bd355cf8d7701daec89fba1f83eeb63f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bd355cf8d7701daec89fba1f83eeb63f_JaffaCakes118
Size

501KB
MD5

bd355cf8d7701daec89fba1f83eeb63f
SHA1

a8b8eefef9ade7ef41ad5692fe517e4f96fd3b54
SHA256

527c002c16299c144174af6115267b06b5cf3ee5df5afc621be0f3d9639acd84
SHA512

a93ef7093d7cd15dad2530e5239a71759db27ecbab6e685cbfac9151a2162f66d24373c1a92c9bbba972811309ab0e548f4d624a0f7f2d70c371f704e457c2a9
SSDEEP

12288:fEALM/EerX0E8kKkxGqt1IFP+thZgcJUeK1sQDtvK:sAANrkE8xkGqTI8thZgcRK1sQZK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd355cf8d7701daec89fba1f83eeb63f_JaffaCakes118

Files

bd355cf8d7701daec89fba1f83eeb63f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bdc36355b96b1f9011d198d911797c28

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptSignHashA
CryptAcquireContextW
ReportEventA
CryptImportKey
GetAccessPermissionsForObjectA
DestroyPrivateObjectSecurity
AdjustTokenGroups
CryptGetDefaultProviderA
RegUnLoadKeyW
QueryServiceObjectSecurity
RegSaveKeyW
LookupAccountNameA
ObjectDeleteAuditAlarmA
CreatePrivateObjectSecurity
CryptDecrypt
RegSaveKeyA
CloseServiceHandle
RegOpenKeyW
CryptHashData
RegQueryValueExW
SetServiceObjectSecurity
CryptHashSessionKey
GetSidIdentifierAuthority
GetSecurityDescriptorSacl
GetServiceDisplayNameW
LookupPrivilegeValueA
RegEnumKeyW
GetEffectiveRightsFromAclA
QueryServiceLockStatusW
IsValidSid
GetServiceKeyNameW
ConvertAccessToSecurityDescriptorA
SetNamedSecurityInfoExW
SetTokenInformation
ObjectOpenAuditAlarmW
BuildImpersonateTrusteeA
RegSetValueA
RegOpenKeyExW
FindFirstFreeAce
AreAnyAccessesGranted
ObjectDeleteAuditAlarmW
BuildTrusteeWithSidW
ConvertSecurityDescriptorToAccessA
GetMultipleTrusteeW
SetEntriesInAuditListA
GetServiceKeyNameA
CryptDuplicateKey
DeleteAce
ConvertAccessToSecurityDescriptorW
EnumServicesStatusA
PrivilegedServiceAuditAlarmW
GetAccessPermissionsForObjectW
LookupSecurityDescriptorPartsW
IsValidAcl
CryptSetHashParam
UnlockServiceDatabase
SetNamedSecurityInfoA
PrivilegedServiceAuditAlarmA
RegDeleteValueW
CancelOverlappedAccess
CryptDuplicateHash
DuplicateTokenEx
CryptCreateHash
RegRestoreKeyA
GetTokenInformation
CryptEnumProvidersW
GetTrusteeNameA
RegQueryMultipleValuesW
SetSecurityInfoExA
ObjectOpenAuditAlarmA
GetCurrentHwProfileA
RegOpenKeyA
RegEnumKeyExA
GetUserNameW
GetLengthSid
SetServiceStatus
GetSecurityDescriptorDacl
CryptGenKey
BuildImpersonateTrusteeW
BuildSecurityDescriptorA
LookupAccountSidA
OpenEventLogW
CryptVerifySignatureW
GetEffectiveRightsFromAclW
LookupPrivilegeValueW
RegQueryValueExA
RegQueryValueW
CreateServiceA
GetSecurityDescriptorControl
BuildImpersonateExplicitAccessWithNameA
RegCloseKey
GetSecurityDescriptorOwner
RegSetValueExA
SetThreadToken
OpenSCManagerA
GetSecurityInfo
ObjectPrivilegeAuditAlarmW
AbortSystemShutdownW
SetSecurityDescriptorDacl
GetTrusteeNameW
AllocateAndInitializeSid
GetSecurityInfoExW
CryptEnumProviderTypesA
LogonUserW
CryptEnumProvidersA
CryptVerifySignatureA
OpenThreadToken
CryptGetDefaultProviderW
GetExplicitEntriesFromAclA
QueryServiceConfigA
RegEnumKeyA
GetFileSecurityW
AccessCheck
RegConnectRegistryW
InitializeAcl
RegLoadKeyA
SetEntriesInAccessListA
RegQueryInfoKeyA
RegSetValueW
SetSecurityDescriptorOwner
OpenProcessToken
RegRestoreKeyW

