ce7f0b55df80867ee236964d5f0b75c1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ce7f0b55df80867ee236964d5f0b75c1_JaffaCakes118
Size

165KB
MD5

ce7f0b55df80867ee236964d5f0b75c1
SHA1

1ebb2fd9852e39d007befe0257303ed82f7b08fa
SHA256

8e956551e989f761f277aad6f7acd9e4908762f2362b30c2a1abc2f9cf498c9f
SHA512

89f076147dd939f80a6d058b4a2706e0e60204de88c084cf9a7e06d4877713b158f5b7f884ee801d91630d4b0347048ee58de92d887cecc14b16477a1fdda63d
SSDEEP

3072:vd2sKO3bU7ScLgdPQBJgJ3ykoiigIbSNc1SOburIic2VuTfPBjinWh+x:vIsV3bsScIY03ykoxgI8c1furFcGuTXC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce7f0b55df80867ee236964d5f0b75c1_JaffaCakes118

Files

ce7f0b55df80867ee236964d5f0b75c1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d39a01e68b9073cc46afe32146cf37e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TrackPopupMenu
InsertMenuA
GetClipboardSequenceNumber
GetSystemMenu
MessageBoxExW
EnableScrollBar
ModifyMenuW
SendIMEMessageExA
SendMessageTimeoutW
GetKeyboardLayoutNameA
SubtractRect
GetMenuBarInfo
ClipCursor
SetCursor
GetKeyNameTextW
CharLowerBuffW
FlashWindow
EditWndProc
SetUserObjectInformationA
CreateIconIndirect
SystemParametersInfoA
WindowFromDC
CharNextExA
PostQuitMessage
SetWindowLongW
CharToOemBuffW
GetScrollRange
OpenInputDesktop
DdeInitializeA
DrawAnimatedRects
wsprintfW
IsCharAlphaNumericW
CharPrevW
GetAltTabInfo
UpdateWindow
DlgDirSelectExA

gdi32

EngLockSurface
EngFreeModule
SetWindowOrgEx
EngMultiByteToUnicodeN
EngDeletePath
GetTransform
GetCharWidthW
GetGlyphOutline
CreateDIBPatternBrushPt
GetDCOrgEx
EngAssociateSurface
RectInRegion
StartFormPage
GdiSetPixelFormat
RoundRect
PolyDraw
RectVisible
SetWorldTransform
FillRgn
GetColorAdjustment
GdiAddGlsBounds
GetTextExtentPoint32W
GetEnhMetaFileW
UnloadNetworkFonts
ResizePalette
GdiCreateLocalEnhMetaFile
EndPath
SetMiterLimit
GdiEndPageEMF
SelectClipRgn
GetFontData
FONTOBJ_pvTrueTypeFontFile
EngLoadModule
GetGlyphOutlineWow
EngCreatePalette
GdiGetPageCount
GdiEntry15
Pie
GetPixelFormat
GetClipBox
GetRelAbs
SetGraphicsMode
StartDocA
PlayEnhMetaFileRecord
GdiFlush
GetNearestColor
GetFontResourceInfoW
GdiEntry6
ExtCreatePen
EnumEnhMetaFile
DeviceCapabilitiesExW
CreatePolyPolygonRgn
GdiComment
GdiGradientFill
EngGetCurrentCodePage
GdiGetDC
GetKerningPairs
GetETM
ColorCorrectPalette
GetGraphicsMode
GdiEntry9
EnumFontFamiliesA
EngGradientFill
GdiProcessSetup
StartPage
EndPage
CreatePen

advapi32

DestroyPrivateObjectSecurity
SetNamedSecurityInfoExW
ElfOpenEventLogW
OpenTraceW
AreAnyAccessesGranted
QueryServiceLockStatusA
LsaGetUserName
ConvertSecurityDescriptorToStringSecurityDescriptorA
ChangeServiceConfig2W
OpenSCManagerW
QueryServiceStatusEx

