c219c8986213dd95241b029c50197eb5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c219c8986213dd95241b029c50197eb5_JaffaCakes118
Size

97KB
MD5

c219c8986213dd95241b029c50197eb5
SHA1

ca6d0deec3d3a19f958a405d657900664b6d7aeb
SHA256

3e0776d2355d8de83ada71211c0b875df0b85ce130b05e33a483a01dc4d43826
SHA512

9ab6031c95f6076419fa742ab0f7706cb0831244daec63dcef7b285574fae57b4c806d144b57029eb7f7f1316d95ff54d1d37c0644c9efca07a91526b8436876
SSDEEP

3072:wFspv8tY5OQCcpC1OuewESqX3+bIVzMEAQUTlmKUY3:w2wY5XPM1awESq+bIV4kU2s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c219c8986213dd95241b029c50197eb5_JaffaCakes118

Files

c219c8986213dd95241b029c50197eb5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9ed7a146e031ed4856cb32de747c0e63

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
lstrcpynW
ConnectNamedPipe
GetStringTypeExW
DeleteFileW
FillConsoleOutputAttribute
IsBadReadPtr
Module32Next
GlobalGetAtomNameW
VirtualQuery
CreateFiber
GetProfileSectionA
GetProfileIntA
MapViewOfFile
SetEndOfFile
EnumResourceTypesW
FindFirstFileExW
TransactNamedPipe
GetFileSize
GetProfileIntW
LoadResource
WriteConsoleW
GetDevicePowerState
RemoveDirectoryW
Heap32Next
LCMapStringW
lstrcpyW
CreateDirectoryW
SetFilePointer
GetEnvironmentVariableW
CreateDirectoryExA
GetSystemInfo
GetStartupInfoW
FormatMessageA
ExitProcess
LCMapStringA
GetStdHandle
SwitchToFiber
GetLongPathNameW
IsSystemResumeAutomatic
FlushInstructionCache
GetCurrencyFormatA
SetThreadExecutionState
CreateFileW
GetProcessHeaps
EnumCalendarInfoExW
CompareStringA
GetBinaryTypeA
CreateConsoleScreenBuffer
ReadConsoleOutputA
FindClose
WritePrivateProfileStringW
OpenMutexW
MoveFileExA
SetNamedPipeHandleState
GetSystemDefaultLCID
SetConsoleOutputCP
GlobalDeleteAtom
OpenFileMappingA
IsProcessorFeaturePresent
HeapFree
FindFirstFileA
SetVolumeLabelA
EnumDateFormatsW
TerminateProcess
ResetWriteWatch
GetAtomNameW
lstrcpynA
DuplicateHandle
GetProcessVersion
GetProcessTimes
lstrcpyn
SetEvent
FileTimeToLocalFileTime
HeapWalk
SetCalendarInfoA
GetComputerNameA
GlobalFlags
EnumResourceLanguagesA
GetProcessWorkingSetSize
GetCurrentProcessId
SetProcessPriorityBoost
WriteConsoleInputA
SetThreadAffinityMask
IsBadHugeWritePtr
ResumeThread
FillConsoleOutputCharacterW
lstrcmpiW
InitializeCriticalSectionAndSpinCount
GetOverlappedResult
EnumSystemLocalesA
GetProcessAffinityMask
GlobalHandle
GetThreadPriority
CreateMailslotA
EnumSystemCodePagesW
ReadConsoleA
lstrlenA
WriteConsoleOutputCharacterA
GetPrivateProfileSectionNamesW
CreateMutexA
GlobalGetAtomNameA
GetTempFileNameW
IsBadStringPtrW
GetLocaleInfoW
CloseHandle
GetSystemDirectoryA
GetTimeFormatW
OpenEventW
UpdateResourceW
GetLargestConsoleWindowSize
PulseEvent
SetCurrentDirectoryA
VirtualUnlock
GetStringTypeExA
ReadDirectoryChangesW
GetCompressedFileSizeW
LoadLibraryA
DeleteAtom
CreateSemaphoreW
ReadFileEx
GetPrivateProfileSectionW
SwitchToThread
CreateSemaphoreA
GetLocalTime
CreateNamedPipeA
PostQueuedCompletionStatus
GetFileTime
GetSystemTimeAdjustment
lstrcmpiA
GetFileAttributesExA
GetStringTypeA
CreateThread
SetProcessWorkingSetSize
QueryPerformanceFrequency
GetPrivateProfileIntW
OpenFile
LoadLibraryExW
TlsSetValue
GetThreadTimes
GlobalAddAtomA
GetCalendarInfoA
EnumCalendarInfoExA
CopyFileW
FreeEnvironmentStringsA
GetCurrentDirectoryW
CopyFileExW
SetLastError
LocalCompact
GetProfileSectionW
VirtualProtect
GetProcAddress

shlwapi

SHAutoComplete
PathIsUNCA
SHDeleteKeyW
ColorAdjustLuma
StrFromTimeIntervalW
StrStrA
UrlHashW
SHGetThreadRef

