GetCommandLineA
_lclose
GetVersion
CreateProcessW
SetFileTime
GetTickCount
FindResourceA
TlsGetValue
GetLocalTime
GetProfileStringA
GetStartupInfoA
WideCharToMultiByte
LockResource
GetStdHandle
GetCurrentThreadId
GlobalHandle
GetEnvironmentStrings
GetDriveTypeA
DeleteCriticalSection
TerminateProcess
GetSystemDefaultLCID
GetStringTypeA
lstrcmpiA
IsBadReadPtr
WinExec
CreateProcessA
GetSystemInfo
RaiseException
ReleaseSemaphore
GetTempPathA
GetTempFileNameA
CreateDirectoryA
FreeResource
GetProcAddress
SetCurrentDirectoryA
GetStringTypeW
_llseek
GlobalAddAtomA
RtlUnwind
LockFile
ExitThread
UnhandledExceptionFilter
FormatMessageW
DeleteFileA
HeapCreate
GetFileType
TlsSetValue
GetModuleFileNameA
WriteFile
FormatMessageA
FreeEnvironmentStringsW
ReadFile
GetModuleHandleA
SetErrorMode
HeapReAlloc
InterlockedDecrement
GlobalAlloc
Sleep
FindFirstFileA
InitializeCriticalSection
lstrcmpA
FileTimeToLocalFileTime
SetStdHandle
SetLastError
GetCurrentProcessId
LCMapStringW
InterlockedIncrement
GetWindowsDirectoryA
_lwrite
SetFilePointer
GetTimeZoneInformation
ResumeThread
EnterCriticalSection
SetLocalTime
TlsFree
MulDiv
GetFullPathNameA
FlushFileBuffers
GetVolumeInformationA
SearchPathA
GetOEMCP
TlsAlloc
CreateThread
LeaveCriticalSection
GlobalReAlloc
HeapAlloc
lstrcatA
MoveFileA
GetModuleFileNameW
HeapFree
ResetEvent
RemoveDirectoryA
VirtualAlloc
SetEvent
GetFileAttributesA
MultiByteToWideChar
_lread
VirtualQuery
UnlockFile
CreateFileA
CreateEventA
CompareStringW
SetHandleCount
GetSystemDirectoryA
lstrcmpiW
FileTimeToSystemTime
DuplicateHandle
lstrcpynA
GetFileTime
SetFileAttributesA
SetEnvironmentVariableA
LoadResource
HeapSize
SetEndOfFile
GetExitCodeProcess
IsBadCodePtr
IsDBCSLeadByte
FindNextFileA
GetUserDefaultLangID
SystemTimeToFileTime
GetSystemTime
FreeEnvironmentStringsA
GetCurrentProcess
GetUserDefaultLCID
CloseHandle
GetEnvironmentStringsW
CompareStringA
GetACP

