c93702383fa570eb2bf398199c01ca37_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c93702383fa570eb2bf398199c01ca37_JaffaCakes118
Size

54KB
MD5

c93702383fa570eb2bf398199c01ca37
SHA1

e6018c1c3300455fa2716282e1c9b7dc6d712dba
SHA256

e1be6ce07624bad5a39cbdafcb8b40f58ba87a656be32453cc7746f3a532bdec
SHA512

3dbc28d2bdcc39a35e024a72603080333f65d3404e7dbf51c54a05e9f04da6fc097ecbe1ef4db42471583cf0e844dbaa29de65582ee8ef3be40397ece889dec8
SSDEEP

1536:IbT3PUXdJSqLDtfSNQrQZ3gG37A65G2kPHpZ8K1p7T:In3PU6qLBfw2Qz380SZ8K1p7T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c93702383fa570eb2bf398199c01ca37_JaffaCakes118

Files

c93702383fa570eb2bf398199c01ca37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f14c09e8f3707806538c8aa74594e3dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseDC
RegisterClipboardFormatW
GetWindowLongW
SetWindowTextW
GetClientRect
GetKeyState
InvalidateRect
DestroyWindow
GetWindowTextLengthW
GetDC
EndDialog
DefWindowProcW
GetDlgItemInt
GetSystemMetrics
LoadImageW
GetWindow
EnableMenuItem
SetMenuItemInfoW
SystemParametersInfoW
SetWindowLongW
GetWindowTextW
IsWindow
LoadStringW
WinHelpW
GetMenuItemCount
SendDlgItemMessageW
MapWindowPoints
GetWindowRect
SetFocus
SetMenuDefaultItem
TrackPopupMenu
CheckRadioButton
SetForegroundWindow
GetClassInfoW
SetWindowPos
GetDlgItem
GetMenuItemInfoW
DestroyIcon
DialogBoxParamW
CheckMenuItem
MessageBeep
RegisterWindowMessageW
PostMessageW
EnumChildWindows
GetLastActivePopup
GetSubMenu
SetTimer
SetCursor
FindWindowW
MessageBoxW
KillTimer
SendMessageW
LoadCursorW
GetForegroundWindow
ShowWindow
LoadMenuW
CreateWindowExW
CheckDlgButton
EnumWindows
ValidateRect
SwitchToThisWindow
RegisterClassW
SetDlgItemTextW
GetWindowThreadProcessId
IsDlgButtonChecked
GetClassNameW
DestroyMenu
GetDlgItemTextW
EnableWindow
RemoveMenu
GetMenuItemID
GetParent

comdlg32

CommDlgExtendedError
GetOpenFileNameW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shlwapi

PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW

lz32

LZClose

mpr

WNetGetResourceInformationW
WNetGetNetworkInformationW
WNetGetConnectionW

advapi32

RegConnectRegistryW
RegOpenKeyExW
CheckTokenMembership
RegSetValueExW
OpenServiceW
OpenSCManagerW
SetSecurityInfo
GetFileSecurityW
RegQueryValueExW
GetUserNameW
QueryServiceStatus
ControlService
OpenThreadToken
LookupAccountSidW
FreeSid
AdjustTokenPrivileges
OpenProcessToken
GetSecurityInfo
CloseServiceHandle
SetSecurityDescriptorOwner
ImpersonateSelf
RegEnumKeyExW
LookupPrivilegeValueW
SetEntriesInAclW
GetTokenInformation
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegDeleteKeyW
RevertToSelf
AllocateAndInitializeSid
AccessCheck
RegCloseKey
StartServiceW

comctl32

ImageList_Remove
ImageList_AddMasked
DestroyPropertySheetPage
PropertySheetW
ImageList_Destroy
ImageList_SetOverlayImage
InitCommonControlsEx
ImageList_GetIcon
ImageList_Create
CreatePropertySheetPageW
ImageList_ReplaceIcon

