bec2b35e269ad5a22650d7902ebcb200_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bec2b35e269ad5a22650d7902ebcb200_JaffaCakes118
Size

1.8MB
MD5

bec2b35e269ad5a22650d7902ebcb200
SHA1

996b5ad64418d6cbe8a4257e1aeee4846e8a3ad6
SHA256

ca41bc2179160d322b712a594c11805ba47290132c1737d3cdc90c0cd5fef262
SHA512

92fd486d9a5f97a38dd3061ab5a3f9ebb5e348207647d64c95b71429ceb80b572f85fe4018f2dc4b5584db31d107adc6abaaf66c2f7167f57fdb41094b27e9a1
SSDEEP

24576:qhvw+3jipvCAhGDiOg7jMsE78M5Sg+CXey8XLTIJw9RCtadNaiio:qhvt3jii956CO5XLTIw9yabaiio

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bec2b35e269ad5a22650d7902ebcb200_JaffaCakes118

Files

bec2b35e269ad5a22650d7902ebcb200_JaffaCakes118
.exe windows:5 windows x86 arch:x86

45f9545cc2c52c6715ecc637c2cc4aca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\Maint_9.0.3\Release-Lite_Win32\Setup32.pdb

Imports

oleacc

AccessibleObjectFromWindow
AccessibleObjectFromEvent

iphlpapi

GetAdaptersInfo

kernel32

TlsAlloc
IsBadStringPtrW
TlsSetValue
TlsGetValue
GetFileSize
ReadFile
GetCurrentProcessId
SizeofResource
LoadResource
LockResource
FreeResource
InitializeCriticalSectionAndSpinCount
GetComputerNameW
GetLocalTime
GetWindowsDirectoryW
FormatMessageW
RemoveDirectoryW
DeleteFileW
CreateDirectoryW
WriteFile
SetFileTime
GetFileTime
VirtualFree
VirtualAlloc
SetEvent
ReleaseSemaphore
ResetEvent
CopyFileW
SetFileAttributesW
FlushFileBuffers
LocalFree
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
Module32FirstW
Module32NextW
GetVersionExW
GetSystemWow64DirectoryW
GetLocaleInfoW
GetStartupInfoW
CreateProcessW
GetExitCodeProcess
IsBadReadPtr
IsBadCodePtr
HeapAlloc
GetProcessHeap
HeapFree
ReleaseMutex
LoadLibraryExW
lstrcmpiW
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
FindResourceW
GetDriveTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetModuleHandleA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentDirectoryA
SetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
SetFilePointer
GetDateFormatA
GetTimeFormatA
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetOEMCP
GetCPInfo
HeapSize
TlsFree
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
RtlUnwind
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
MoveFileW
GetFullPathNameW
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualProtect
GetSystemTimeAsFileTime
CreateThread
ExitThread
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
CreateMutexW
WaitForMultipleObjects
FindClose
FindNextFileW
FindFirstFileW
GetShortPathNameW
lstrlenA
GetPrivateProfileIntW
GetFileAttributesW
GetTickCount
SetCurrentDirectoryW
GetModuleHandleW
GetDiskFreeSpaceExW
GetProcAddress
GetCommandLineW
IsValidCodePage
FreeLibrary
LoadLibraryW
GetVolumeInformationW
GetCurrentDirectoryW
MapViewOfFile
CreateFileMappingW
CreateFileW
MoveFileExW
SystemTimeToFileTime
GetSystemTime
FileTimeToSystemTime
GetTempPathW
GetSystemDirectoryW
TerminateProcess
OpenProcess
GetUserDefaultUILanguage
GetUserDefaultLCID
WaitForSingleObject
Sleep
GetPrivateProfileStringW
WideCharToMultiByte
GetACP
SetThreadPriority
CloseHandle
MultiByteToWideChar
lstrcmpW
GlobalAlloc
GlobalLock
GlobalUnlock
GetLastError
DeleteCriticalSection
SetLastError
RaiseException
InitializeCriticalSection
GetModuleFileNameW
MulDiv
lstrlenW
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
LeaveCriticalSection
EnterCriticalSection
SetEndOfFile