kernel32

OpenFileMappingW
SetCalendarInfoA
EnumResourceTypesA
Thread32Next
LoadLibraryA
LocalFlags
GetBinaryTypeW
FillConsoleOutputAttribute
WritePrivateProfileSectionA
GetDateFormatW
ReadConsoleInputA
LockFile
GetLogicalDriveStringsW
TerminateProcess
lstrcatW
CreateThread
GetDefaultCommConfigA
ContinueDebugEvent
lstrcpynW
SetCommTimeouts
GetTimeFormatA
GetOEMCP
SignalObjectAndWait
GetDiskFreeSpaceA
DuplicateHandle
TransmitCommChar
IsBadReadPtr
SetProcessAffinityMask
QueryPerformanceFrequency
GetCurrentDirectoryW
SetCriticalSectionSpinCount
LoadLibraryW
lstrlen
SetThreadLocale
FindFirstChangeNotificationA
UnlockFileEx
GetCommState
ReleaseMutex
SetProcessShutdownParameters
GetOverlappedResult
SetSystemTimeAdjustment
SetConsoleCursorInfo
ReplaceFileA
GetStartupInfoW
GetVersion
GlobalFindAtomW
GetVersionExA
SetConsoleWindowInfo
EnumResourceLanguagesA
LoadResource
GetPriorityClass
GetExitCodeThread
FoldStringW
ClearCommError
SetCurrentDirectoryA
IsValidLocale
SetLocalTime
RtlZeroMemory
GetCommMask
GetModuleHandleW
DeleteAtom
SetTapeParameters
FormatMessageW
BuildCommDCBW
ReadConsoleOutputA
BuildCommDCBAndTimeoutsW
ReadConsoleOutputAttribute
EnumCalendarInfoW
DeleteTimerQueue
SuspendThread
GetACP
WriteFileEx
GetConsoleAliasExesLengthW
GetAtomNameW
WaitForSingleObjectEx
ReplaceFile
ConvertThreadToFiber
EnumDateFormatsW
SetLocaleInfoA
Heap32ListNext
IsDBCSLeadByteEx
GetMailslotInfo
CreateConsoleScreenBuffer
FindFirstFileW
ScrollConsoleScreenBufferW
FillConsoleOutputCharacterA
SetHandleInformation
OpenFile
ReadFileEx
GetCurrentConsoleFont
GetLastError
CreateProcessW
RegisterWaitForSingleObjectEx
GlobalFree
GetCurrentProcess
GetConsoleCursorInfo
SetConsoleCP
Process32NextW
MapViewOfFileEx
RtlUnwind
GetTempPathW
EnumUILanguagesA
UnhandledExceptionFilter
VerLanguageNameA
OpenJobObjectW
ExitProcess
FindFirstVolumeMountPointW
SetSystemPowerState
PurgeComm
GetEnvironmentStrings
GlobalMemoryStatusEx
CancelDeviceWakeupRequest
SwitchToFiber
GetTapePosition
SetMailslotInfo
DisconnectNamedPipe
IsSystemResumeAutomatic
LocalReAlloc
GetDateFormatA
HeapCreate
FindAtomA
CompareStringA
lstrcpyn
SystemTimeToTzSpecificLocalTime
SetupComm
DisableThreadLibraryCalls
GetConsoleAliasW
GetModuleFileNameA
GetExitCodeProcess
GetLocaleInfoW
SetConsoleDisplayMode
GetCommModemStatus
SetProcessPriorityBoost
ConvertDefaultLocale
ReleaseSemaphore
FindNextVolumeMountPointA
EndUpdateResourceW
LocalCompact
ReadDirectoryChangesW
lstrlenW
DnsHostnameToComputerNameA
lstrcmpiA
CreateEventW
TerminateJobObject
SetConsoleActiveScreenBuffer
SetEnvironmentVariableW
GetLogicalDrives
SetConsoleTitleW
FoldStringA
SearchPathW
WritePrivateProfileStructA
FindFirstVolumeA
QueryInformationJobObject
GetNumberOfConsoleInputEvents
FreeUserPhysicalPages
ReadConsoleOutputCharacterW
GetCommandLineW
lstrcat
GetPrivateProfileSectionNamesW
MoveFileExA
LocalLock
IsProcessorFeaturePresent
GetConsoleMode
EnumSystemLocalesW
GetStdHandle
GetPrivateProfileStringW
SetFileAttributesA
VirtualFreeEx
UnregisterWaitEx
LockFileEx
lstrcpy
EnumCalendarInfoExA
EnumSystemCodePagesW
TlsFree
IsBadStringPtrA
PeekConsoleInputA
CreateTapePartition
EnumDateFormatsExA
ReadConsoleOutputCharacterA
SetThreadPriority
WriteConsoleA
RaiseException
GetPrivateProfileSectionA
Module32Next
GenerateConsoleCtrlEvent
FatalExit
IsBadWritePtr
lstrcmp
CreateFiber
InitializeCriticalSectionAndSpinCount
GetProfileIntA
GetProcessHeaps
UnlockFile
GetNumberFormatA
CreateFileW
FindResourceExW
LocalAlloc
GetPrivateProfileStringA
OpenThread
GetPrivateProfileSectionW
SetUnhandledExceptionFilter
CreateFileA
GetStringTypeExW
GetConsoleFontSize
SetTimerQueueTimer
IsDebuggerPresent
FindResourceA
Heap32First
GetConsoleTitleA
GetWindowsDirectoryA
FindFirstVolumeW
GetFileType
DeleteFileA
ReadConsoleA
HeapReAlloc
VirtualProtect
HeapWalk
GetProcessIoCounters
FindFirstFileA
HeapUnlock
SetThreadExecutionState
GlobalReAlloc
GetNumberFormatW
GlobalGetAtomNameA
GlobalHandle