kernel32

FindResourceW
GetCurrentThreadId
SetWaitableTimer
GetFileSize
CompareStringW
GetLocaleInfoW
GlobalFree
GetTimeFormatW
FindClose
lstrlenW
lstrcmpiW
CloseHandle
ExitThread
TerminateProcess
GetCurrentProcessId
lstrcpynW
UnhandledExceptionFilter
FindFirstFileW
Sleep
GetComputerNameExW
GetDriveTypeW
CompareFileTime
EnterCriticalSection
LocalFree
MulDiv
GetTickCount
CreateWaitableTimerW
MapViewOfFile
SystemTimeToFileTime
DeleteCriticalSection
FormatMessageW
GetFullPathNameW
GetDateFormatW
LoadResource
GetSystemTime
VirtualAlloc
GetUserDefaultLCID
LocalReAlloc
GlobalLock
SetFileTime
UnmapViewOfFile
GetFileType
GetFileAttributesW
GetComputerNameW
GetVolumeInformationW
DuplicateHandle
GetLastError
GlobalReAlloc
OpenProcess
ExpandEnvironmentStringsW
FindNextFileW
CreateFileW
ReleaseActCtx
GetProcAddress
GetCurrentDirectoryW
DisableThreadLibraryCalls
ActivateActCtx
CreateFileMappingW
SetEndOfFile
FileTimeToSystemTime
DeleteFileW
QueryPerformanceCounter
DeactivateActCtx
lstrcmpW
LeaveCriticalSection
InterlockedIncrement
SearchPathW
ReadFile
GetVersionExW
GetLocalTime
FreeLibrary
GetCurrentThread
lstrcmpA
WriteFile
GetCurrentProcess
LocalAlloc
SetErrorMode
GetUserDefaultUILanguage
LockResource
InitializeCriticalSection
GlobalUnlock
SetCurrentDirectoryW
GetFileTime
LoadLibraryW
GlobalAlloc
InterlockedDecrement
SetFilePointer
CancelWaitableTimer
CreateThread
SetFileAttributesW
IsBadStringPtrW
CreateDirectoryW
GetSystemTimeAsFileTime
WideCharToMultiByte
IsBadWritePtr
GetCurrentActCtx
GetEnvironmentVariableW

shell32

SHFileOperationW
SHGetPathFromIDListW
SHGetFolderPathW
ShellExecuteW
SHChangeNotify
DragQueryFileW
SHExtractIconsW

secur32

GetUserNameExW

rpcrt4

UuidCreate
RpcBindingFree
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcBindingSetAuthInfoExW
NdrClientCall2
RpcEpResolveBinding
RpcStringFreeW

ole32

OleInitialize
ReleaseStgMedium
CoGetCallContext
OleUninitialize
CoTaskMemAlloc
OleSetClipboard
CoCreateInstance
CoTaskMemFree
OleGetClipboard

ntdsapi

DsMakeSpnW

msvcrt

wcspbrk
_initterm
wcsncmp
_wcsnicmp
wcsspn
wcsncpy
_wcsicmp
mbstowcs
_except_handler3
rand
malloc
wcsrchr
wcstoul
_adjust_fdiv
wcstombs
iswctype
_vsnwprintf
wcsstr
_purecall
wcschr
setlocale
wcslen
wcscmp
free
_itow
memmove

userenv

UnloadUserProfile

gdi32

RealizePalette
BitBlt
GetStockObject
CreateCompatibleDC
DeleteDC
CreateFontIndirectW
CreateDIBitmap
SelectObject
CreatePalette
DeleteObject
GetObjectW
SelectPalette
GetDeviceCaps

winmm

auxOutMessage

Sections

.textbss
Size: 43KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f14c09e8f3707806538c8aa74594e3dd

Headers

File Characteristics

Imports

user32

comdlg32

version

shlwapi

lz32

mpr

advapi32

comctl32

kernel32

shell32

secur32

rpcrt4

ole32

ntdsapi

msvcrt

userenv

gdi32

winmm

Sections

.textbss Size: 43KB - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 420B

.idata Size: 8KB - Virtual size: 8KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 4B

.textbss
Size: 43KB - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 420B

.idata
Size: 8KB - Virtual size: 8KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 4B