ddraw

DirectDrawEnumerateA

user32

SubtractRect
DdeCreateStringHandleA
GetForegroundWindow
DestroyAcceleratorTable
FindWindowA
SetMenuDefaultItem
ScreenToClient
GetWindowThreadProcessId
TranslateMessage
GetSysColor
WaitMessage
SetParent
keybd_event
RegisterClassExA
CharUpperBuffA
IsRectEmpty
SetPropA
DdeCmpStringHandles
CreateCursor
GetKeyboardState
wsprintfA
SetWindowTextA
MsgWaitForMultipleObjects
AdjustWindowRect
SetWindowsHookExW
DrawFocusRect
SetCaretPos
ShowWindow
OemToCharA
HideCaret
SetWindowsHookExA
PeekMessageW
TranslateMDISysAccel
CreateIcon
EnumClipboardFormats
InvalidateRect
CharLowerA
LoadImageA
GetSystemMenu
MessageBoxA
DdeFreeDataHandle
FindWindowW
BringWindowToTop
CharUpperA
RemovePropA
DispatchMessageA
ModifyMenuA
CharPrevA
VkKeyScanW
InvalidateRgn
SetScrollInfo
GetWindowTextA
GetTabbedTextExtentA
SystemParametersInfoA
SetCursorPos
VkKeyScanA
SetActiveWindow
DestroyCursor
GetCursorPos
ReleaseCapture
GetMenu
GetMessageTime
ShowCursor
DdePostAdvise
GetScrollPos
GetFocus
UpdateWindow
GetWindowTextLengthA
OpenClipboard
GetSystemMetrics
PostMessageW
GetSubMenu
IntersectRect
SetWindowRgn
SetCapture
CreateMenu
DdeInitializeA
CallWindowProcA
GetDlgItem
EndDialog
DdeQueryStringA
GetDCEx
IsChild
DdeAbandonTransaction
IsWindow
LoadCursorA
SetWindowContextHelpId
ShowCaret
DdeFreeStringHandle
GetClassInfoA
EnableWindow
WaitForInputIdle
SetRect
BeginPaint
GetKeyState
RegisterClassA
GetDC
TrackPopupMenu
CallNextHookEx
CopyRect
GetClipboardData
DdeQueryConvInfo
SetFocus
DdeGetData
WindowFromPoint
MoveWindow
LoadAcceleratorsA
DestroyCaret
CharToOemA
DefFrameProcA
CopyAcceleratorTableA
GetClassInfoExA
GetMenuItemInfoA
GetScrollInfo
PostThreadMessageA
DrawMenuBar
CheckMenuItem
CreateAcceleratorTableA
LoadStringA
DdeSetUserHandle
DefWindowProcA
SetForegroundWindow
GetMenuItemCount
GetWindowRgn
GetWindowLongA
OffsetRect
DefMDIChildProcA
SetClipboardData
IsZoomed
GetPropA
GetMenuStringA
IsClipboardFormatAvailable
PostMessageA
CreatePopupMenu
AppendMenuA
GetLastActivePopup
DdeUninitialize
GetParent
LockWindowUpdate
DestroyIcon
InflateRect
CloseClipboard
LoadBitmapA
GetCapture
GetMessagePos
SetScrollPos
MapWindowPoints
FillRect
MessageBoxIndirectA
GetClassNameA
GetCursor
EnumThreadWindows
SetMenuItemInfoA
RegisterClipboardFormatA
AdjustWindowRectEx
DeferWindowPos
UnhookWindowsHookEx
GetCaretPos
IsIconic
GetUpdateRect
PtInRect
GetDesktopWindow
DrawFrameControl
SendDlgItemMessageA
GetClientRect
IsWindowVisible
DestroyMenu
RemoveMenu
BeginDeferWindowPos
AttachThreadInput
SetTimer
ShowScrollBar
DdeNameService
EnableMenuItem
DdeDisconnect
FrameRect
IsWindowEnabled
DrawIcon
SendMessageA
GetCaretBlinkTime
GetDoubleClickTime
GetWindowRect
GetQueueStatus
CreateCaret
CharToOemBuffA
CharNextA
DeleteMenu
CreateWindowExA
GetWindowDC
GetKeyboardLayout
EndPaint
SetWindowPos
DdeCreateDataHandle
SetKeyboardState
DdeConnect
EmptyClipboard
IsCharAlphaA
GetIconInfo
GetWindow
SetDlgItemTextA
CharLowerBuffA
GetUpdateRgn
DestroyWindow
LoadIconA
GetAsyncKeyState
UnregisterClassA
TabbedTextOutA
PeekMessageA
SetCursor
ClientToScreen
EqualRect
PostQuitMessage
DdeClientTransaction
DialogBoxParamA
SetScrollRange
GetActiveWindow
SetMenu
ToAscii
WinHelpA
SetWindowLongA
IsDialogMessageA
ReleaseDC
CharLowerBuffW
MessageBeep
DrawTextA
CharUpperBuffW
KillTimer
EndDeferWindowPos
CreateDialogParamA
DdeGetLastError
GetMenuItemID
InsertMenuA
ClipCursor
GetMenuState
GetClipboardFormatNameA