advapi32

CryptEncrypt
SetSecurityInfo
AccessCheck
DeleteService
PrivilegeCheck
SetSecurityInfoExA
AllocateAndInitializeSid
GetNamedSecurityInfoExA
AccessCheckAndAuditAlarmW
RegDeleteValueW
CryptContextAddRef
SetSecurityDescriptorGroup

user32

DrawFrameControl
GetUpdateRect
DdeFreeDataHandle
DefFrameProcW
SetFocus
CreateCaret
GetWindowTextA
MessageBeep
GetKeyboardLayoutNameW
EndDialog
MapVirtualKeyW
DdeGetData
GetWindowThreadProcessId
DrawTextExA
GetOpenClipboardWindow
TileWindows
WINNLSEnableIME
LoadAcceleratorsW
CharNextW
MapDialogRect
CreateWindowStationA
SetForegroundWindow
GetWindowTextLengthW
SetWindowRgn
EndTask
DefWindowProcW
OemToCharW
SetDlgItemInt
CharLowerA
RemovePropW
SetMessageExtraInfo
SetCursor
SetWindowPos
GetPropW
DefFrameProcA
UnloadKeyboardLayout
DestroyMenu
DefMDIChildProcA
OemToCharA
GetCursorPos
CloseWindow
DdeSetUserHandle
ToUnicodeEx
GetFocus
RegisterWindowMessageW
SetMenu
SetPropW
SendMessageTimeoutA
DdeClientTransaction
ScrollWindow
LoadKeyboardLayoutW
SetParent
WindowFromPoint
SetScrollRange
IsDialogMessage
CreateWindowStationW
CreateDesktopA
CreatePopupMenu
TrackPopupMenu
GrayStringA
GetMenuCheckMarkDimensions
LoadMenuIndirectA
WaitMessage
GetScrollRange
FindWindowExA
GetTabbedTextExtentW
RegisterDeviceNotificationA
GetClassNameW
CreateIconFromResourceEx
BroadcastSystemMessageA
GetDlgCtrlID
DdeKeepStringHandle
CloseClipboard
EnableMenuItem
SetShellWindow
RealChildWindowFromPoint
SendMessageTimeoutW
SetMenuItemInfoA
DdeNameService
GetTopWindow
CreateAcceleratorTableW
FlashWindow
GetDlgItem
CascadeWindows
GetWindowInfo
GetNextDlgGroupItem
MessageBoxExA
IsRectEmpty
GetAltTabInfo
ReleaseCapture
GetUpdateRgn
ImpersonateDdeClientWindow
GetWindowPlacement
SetRect
SendDlgItemMessageA
EditWndProc
FindWindowExW
EnumClipboardFormats
PostQuitMessage
ChangeDisplaySettingsExA
RegisterClipboardFormatA
IsDialogMessageA
EnumWindowStationsA
IsCharUpperW
CopyImage
VkKeyScanExW
EnumDisplayDevicesW
NotifyWinEvent
EnumDesktopsA
DdeQueryStringW
DdeImpersonateClient
SystemParametersInfoA
OemToCharBuffW
WINNLSGetIMEHotkey
DdeQueryConvInfo
GetMessageA
ChangeClipboardChain
InvalidateRect
EnumPropsExA
DdeQueryNextServer
CreateDialogIndirectParamA
SetScrollPos
CheckMenuItem
UnregisterClassA
CharNextA
DlgDirListComboBoxW
EnumDisplaySettingsExA
GetWindowLongW
IsCharLowerA
RegisterClassExW
RegisterClassExA
SetWindowLongW
DeleteMenu
CreateMDIWindowW
CreateIcon
GetKeyboardState
SetCapture
DestroyWindow
GetTitleBarInfo
GetMenuState
LoadBitmapA
InsertMenuA
UnregisterClassW
EnumDisplaySettingsA
GetInputDesktop
GetDesktopWindow
WINNLSGetEnableStatus
GetMenuDefaultItem
InvertRect
GetComboBoxInfo
DdeUninitialize
MonitorFromPoint
MsgWaitForMultipleObjects
FindWindowA
GetKeyboardLayoutList
GetClassLongA
GetPriorityClipboardFormat
PeekMessageA
DispatchMessageA
UnregisterHotKey
DdeDisconnectList
DdeReconnect
CreateIconFromResource
GetWindowTextW
DdeConnectList
IsChild
ShowScrollBar
GetWindow
AdjustWindowRectEx
DdeCmpStringHandles
GetMonitorInfoW
GetThreadDesktop
IsCharLowerW
MapVirtualKeyExW
AdjustWindowRect
GetDoubleClickTime
DefWindowProcA
TrackMouseEvent
EnumDisplayMonitors
CallWindowProcA
GetClassInfoExA
CopyAcceleratorTableA
DialogBoxParamW
GetKeyNameTextA

ole32

GetRunningObjectTable
CoReleaseServerProcess

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ed7a146e031ed4856cb32de747c0e63

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

advapi32

user32

ole32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 512B - Virtual size: 12KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 512B - Virtual size: 12KB

.rsrc
Size: 2KB - Virtual size: 1KB