user32

DragDetect
CheckMenuRadioItem
MapVirtualKeyA
EnumDisplayDevicesA
GetGUIThreadInfo
SetClipboardViewer
GetMenuItemID
SetClassLongW
OpenDesktopA
SetSystemCursor
GetCursor
GetWindowDC
IsDlgButtonChecked
UnpackDDElParam
DdeCmpStringHandles
CreateIconIndirect
LoadCursorFromFileA
SwapMouseButton
DdeFreeDataHandle
DlgDirSelectExA
IsWindowVisible
DialogBoxIndirectParamA
PeekMessageW
MapVirtualKeyExA
FreeDDElParam
ToUnicodeEx
RemovePropW
ChangeMenuA
EnumDisplaySettingsA
SystemParametersInfoA
TrackPopupMenu
DlgDirListW
SetRectEmpty
SetDlgItemTextW
GetTitleBarInfo
KillTimer
IsWindow
SwitchDesktop
SetWindowsHookExA
SetMenuItemInfoW
GetCaretPos
ChildWindowFromPoint
DrawFrameControl
OemToCharA
RegisterWindowMessageW
SystemParametersInfoW
OemToCharBuffA
DrawFrame
SendNotifyMessageA
GetDialogBaseUnits
DdeAddData
GetDC
InSendMessage
CopyIcon
ChangeDisplaySettingsW
MonitorFromRect
GetFocus
MapVirtualKeyExW
IsCharAlphaA
ReleaseCapture
DefFrameProcA
CallWindowProcW
GetMessagePos
OpenWindowStationA
GetDlgItemTextA
SetMessageExtraInfo
CharToOemBuffW
GetClassNameA
SetWindowRgn
DdeSetUserHandle
FillRect
WINNLSEnableIME
GetDesktopWindow
DefMDIChildProcA
LoadMenuA
GetScrollPos
GetUpdateRect
OffsetRect
FindWindowExW
EnableWindow
DdeCreateStringHandleW
IsClipboardFormatAvailable
DefWindowProcA
UnhookWindowsHook
SetUserObjectInformationW
DefWindowProcW
GetAsyncKeyState
FrameRect
CharToOemBuffA
SetWindowPlacement
GetSystemMenu
DrawCaption
GetMessageExtraInfo
PostThreadMessageW
SwitchToThisWindow
RegisterDeviceNotificationW
CloseWindow
ScreenToClient
SetDebugErrorLevel
CreateWindowExA
CascadeWindows
GetSubMenu
PtInRect
OpenIcon
EndTask
WINNLSGetEnableStatus
BringWindowToTop
EnumDisplaySettingsW
PostQuitMessage
ExitWindowsEx
DdeDisconnect
CharNextW
WaitMessage
GetClipboardViewer
GetClassInfoExW
IsChild
TabbedTextOutW
RegisterWindowMessageA