ole32

OleQueryCreateFromData
OleTranslateAccelerator
CoRevokeClassObject
OleGetIconOfClass
OleLoadFromStream
OleUninitialize
OleSave
OleLoad
CreateDataAdviseHolder
OleRun
CreateBindCtx
OleDoAutoConvert
CoGetMalloc
CoUnmarshalInterface
OleGetAutoConvert
CreateILockBytesOnHGlobal
OleDuplicateData
OleSetClipboard
OleCreateFromFile
CoLockObjectExternal
WriteClassStg
StgOpenStorageOnILockBytes
OleDestroyMenuDescriptor
MkParseDisplayName
OleRegGetUserType
IsAccelerator
OleCreateMenuDescriptor
ReleaseStgMedium
CoGetClassObject
CLSIDFromProgID
OleConvertOLESTREAMToIStorage
CoFreeUnusedLibraries
CoMarshalInterface
RevokeDragDrop
OleFlushClipboard
ProgIDFromCLSID
ReadClassStm
BindMoniker
OleCreateLinkFromData
OleCreateLink
OleCreateFromData
DoDragDrop
OleLockRunning
CreateOleAdviseHolder
StgIsStorageILockBytes
GetClassFile
ReadClassStg
CoDisconnectObject
OleInitialize
OleSetMenuDescriptor
CoRegisterClassObject
OleSaveToStream
StringFromGUID2
StringFromCLSID
CoCreateInstance
StgCreateDocfile
OleCreateLinkToFile
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleIsCurrentClipboard
StgOpenStorage
OleConvertIStorageToOLESTREAM
IIDFromString
StgCreateDocfileOnILockBytes
OleGetClipboard
CLSIDFromString
OleIsRunning
CoIsOle1Class
OleQueryLinkFromData
RegisterDragDrop

gdi32

GetCurrentObject
OffsetRgn
SetWindowExtEx
SetWindowOrgEx
PatBlt
PathToRegion
EndPath
EnumFontsA
GetNearestColor
Pie
SelectClipRgn
GetDeviceCaps
CombineRgn
CreateHalftonePalette
ExcludeClipRect
UnrealizeObject
StretchBlt
StartDocA
SetDIBColorTable
GetStockObject
ScaleViewportExtEx
SetMapMode
CloseEnhMetaFile
GetEnhMetaFileHeader
IntersectClipRect
CreateCompatibleDC
CreatePalette
GetViewportExtEx
CreateDCA
GetPixel
SetAbortProc
BitBlt
GetBkColor
ExtTextOutA
DeleteDC
CreatePenIndirect
CreateDIBitmap
CreateRoundRectRgn
SetTextColor
SetBkColor
CopyEnhMetaFileA
TextOutA
CreateEllipticRgnIndirect
TranslateCharsetInfo
CreateICA
Arc
GetDIBits
GetROP2
CreatePatternBrush
CreateRectRgn
CreatePen
MoveToEx
GetTextColor
SetBkMode
CopyMetaFileA
GetTextExtentPointA
GetObjectA
Ellipse
PlayEnhMetaFile
CreateCompatibleBitmap
OffsetWindowOrgEx
GetSystemPaletteEntries
GetMapMode
GetTextExtentPoint32A
DeleteEnhMetaFile
PlayMetaFile
LineTo
StretchDIBits
StartPage
GetWindowOrgEx
DeleteObject
CreateHatchBrush
AbortDoc
GetObjectType
GetWindowExtEx
CreateSolidBrush
DeleteMetaFile
EndPage
SetRectRgn
SelectPalette
CloseMetaFile
RoundRect
SetROP2
SetViewportOrgEx
CreateFontIndirectA
CreateMetaFileA
RestoreDC
Escape
PtInRegion
SetStretchBltMode
CreateRectRgnIndirect
ScaleWindowExtEx
SelectObject
GetClipBox
EndDoc
CreateBrushIndirect
GetPaletteEntries
BeginPath
SetBrushOrgEx
SetPixelV
ResetDCA
SetViewportExtEx
Rectangle
CreateBitmap
ExtCreateRegion
RealizePalette
CreateEnhMetaFileA
WidenPath
CreateDIBSection
GetBitmapBits
SaveDC
GetTextMetricsA

Sections

.text
Size: 4KB - Virtual size: 972B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 468KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cc428d90a8653191429172f5cffe0de0

Headers

File Characteristics

Imports

advapi32

oleacc

kernel32

ddraw

user32

ole32

gdi32

Sections

.text Size: 4KB - Virtual size: 972B

.rsrc Size: 40KB - Virtual size: 38KB

.idata Size: 16KB - Virtual size: 15KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 468KB - Virtual size: 2.0MB

.text
Size: 4KB - Virtual size: 972B

.rsrc
Size: 40KB - Virtual size: 38KB

.idata
Size: 16KB - Virtual size: 15KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 468KB - Virtual size: 2.0MB