c76d255633f03dcc7d85aec80d9763a9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c76d255633f03dcc7d85aec80d9763a9_JaffaCakes118
Size

119KB
MD5

c76d255633f03dcc7d85aec80d9763a9
SHA1

5e7fd6035fcd2318e76c92525bf73574cbfd4c6b
SHA256

f6b62c79e39a40750c14c5aa7b3f1063aa77824e0fc08dddf37ca7d55f1daba8
SHA512

0ac7f475918557c85854699926c329f1da5d9893ce524c508e6524812944e0bc787e45974d628649948c48bd51542fdd7f045beb28be69b429d9914ae9e877ed
SSDEEP

1536:X+id/vMA4uCaOlgAA1vspqiSaHwyYykHRr7kNJomULD7apEHolY79l4:Oid/UA4uCa0g/1qzSUmYQH7a2HYY7j4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c76d255633f03dcc7d85aec80d9763a9_JaffaCakes118

Files

c76d255633f03dcc7d85aec80d9763a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

708982bc88d87d5bfb97461a23731ecc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
SetLastError
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
OutputDebugStringA
SetCurrentDirectoryW
VirtualAlloc
VirtualFree
VirtualProtect
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
lstrcmpW
lstrcmpiW
lstrlenW
OpenEventW
MultiByteToWideChar
ResetEvent
RemoveDirectoryW
ReleaseSemaphore
ReleaseMutex
ReadFile
RaiseException
UnhandledExceptionFilter
QueryPerformanceCounter
MulDiv
MoveFileW
MoveFileExW
LockResource
LocalReAlloc
LocalFree
CloseHandle
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryExW
LoadLibraryA
LeaveCriticalSection
LCMapStringW
IsValidLocale
IsProcessorFeaturePresent
IsDebuggerPresent
IsDBCSLeadByte
InterlockedExchange
InterlockedCompareExchange
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapAlloc
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalLock
GlobalFree
GlobalAlloc
GetVersionExW
GetVersionExA
GetVersion
GetUserDefaultLangID
GetUserDefaultLCID
GetTimeZoneInformation
GetTimeFormatW
GetTickCount
GetTempPathW
GetSystemWindowsDirectoryW
GetSystemTimeAsFileTime
GetSystemTime
GetSystemDirectoryW
GetSystemDefaultLangID
GetProcessHeap
GetProcAddress
GetNumberFormatW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetLongPathNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFileTime
GetFileSize
GetFileInformationByHandle
GetFileAttributesW
GetFileAttributesExW
GetExitCodeThread
GetDriveTypeW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCurrencyFormatW
GetCalendarInfoW
GetACP
FreeLibrary
FormatMessageW
FormatMessageA
FlushInstructionCache
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumSystemLocalesW
EnumDateFormatsExW
EnterCriticalSection
DeleteFileW
DeleteCriticalSection
CreateThread
CreateSemaphoreW
CreateMutexW
CreateEventW
CreateDirectoryW
CopyFileW
CompareStringW
CompareStringA
CompareFileTime
TlsSetValue

user32

MoveWindow
AdjustWindowRectEx
BeginPaint
CallNextHookEx
CallWindowProcW
CharLowerA
CharNextW
CharUpperA
ChildWindowFromPointEx
ClientToScreen
CloseClipboard
CopyRect
CreateAcceleratorTableW
CreateWindowExW
DefWindowProcA
DefWindowProcW
DestroyAcceleratorTable
DestroyIcon
DestroyWindow
DispatchMessageW
DrawFocusRect
DrawFrameControl
EmptyClipboard
EnableScrollBar
EnableWindow
EndPaint
EnumClipboardFormats
EqualRect
FillRect
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoExW
GetClassNameW
GetClientRect
GetClipboardData
GetComboBoxInfo
GetCursor
GetDC
GetDesktopWindow
GetDlgItem
GetDoubleClickTime
WindowFromPoint
VkKeyScanW
UpdateWindow
UnregisterClassW
UnregisterClassA
UnionRect
UnhookWindowsHookEx
TranslateMessage
SystemParametersInfoW
ShowWindow
SetWindowsHookExW
SetWindowTextW
SetWindowRgn
SetWindowPos
SetWindowLongW
SetTimer
SetRectEmpty
SetRect
SetKeyboardState
SetFocus
SetCursor
SetClipboardData
SetCapture
SetActiveWindow
SendInput
ScreenToClient
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterWindowMessageA
RegisterClipboardFormatW
RegisterClassW
RegisterClassExW
RegisterClassA
RedrawWindow
PtInRect
PostThreadMessageW
PostMessageW
OpenClipboard
OffsetRect
SendMessageW
MonitorFromRect
MessageBoxW
MessageBoxA
MessageBeep
MapWindowPoints
MapVirtualKeyW
LoadImageW
LoadIconW
LoadCursorW
KillTimer
IsZoomed
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsClipboardFormatAvailable
IsChild
InvertRect
InvalidateRgn
InvalidateRect
IntersectRect
InflateRect
HideCaret
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetParent
GetMonitorInfoW
GetMessageW
GetMessageExtraInfo
GetKeyboardState
GetKeyboardLayout
GetKeyState
GetForegroundWindow
GetFocus