GetVolumeInformationW
SizeofResource
EnumCalendarInfoExW
ReadProcessMemory
GetSystemDefaultLangID
GetSystemPowerStatus
OpenSemaphoreA
AddConsoleAliasA
CreateFileMappingA
Beep
GetLongPathNameW
WaitForSingleObject
GetThreadTimes
EnumResourceTypesW
VirtualProtectEx
FlushViewOfFile
GetConsoleAliasesLengthA
GetPrivateProfileIntA
GetFullPathNameA
MoveFileWithProgressA
FileTimeToSystemTime
DeviceIoControl
LocalSize
VirtualAlloc
ExpandEnvironmentStringsW
GetUserDefaultLCID
DeleteCriticalSection
IsBadStringPtrW
ReadFileScatter
CreateProcessA
GetTickCount
EnumCalendarInfoA
SleepEx
FindNextFileW
QueueUserWorkItem
GetEnvironmentStringsA
GetStringTypeW
VirtualFree
DeleteFileW
GetPrivateProfileSectionNamesA
OpenMutexW
WriteFile
LoadModule
WriteTapemark
GetSystemDefaultLCID
GetProcessTimes
SetFileApisToANSI
GetFileAttributesExW
MulDiv
InitializeCriticalSection
SetErrorMode
ClearCommBreak
CreateJobObjectA
GetEnvironmentVariableW
OpenProcess
GetConsoleOutputCP
SetSystemTime
GlobalSize
GetConsoleAliasExesW
QueryPerformanceCounter
GetProcessVersion
CreateNamedPipeW
FlushInstructionCache
TlsSetValue
WriteConsoleInputW
PeekConsoleInputW
GetCPInfo
SetInformationJobObject
GetNumberOfConsoleMouseButtons
FreeLibraryAndExitThread
SystemTimeToFileTime
CreateIoCompletionPort
OpenMutexA
GetLogicalDriveStringsA
TryEnterCriticalSection
WriteProfileSectionA
LoadLibraryExA
GetCurrentDirectoryA
ReadConsoleOutputW
VerifyVersionInfoW
CopyFileA
DeleteTimerQueueTimer
GetCommProperties
CreatePipe
GetSystemTimeAdjustment
GetNamedPipeHandleStateA
CreateTimerQueueTimer
IsBadCodePtr
Module32NextW
SetVolumeMountPointW
GetShortPathNameW
EnterCriticalSection
GetStringTypeExA
CancelIo
GetConsoleWindow
Sleep
LoadLibraryExW
GetHandleInformation
GetLargestConsoleWindowSize
GlobalFindAtomA
WaitNamedPipeA
Heap32Next
DefineDosDeviceW
AreFileApisANSI
GlobalAlloc
ReadFile
GetSystemTime
GetProcessPriorityBoost
GetComputerNameA
GetTimeZoneInformation
QueueUserAPC
MultiByteToWideChar
FindAtomW
SetComputerNameExW
EnumUILanguagesW
VirtualQueryEx
CreateHardLinkA
GetNamedPipeHandleStateW
FreeEnvironmentStringsA
CompareStringW
GetTempPathA
lstrlenA
CopyFileW
SetCalendarInfoW
FatalAppExitW
SetDefaultCommConfigA
EnumResourceNamesW
HeapDestroy
GetVolumePathNameW
TerminateThread
TlsAlloc
GetFileInformationByHandle
IsBadHugeWritePtr
GlobalMemoryStatus
GetCalendarInfoA
BuildCommDCBAndTimeoutsA
GetLocaleInfoA
CopyFileExW
WaitForMultipleObjectsEx
CreateJobObjectW
OpenJobObjectA
SetFilePointerEx
ResetWriteWatch
GlobalUnWire
FindClose
FindFirstChangeNotificationW
GetPrivateProfileIntW
EndUpdateResourceA
SwitchToThread
GetTempFileNameW
FileTimeToLocalFileTime
Module32First
CreateSemaphoreA
GetTempFileNameA
GetNamedPipeInfo
SetNamedPipeHandleState
SetCurrentDirectoryW
SetHandleCount
PrepareTape
DebugBreak
FormatMessageA
VerifyVersionInfoA
RemoveDirectoryA
VerLanguageNameW
EnumDateFormatsExW
GetCalendarInfoW
FindCloseChangeNotification
GetSystemWindowsDirectoryA
GetProfileIntW
HeapSize
FindNextVolumeW
lstrcpynA
AssignProcessToJobObject
GetConsoleTitleW
ChangeTimerQueueTimer
CreateSemaphoreW
GetProcAddress

shlwapi

SHGetValueA
PathFileExistsW
PathIsNetworkPathA
StrToIntExW
StrCatBuffA
UrlIsOpaqueW
PathMatchSpecA
StrCmpIW
StrCSpnA
SHDeleteEmptyKeyA
PathGetArgsW
PathMakeSystemFolderW
PathRelativePathToW
PathIsUNCServerA
PathUndecorateA
SHRegGetUSValueA
PathQuoteSpacesA
SHCreateShellPalette
SHRegGetUSValueW

ole32

OleCreateEx
CoTaskMemRealloc
CoIsHandlerConnected

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d39a01e68b9073cc46afe32146cf37e9

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

shlwapi

ole32

Sections

.text Size: 138KB - Virtual size: 138KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 512B - Virtual size: 32KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 138KB - Virtual size: 138KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 512B - Virtual size: 32KB

.rsrc
Size: 2KB - Virtual size: 1KB