kernel32

ReleaseMutex
LocalLock
DeleteAtom
FindNextChangeNotification
GetDiskFreeSpaceExW
GetDevicePowerState
CreateDirectoryA
EndUpdateResourceA
WaitForSingleObjectEx
LoadLibraryW
GetProfileStringA
GetLogicalDriveStringsW
SearchPathA
GetComputerNameW
UpdateResourceA
QueryDosDeviceA
CreateIoCompletionPort
PostQueuedCompletionStatus
ReadConsoleOutputAttribute
FreeLibraryAndExitThread
GetDiskFreeSpaceW
GetCurrentThread
FindFirstFileW
GenerateConsoleCtrlEvent
ReadConsoleW
FindFirstChangeNotificationA
GetLocaleInfoW
SetConsoleWindowInfo
GetEnvironmentStringsW
GetVolumeInformationA
GetConsoleMode
IsBadStringPtrW
IsValidLocale
GetEnvironmentVariableA
SetProcessPriorityBoost
CreateFileMappingW
SetCommTimeouts
GetTempFileNameA
SetCalendarInfoW
ExpandEnvironmentStringsW
SetCommConfig
BackupSeek
DeleteFileA
SetComputerNameA
CreateThread
GetThreadPriority
CreateProcessW
OpenFileMappingA
GetProcessPriorityBoost
GetWriteWatch
FileTimeToDosDateTime
RemoveDirectoryA
WaitForMultipleObjectsEx
VirtualFree
SetSystemTimeAdjustment
GetPrivateProfileStructW
BeginUpdateResourceA
ExpandEnvironmentStringsA
SuspendThread
GetLongPathNameA
InitAtomTable
WritePrivateProfileStructW
FreeResource
IsBadWritePtr
IsBadStringPtrA
BuildCommDCBAndTimeoutsA
GetConsoleOutputCP
EndUpdateResourceW
IsBadCodePtr
GetCurrencyFormatA
EnumCalendarInfoW
FindNextFileA
UnlockFile
GetFileAttributesW
GetPrivateProfileIntW
GlobalWire
ConvertDefaultLocale
OpenWaitableTimerA
VerLanguageNameA
SetWaitableTimer
FindFirstFileA
HeapCreate
VirtualAlloc
CreateWaitableTimerA
GetFullPathNameW
OpenFileMappingW
GetConsoleTitleA
GetFileAttributesExW
Heap32ListFirst
SetTimeZoneInformation
DebugActiveProcess
CreateRemoteThread
GetVolumeInformationW
EnumCalendarInfoExA
GetExitCodeThread
OpenMutexW
FatalAppExitA
GlobalFlags
lstrcatA
GetLargestConsoleWindowSize
lstrcpy
GetSystemInfo
GetProcessShutdownParameters
SetErrorMode
IsValidCodePage
SetHandleInformation
SystemTimeToFileTime
GetProfileSectionW
SetConsoleCP
FindFirstFileExA
WriteProfileStringW
GetDriveTypeW
GetDiskFreeSpaceExA
SetDefaultCommConfigW
GetDateFormatA
SetFileApisToOEM
SetThreadLocale
SetLastError
HeapValidate
FillConsoleOutputCharacterA
GetVersionExA
FindFirstFileExW
EnumSystemLocalesA
SetConsoleCursorInfo
SetFileTime
WriteProcessMemory
GetStdHandle
GetFileTime
CreateMailslotW
Toolhelp32ReadProcessMemory
LocalShrink
lstrcmp
EnumCalendarInfoExW
SetProcessAffinityMask
SetFileAttributesW
GetOEMCP
GetTimeZoneInformation
WaitNamedPipeA
DuplicateHandle
GetExitCodeProcess
FindAtomW
HeapWalk
lstrcmpA
FatalExit
GlobalUnfix
FileTimeToLocalFileTime
VirtualProtect

shlwapi

PathIsURLW
SHStrDupA
SHEnumKeyExA
PathMatchSpecW
PathParseIconLocationW
SHRegCloseUSKey
PathFindNextComponentW
StrNCatW
PathRenameExtensionA
UrlGetLocationA
SHSetThreadRef
PathGetArgsW
StrTrimW
StrCSpnIW
SHSetValueW
StrDupA
SHRegOpenUSKeyA
StrToIntExW
SHRegWriteUSValueA
StrCSpnW
PathFindExtensionW
UrlApplySchemeA
PathStripToRootW
UrlIsNoHistoryW
AssocQueryStringByKeyW
PathIsLFNFileSpecA
PathRelativePathToW
GetMenuPosFromID
StrStrIA
StrStrW
PathSetDlgItemPathW
PathIsSameRootW
PathIsNetworkPathW
wvnsprintfW
PathIsUNCServerA
PathQuoteSpacesA
PathQuoteSpacesW
PathIsContentTypeA
HashData
StrStrIW
PathGetDriveNumberW
StrRetToStrA
SHOpenRegStream2A
PathIsUNCA
UrlCanonicalizeW
SHOpenRegStreamW
PathIsUNCServerShareW
SHGetThreadRef
SHGetInverseCMAP
PathRelativePathToA
wvnsprintfA
UrlCombineA
PathRemoveFileSpecW
StrChrA
PathAddExtensionA
AssocQueryStringW
IntlStrEqWorkerW
PathIsPrefixA
PathGetCharTypeW
PathIsUNCServerW
PathIsFileSpecA
SHSetValueA
SHQueryInfoKeyW
PathGetArgsA
PathUndecorateA
PathIsRootA
PathAddBackslashA
PathIsDirectoryA
PathCommonPrefixW
UrlIsOpaqueA
UrlIsOpaqueW
IntlStrEqWorkerA
PathRemoveBlanksW
PathIsDirectoryEmptyW
AssocQueryKeyA
StrSpnA
PathCreateFromUrlW
PathRemoveExtensionA
StrToIntA
SHCopyKeyW
PathRemoveFileSpecA
PathStripPathW
StrChrIA
StrIsIntlEqualA
StrCmpNW
StrCSpnIA
SHRegDeleteUSValueA
StrCatW
SHRegGetUSValueW
UrlUnescapeA
PathIsSameRootA
StrSpnW
SHDeleteEmptyKeyA
UrlIsA
PathFindSuffixArrayA
PathFindSuffixArrayW
PathUnmakeSystemFolderA
PathMakeSystemFolderW

