c8a2678bda561f74cb6a9cf9a144da18_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c8a2678bda561f74cb6a9cf9a144da18_JaffaCakes118
Size

9.9MB
MD5

c8a2678bda561f74cb6a9cf9a144da18
SHA1

361bae41fbda58b851e9070b19fabb112da6748e
SHA256

597b65621e6b37b9a88838be8cc829185a08d388c8450d0ee8e889b5ae20bf14
SHA512

ae84a064d71911f080d7d7be3fc900833d9b7e1eefaa49721a8276ae145ed168d3e8db82938c4014e12198f23c132c0815ae40669910b5f44b66e79735ea593a
SSDEEP

98304:RH1EVVA9Z8iAWomhbZKR25kqI6W8tdUzjyWipr7Gmhhx1KPa/48f5+6gOMHiTogw:o49OmhbUqI6EbPC/e1mMBrkjAqml

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8a2678bda561f74cb6a9cf9a144da18_JaffaCakes118

Files

c8a2678bda561f74cb6a9cf9a144da18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e05acb624e3bb1461517d6450fb5689

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

excel.pdb

Imports

advapi32

RegCloseKey
RegEnumValueW
RegOpenKeyExW
GetLengthSid
FreeSid
EqualSid
LookupAccountNameW
IsValidSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
InitializeAcl
AllocateAndInitializeSid
LookupAccountSidW
GetAce
RevertToSelf
AccessCheck
MapGenericMask
OpenThreadToken
ImpersonateSelf
GetSecurityDescriptorLength
GetAclInformation
GetSecurityDescriptorDacl
SetEntriesInAclW
GetExplicitEntriesFromAclW
BuildTrusteeWithSidW
OpenProcessToken
MakeSelfRelativeSD
MakeAbsoluteSD
GetPrivateObjectSecurity
SetPrivateObjectSecurity
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptReleaseContext
CryptAcquireContextW
RegQueryValueExA
RegOpenKeyExA
DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegOpenKeyA
RegQueryValueExW

gdi32

GetStockObject
CreateSolidBrush
SetWindowExtEx
SetViewportExtEx
SetWindowOrgEx
DPtoLP
LPtoDP
SetMapMode
SetTextColor
SetBkColor
SaveDC
RestoreDC
IntersectClipRect
GetRgnBox
CombineRgn
SetRectRgn
ExcludeClipRect
GetClipBox
GetPaletteEntries
GetNearestPaletteIndex
GetTextFaceW
GetTextMetricsW
SetBkMode
SetROP2
SetBrushOrgEx
GetNearestColor
CreateCompatibleBitmap
GetDIBits
GetBkColor
GetTextColor
EnumFontFamiliesW
GetViewportExtEx
GetWindowExtEx
GetMapMode
CreatePatternBrush
SetBitmapBits
CreateDIBPatternBrush
GetWindowOrgEx
BitBlt
CreateBitmap
CreateBrushIndirect
CreateHatchBrush
CreatePen
ExtCreatePen
PlayMetaFileRecord
PlayEnhMetaFileRecord
DeleteMetaFile
DeleteEnhMetaFile
MoveToEx
GetCurrentPositionEx
LineTo
PatBlt
Ellipse
Arc
Pie
DeleteDC
CreateCompatibleDC
StretchBlt
CreatePolygonRgn
Escape
Polygon
CreateRectRgn
CreateRectRgnIndirect
CloseMetaFile
EnumMetaFile
CreateMetaFileW
SetMetaFileBitsEx
GetWinMetaFileBits
GetEnhMetaFileHeader
SetWinMetaFileBits
GetMetaFileBitsEx
PlayEnhMetaFile
EnumEnhMetaFile
GdiComment
ScaleViewportExtEx
SetPixel
GetPixel
GetBitmapBits
Polyline
GdiFlush
RealizePalette
SelectPalette
CreatePalette
GetSystemPaletteEntries
SetDIBits
CreateDIBSection
RoundRect
Rectangle
CreateRoundRectRgn
OffsetRgn
PaintRgn
GetTextExtentPointA
GetCharWidthA
SetTextAlign
GetTextAlign
GetCurrentObject
SetMapperFlags
EnumObjects
UnrealizeObject
EndDoc
AbortDoc
ExtEscape
EndPage
StretchDIBits
SetStretchBltMode
SetAbortProc
StartPage
CreateICW
InvertRgn
GetEnhMetaFileBits
SetEnhMetaFileBits
GetObjectType
CopyEnhMetaFileW
CopyMetaFileW
CreateDIBitmap
CreateFontIndirectW
GetObjectW
GetTextExtentPointW
GetCharWidthW
ExtTextOutW
ExtTextOutA
GetClipRgn
GetTextExtentExPointW
TextOutW
GetTextExtentPoint32W
SetViewportOrgEx
CreateFontA
CreateBitmapIndirect
GetObjectA
SelectClipRgn
GetDeviceCaps
EnumFontsW
GetTextCharsetInfo
DeleteObject
SelectObject
GetOutlineTextMetricsW