ole32

CLSIDFromProgID
CLSIDFromString
CoAllowSetForegroundWindow
CoCreateFreeThreadedMarshaler
CoCreateGuid
CoCreateInstance
CoDisconnectObject
CoFileTimeNow
CoFreeUnusedLibraries
CoGetClassObject
CoGetInterfaceAndReleaseStream
CoGetMalloc
CoInitialize
CoMarshalInterThreadInterfaceInStream
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CreateBindCtx
CreateDataAdviseHolder
CreateILockBytesOnHGlobal
CreateOleAdviseHolder
CreateStreamOnHGlobal
GetHGlobalFromILockBytes
GetHGlobalFromStream
OleGetClipboard
OleInitialize
OleLockRunning
OleRegEnumVerbs
OleRegGetMiscStatus
OleRegGetUserType
OleRun
OleSaveToStream
OleUninitialize
WriteClassStm
StringFromGUID2
StringFromCLSID
StgCreateDocfileOnILockBytes
ReadClassStm
ProgIDFromCLSID

oleaut32

SysReAllocStringLen
DispCallFunc
GetErrorInfo
VariantTimeToSystemTime
VariantInit
VariantCopyInd
VariantCopy
VariantClear
VariantChangeTypeEx
VariantChangeType
VarUI4FromStr
VarR8FromStr
VarParseNumFromStr
VarNumFromParseNum
VarDecMul
VarDecFromStr
VarDecDiv
VarDecCmpR8
VarCmp
VarBstrFromR8
VarBstrFromDec
VarBoolFromStr
UnRegisterTypeLi
SystemTimeToVariantTime
SysStringLen
SysStringByteLen
CreateErrorInfo
SysFreeString
SysAllocStringLen
SysAllocStringByteLen
SysAllocString
SetErrorInfo
SafeArrayUnlock
SafeArrayUnaccessData
SafeArrayRedim
SafeArrayLock
SafeArrayGetVartype
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayDestroy
SafeArrayCreateVector
SafeArrayCreate
SafeArrayCopy
SafeArrayAccessData
RegisterTypeLi
OleLoadPicturePath
OleCreatePropertyFrame
OleCreatePictureIndirect
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi

gdi32

SetBkColor
SetBkMode
SetLayout
SetMapMode
SetROP2
SetTextAlign
SelectPalette
SetViewportOrgEx
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx
StretchBlt
SelectObject
SelectClipRgn
SaveDC
RestoreDC
Rectangle
RealizePalette
PlayEnhMetaFile
PatBlt
MoveToEx
LineTo
LPtoDP
GetTextMetricsW
GetStockObject
GetObjectW
GetNearestColor
GetMetaFileBitsEx
GetLayout
GetEnhMetaFileHeader
GetDeviceCaps
GetCurrentObject
ExtTextOutW
ExtCreatePen
EnumFontFamiliesExW
DeleteObject
DeleteMetaFile
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePen
CreateMetaFileW
CreateICW
CreateFontIndirectW
CloseMetaFile
CreateEnhMetaFileW
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
SetTextColor
CloseEnhMetaFile
BitBlt
CopyEnhMetaFileW

advapi32

RegQueryValueExW
TraceEvent
ReportEventW
RegisterTraceGuidsA
RegisterEventSourceW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
OpenThreadToken
OpenProcessToken
LookupAccountSidW
LookupAccountNameW
IsValidSid
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
GetTokenInformation
GetSecurityDescriptorDacl
GetLengthSid
GetAclInformation
GetAce
EqualSid
DeregisterEventSource
CryptReleaseContext
CryptHashData
CryptGetHashParam
CryptGenKey
CryptDestroyKey
CryptDestroyHash
CryptCreateHash
CryptAcquireContextW
CopySid
ConvertStringSidToSidW
ConvertSidToStringSidW

imm32

ImmGetCompositionFontW
ImmGetContext
ImmGetOpenStatus
ImmNotifyIME
ImmReleaseContext
ImmSetCompositionFontW
ImmGetCompositionStringW

shell32

SHGetFolderPathW
ShellExecuteExW

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

708982bc88d87d5bfb97461a23731ecc

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

gdi32

advapi32

imm32

shell32

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 33KB - Virtual size: 36KB

.data Size: 14KB - Virtual size: 16KB

.idata Size: 11KB - Virtual size: 12KB

.rsrc Size: 6KB - Virtual size: 8KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 33KB - Virtual size: 36KB

.data
Size: 14KB - Virtual size: 16KB

.idata
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 6KB - Virtual size: 8KB