ole32

CoDisconnectObject
OpenOrCreateStream
CoGetPSClsid
ReleaseStgMedium
CoCreateGuid
UtGetDvtd32Info
OleSetMenuDescriptor
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoCreateInstanceEx
DoDragDrop
CreateBindCtx
GetHookInterface
MkParseDisplayName
CoRevertToSelf
OleCreateFromFile
OleNoteObjectVisible
CoCreateInstance
SetConvertStg
WriteFmtUserTypeStg
CoGetTreatAsClass
OleCreateLinkEx
OleFlushClipboard
CoMarshalHresult
CoCreateFreeThreadedMarshaler
CoSetProxyBlanket
OleRegGetMiscStatus
CoSuspendClassObjects
OleQueryCreateFromData
OleConvertIStorageToOLESTREAMEx
OleSetAutoConvert
CreateClassMoniker
StgCreateDocfile
OleMetafilePictFromIconAndLabel
CoRegisterSurrogate
OleCreateStaticFromData
OleCreateLinkFromDataEx
OleCreateDefaultHandler
OleGetClipboard
OleInitialize
CoResumeClassObjects
IsEqualGUID
OleGetAutoConvert
OleRegEnumFormatEtc
StringFromGUID2
OleConvertOLESTREAMToIStorage
StringFromIID
CoGetCallContext
ReadClassStg
OleRegGetUserType
OleSetClipboard
CoFileTimeNow
CreateOleAdviseHolder
CoLoadLibrary
GetHGlobalFromILockBytes
CreateObjrefMoniker
CoMarshalInterface
CoGetObject
UtConvertDvtd16toDvtd32
OleDestroyMenuDescriptor
ReadStringStream
UtGetDvtd16Info
CoRegisterMessageFilter
OleDoAutoConvert
OleUninitialize
CoGetInstanceFromFile
CreateAntiMoniker
OleBuildVersion
OleLoad
OleRun
CoGetInstanceFromIStorage
OleCreateFromDataEx
BindMoniker
CoLockObjectExternal
OleSaveToStream
StgIsStorageFile
StgSetTimes
CreateFileMoniker
CoFreeAllLibraries
ReadOleStg
CoReleaseServerProcess
OleCreateMenuDescriptor
StgIsStorageILockBytes
ProgIDFromCLSID
OleCreateLinkFromData
CoFreeUnusedLibraries
CoImpersonateClient
CoUnmarshalInterface
WriteClassStg
MonikerRelativePathTo
CoGetMarshalSizeMax
OleSave
PropVariantClear
CoQueryAuthenticationServices
StgOpenStorageOnILockBytes
OleCreateLinkToFile
CoSwitchCallContext
StgOpenStorageEx
OleDuplicateData
OleGetIconOfFile
GetDocumentBitStg
CoRevokeMallocSpy
CoGetCallerTID

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 378B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bdc36355b96b1f9011d198d911797c28

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

kernel32

shlwapi

ole32

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 378B

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 378B