kernel32

SetLastError
GetModuleFileNameW
OutputDebugStringA
GetCurrentThreadId
GetCurrentProcessId
GetVersionExA
WinExec
GetSystemDefaultLCID
MulDiv
GetVersionExW
lstrlenW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
IsDBCSLeadByte
IsDBCSLeadByteEx
GetACP
GetDriveTypeW
GetFileSize
GlobalSize
GetFileTime
SetFileTime
GetVolumeInformationW
LockFile
UnlockFile
GetCurrentDirectoryW
MoveFileW
DeleteFileW
SetFilePointer
SetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
WriteFile
CreateFileW
SearchPathW
CloseHandle
ReadFile
GlobalReAlloc
SetEnvironmentVariableW
SetCurrentDirectoryW
GetTickCount
SetErrorMode
GetShortPathNameW
LoadResource
FindResourceW
GetLocalTime
LocalFileTimeToFileTime
SystemTimeToFileTime
FreeLibrary
GlobalHandle
FileTimeToSystemTime
FileTimeToLocalFileTime
LCMapStringW
GetStringTypeW
CompareStringA
IsBadReadPtr
lstrcmpW
RaiseException
GetUserDefaultLCID
GetOEMCP
lstrcmpiA
Sleep
QueryPerformanceCounter
QueryPerformanceFrequency
GetLocaleInfoW
LocalAlloc
LocalFree
GetCurrentThread
GlobalAddAtomW
LoadLibraryA
GetTempPathW
GetCurrentProcess
WideCharToMultiByte
GetCommandLineW
MultiByteToWideChar
GetWindowsDirectoryW
GetTempFileNameW
IsBadWritePtr
SetUnhandledExceptionFilter
TerminateProcess
VirtualAlloc
GetSystemTime
CreateMutexW
InterlockedIncrement
InterlockedDecrement
ReleaseMutex
WaitForSingleObject
GetEnvironmentVariableW
GetSystemDefaultLangID
LockResource
SizeofResource
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TerminateThread
InitializeCriticalSection
SetThreadPriority
CreateThread
VirtualFree
IsValidCodePage
EnumSystemLocalesW
EnumCalendarInfoW
FreeResource
GetFullPathNameW
GetLogicalDrives
IsValidLocale
GlobalGetAtomNameW
GlobalDeleteAtom
SetHandleCount
OpenFile
LoadLibraryExA
GetStartupInfoA
GetProcessHeap
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
VirtualProtect
UnhandledExceptionFilter
GetDriveTypeA
GetVolumeInformationA
GetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FormatMessageA
GetSystemDirectoryW
LoadLibraryExW
LoadLibraryW
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetLastError
InterlockedExchange

ole32

CoInitialize
OleQueryLinkFromData
CreateDataAdviseHolder
OleRegGetUserType
CreateOleAdviseHolder
CoRegisterClassObject
CoRevokeClassObject
CoFreeUnusedLibraries
OleQueryCreateFromData
CoUninitialize
CoRegisterMessageFilter
OleCreateFromData
GetHGlobalFromILockBytes
OleIsCurrentClipboard
CoCreateGuid
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleSetMenuDescriptor
ReadClassStm
CoTreatAsClass
SetConvertStg
OleTranslateAccelerator
OleConvertIStorageToOLESTREAM
OleConvertOLESTREAMToIStorage
OleSave
IsAccelerator
OleSetContainedObject
CoGetClassObject
OleSaveToStream
WriteClassStm
CoTaskMemAlloc
OleLoadFromStream
OleLoad
OleCreateLinkToFile
OleCreateFromFile
OleCreate
CoFileTimeNow
CreateItemMoniker
OleGetIconOfClass
CoIsOle1Class
CoGetMalloc
GetRunningObjectTable
CreateFileMoniker
StgSetTimes
ReadClassStg
CoDisconnectObject
CreateGenericComposite
OleIsRunning
ProgIDFromCLSID
OleRun
CreateBindCtx
OleCreateLink
OleCreateLinkFromData
ReleaseStgMedium
MkParseDisplayName
CoTaskMemFree
CoLockObjectExternal
CreateStreamOnHGlobal
GetHGlobalFromStream
StgIsStorageFile
StgCreateDocfile
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoCreateInstance
ReadFmtUserTypeStg
GetClassFile
StringFromGUID2
StgOpenStorage
CoCreateInstanceEx
WriteClassStg
StringFromCLSID
OleGetClipboard
OleSetClipboard
OleFlushClipboard
WriteFmtUserTypeStg
CLSIDFromString