user32

UpdateWindow
GetMessageW
TranslateMessage
DispatchMessageW
LoadIconW
UnregisterClassA
SetWindowLongW
GetWindowLongW
DefWindowProcW
CallWindowProcW
RedrawWindow
GetWindowRect
SetFocus
WindowFromPoint
SetWindowPos
GetClientRect
GetParent
GetWindow
GetDC
ReleaseDC
SendMessageW
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
SetWinEventHook
UnhookWinEvent
PostThreadMessageW
EnumChildWindows
IsWindowVisible
IsIconic
SetForegroundWindow
MessageBoxExW
GetKeyboardLayoutList
GetKeyboardLayout
LockSetForegroundWindow
AttachThreadInput
UnionRect
GetSystemMetrics
GetSystemMenu
EnableMenuItem
RemoveMenu
MessageBeep
SetRect
IsRectEmpty
DrawIconEx
MessageBoxW
PostQuitMessage
IsWindowEnabled
OffsetRect
PostMessageW
RegisterWindowMessageW
ShowWindow
IsWindow
DestroyWindow
RegisterClassExW
GetClassInfoExW
LoadCursorW
CreateWindowExW
EndDialog
GetDlgItem
DestroyAcceleratorTable
GetDesktopWindow
InvalidateRect
InvalidateRgn
FillRect
ReleaseCapture
SetCapture
MoveWindow
ScreenToClient
ClientToScreen
CreateAcceleratorTableW
CharNextW
GetSysColor
GetClassNameW
GetFocus
IsChild
EndPaint
BeginPaint
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
InflateRect
BringWindowToTop
SetParent
EnableWindow
SendDlgItemMessageW
GetForegroundWindow
SetDlgItemTextW
CreateDialogParamW
wsprintfW
SetTimer
KillTimer
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
SetClassLongW
GetKeyState
EnumWindows
GetSysColorBrush
DestroyIcon
CheckDlgButton
IsDlgButtonChecked
SendMessageTimeoutW
FindWindowW
GetWindowThreadProcessId
LoadImageW
DialogBoxParamW
SystemParametersInfoW

gdi32

GetCharacterPlacementW
CreateFontIndirectW
GetTextExtentPoint32W
GetObjectType
GetTextMetricsW
GetTextCharset
SelectObject
DeleteObject
GetDeviceCaps
GetStockObject
GetObjectW
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
CreateFontW
DeleteDC
GetTextFaceW

advapi32

RegOpenKeyExW
RegQueryValueExW
ConvertSidToStringSidW
IsValidSid
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
GetLengthSid
SetTokenInformation
DuplicateTokenEx
FreeSid
AllocateAndInitializeSid
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
SetEntriesInAclW
SetSecurityInfo
GetSecurityInfo
SetNamedSecurityInfoW
GetNamedSecurityInfoW
GetUserNameW
RegEnumValueW
RegQueryInfoKeyW
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

shell32

SHBrowseForFolderW
ShellExecuteW
SHFileOperationW
SHGetPathFromIDListW
SHGetFolderPathW
SHChangeNotify

ole32

CoTaskMemRealloc
CoSetProxyBlanket
CoCreateGuid
CoGetMalloc
CoTaskMemFree
CoUninitialize
CoInitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CoCreateInstance
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
CoTaskMemAlloc
OleUninitialize

oleaut32

VarUI4FromStr
SafeArrayUnlock
SafeArrayLock
SafeArrayCreate
SafeArrayDestroy
SafeArrayCopy
SafeArrayGetVartype
SysStringByteLen
SysAllocStringByteLen
VarBstrCmp
OleCreateFontIndirect
DispCallFunc
LoadTypeLi
LoadRegTypeLi
SysStringLen
VariantInit
SysAllocString
SysAllocStringLen
SysFreeString
VariantClear
VariantCopy
VariantChangeType

shlwapi

PathAddBackslashW
PathRemoveBackslashW
PathFindFileNameW
PathIsDirectoryW
PathFindFileNameA
PathFindExtensionW
StrStrIW

comctl32

ord17

gdiplus

GdiplusShutdown

ws2_32

WSACleanup
WSAStartup

wininet

InternetSetFilePointer
InternetReadFile
HttpQueryInfoW
InternetErrorDlg
HttpSendRequestW
InternetQueryOptionW
HttpOpenRequestW
InternetConnectW
InternetGetLastResponseInfoW
InternetSetCookieExW
InternetGetCookieExW
InternetCrackUrlW
InternetOpenUrlW
InternetSetOptionW
InternetOpenW
InternetCloseHandle

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

psapi

GetProcessImageFileNameW
EnumProcessModules
GetModuleFileNameExW

Sections

.text
Size: 999KB - Virtual size: 999KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 366KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

45f9545cc2c52c6715ecc637c2cc4aca

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

oleacc

iphlpapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

ws2_32

wininet

version

psapi

Sections

.text Size: 999KB - Virtual size: 999KB

.rdata Size: 234KB - Virtual size: 234KB

.data Size: 366KB - Virtual size: 396KB

.rsrc Size: 208KB - Virtual size: 212KB

.text
Size: 999KB - Virtual size: 999KB

.rdata
Size: 234KB - Virtual size: 234KB

.data
Size: 366KB - Virtual size: 396KB

.rsrc
Size: 208KB - Virtual size: 212KB