user32

CharUpperBuffA
MessageBoxA
CharUpperW
UnpackDDElParam
SendMessageTimeoutW
PackDDElParam
GetDoubleClickTime
GetWindowDC
DestroyAcceleratorTable
MessageBoxW
GetSysColor
SetForegroundWindow
ShowWindow
EndDeferWindowPos
DeferWindowPos
SetWindowPos
ScreenToClient
GetWindowRect
SystemParametersInfoW
RegisterClassW
MonitorFromRect
SendMessageW
FillRect
GetClientRect
SetWindowLongW
SetWindowPlacement
GetWindowPlacement
IsIconic
GetWindow
GetWindowLongW
SetActiveWindow
PtInRect
GetSystemMetrics
UnhookWindowsHookEx
SetKeyboardState
GetKeyboardState
SetWindowsHookExW
ReleaseDC
GetDC
LoadIconW
LoadCursorW
SetMessageQueue
RegisterWindowMessageA
IntersectRect
IsRectEmpty
GetMonitorInfoW
MonitorFromPoint
MonitorFromWindow
SetRect
InvalidateRect
BeginPaint
EndPaint
GetWindowTextW
GetUpdateRgn
InvalidateRgn
ValidateRect
ValidateRgn
SetCapture
ReleaseCapture
GetCapture
SetFocus
EnableWindow
IsWindowEnabled
UpdateWindow
DispatchMessageW
FlashWindow
GetClassLongW
GetFocus
BeginDeferWindowPos
GetTopWindow
GetParent
ClientToScreen
GetUpdateRect
SetClassLongW
UnionRect
AdjustWindowRectEx
ShowCaret
HideCaret
RegisterClassExW
ExcludeUpdateRgn
ScrollDC
IsWindowVisible
GetSystemMenu
GetActiveWindow
PeekMessageW
IsChild
DestroyWindow
IsWindow
InSendMessage
VkKeyScanW
GetClassNameW
GetQueueStatus
GetKeyState
GetAsyncKeyState
GetInputState
SetTimer
KillTimer
PostQuitMessage
GetCursorPos
MapVirtualKeyW
TranslateMessage
WaitMessage
MsgWaitForMultipleObjects
RegisterClipboardFormatW
SetCursor
ShowCursor
MessageBeep
OpenIcon
GetWindowThreadProcessId
FindWindowW
EnumDisplayMonitors
SetRectEmpty
CreateMenu
DestroyMenu
DrawMenuBar
GetMenuItemID
GetMenuItemCount
DeleteMenu
RemoveMenu
GetSubMenu
GetMenuState
EnableMenuItem
SetScrollPos
CallWindowProcW
GetDlgItem
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollInfo
GetWindowWord
SetWindowWord
EnumThreadWindows
CloseClipboard
EmptyClipboard
SetCaretPos
GetKeyboardLayout
SetClipboardData
GetClipboardData
OpenClipboard
GetClipboardOwner
EnumClipboardFormats
IsClipboardFormatAvailable
CreateCaret
DestroyCaret
GetCaretPos
GetMessageExtraInfo
OffsetRect
InflateRect
PostMessageW
CloseDesktop
GetUserObjectInformationW
OpenInputDesktop
GetThreadDesktop
CharUpperBuffW
IsCharUpperW
SetWindowTextA
IsWindowUnicode
PeekMessageA
DispatchMessageA
CreateWindowExW
DrawTextW
DrawTextA
GetMessageW
SetParent
WindowFromPoint
GetMessageTime
GetScrollInfo
SendMessageA
UnregisterClassW
MoveWindow
PostMessageA
GetMessagePos
SetCursorPos
GetClipboardFormatNameW
FreeDDElParam
GetDesktopWindow
EqualRect
ArrangeIconicWindows
RedrawWindow
DrawFocusRect
ToUnicode
ToAscii
GetMenu
IsZoomed
EnumChildWindows
CharLowerBuffW
RegisterWindowMessageW
CharUpperA
CharLowerW
ActivateKeyboardLayout
DrawIconEx
DestroyIcon
DrawIcon
GetCursor
SetMenu
CreateAcceleratorTableW
MapWindowPoints
GetForegroundWindow
DefWindowProcW
SetWindowTextW
DrawFrameControl
LoadCursorFromFileW
GetIconInfo
CallNextHookEx
GetKeyboardLayoutList

msvcrt

exit
memmove
rand
srand
_wtoi
wcslen
atof
_ecvt
_fpreset
_onexit
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
__CxxFrameHandler
swprintf
_chdir
_controlfp
_except_handler3

Exports

Exports

DllGetLCID
MdCallBack
_LPenHelper

Sections

.text
Size: 8.5MB - Virtual size: 8.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 79KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ldata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2e05acb624e3bb1461517d6450fb5689

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

gdi32

kernel32

ole32

user32

msvcrt

Exports

Exports

Sections

.text Size: 8.5MB - Virtual size: 8.5MB

.data Size: 79KB - Virtual size: 97KB

.cdata Size: 512B - Virtual size: 4B

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.ldata Size: 72KB - Virtual size: 72KB

.text
Size: 8.5MB - Virtual size: 8.5MB

.data
Size: 79KB - Virtual size: 97KB

.cdata
Size: 512B - Virtual size: 4B

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.ldata
Size: 72KB - Virtual size: 72KB