d1abe6bf206997b637c74c878ccc8816_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d1abe6bf206997b637c74c878ccc8816_JaffaCakes118
Size

1.8MB
MD5

d1abe6bf206997b637c74c878ccc8816
SHA1

8d96104509ab5fd279bc3b9ff6bd978a7b655242
SHA256

7a1cabaf973bac625346d9f4afc1c8ba4f3cc8dd7ddf7a398189caddb152baaa
SHA512

f261c0a15a8fb2ff9c46ef96dda1bae02a9f03486edc202485f31471555519bf957c83676db7706fa89c7de5228bd51ee3799710d19e9c8612d69cc251edd5fe
SSDEEP

49152:0SnxTURFmPUxeIhlc4bKgATT2UA4YpCPS8Fvfa50:cRIPI1bKgATy1TpwSwvo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1abe6bf206997b637c74c878ccc8816_JaffaCakes118

Files

d1abe6bf206997b637c74c878ccc8816_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bee6d7aadd2ec1edd617703ad3260386

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetTickCount
HeapFree
VirtualFree
HeapCreate
InterlockedDecrement
IsValidCodePage
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
GetModuleHandleW
SetUnhandledExceptionFilter
HeapAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
lstrlenA
lstrcpynW
lstrcpyW
lstrcmpiW
WriteFile
WinExec
WaitNamedPipeA
WaitForMultipleObjects
VerSetConditionMask
SystemTimeToFileTime
Sleep
SetPriorityClass
SetFilePointer
SetEndOfFile
SetDefaultCommConfigA
SetConsoleDisplayMode
SetConsoleCursorInfo
SetConsoleCursor
SetConsoleCP
ScrollConsoleScreenBufferA
ReadFile
QueryPerformanceCounter
PostQueuedCompletionStatus
OutputDebugStringW
MapUserPhysicalPages
LocalFree
LoadLibraryA
LeaveCriticalSection
IsDBCSLeadByte
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
GlobalUnlock
GlobalMemoryStatusEx
GlobalLock
GlobalFree
GlobalAlloc
GetVersionExA
GetTimeZoneInformation
GetSystemTime
GetStartupInfoA
GetProfileSectionW
GetProcessHeaps
GetProcessAffinityMask
GetProcAddress
GetPrivateProfileStructW
GetPrivateProfileStructA
GetModuleFileNameA
GetLogicalDriveStringsA
GetFileType
GetFileTime
GetFileSize
GetCurrentThread
GetCurrentProcessId
GetConsoleCP
GetCompressedFileSizeA
GetCommandLineA
GetCommProperties
GetCPInfo
GetACP
FormatMessageW
FormatMessageA
FindResourceExW
ExitThread
ExitProcess
EnumTimeFormatsA
EnumDateFormatsExA
EnumDateFormatsA
EnterCriticalSection
EndUpdateResourceA
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessA
CreateMailslotA
CreateHardLinkA
CreateFileW
CreateFileA
CopyFileA
CompareFileTime
CloseHandle
BeginUpdateResourceW
AddConsoleAliasA
GetModuleHandleA
SetErrorMode
GetCurrentThreadId
VirtualAlloc

user32

SetScrollInfo
SetMenu
SetLayeredWindowAttributes
SetForegroundWindow
SetFocus
SetDlgItemTextA
SetDebugErrorLevel
SetCursor
SetClipboardData
SetCapture
SendMessageTimeoutA
SendInput
SendIMEMessageExA
ReplyMessage
RemovePropA
ReleaseDC
ReleaseCapture
RegisterClassA
RealGetWindowClassA
PostThreadMessageW
PostThreadMessageA
PostQuitMessage
PostMessageA
OpenClipboard
OemToCharA
MoveWindow
MessageBoxW
MessageBoxA
MapVirtualKeyA
LoadStringA
LoadMenuA
LoadImageA
LoadCursorA
LoadAcceleratorsA
KillTimer
IsWindow
InvalidateRect
GetWindowThreadProcessId
GetWindowTextLengthA
GetWindowRect
SetTimer
GetWindowLongA
GetWindow
GetUserObjectInformationW
GetSubMenu
GetMessageA
GetMenu
GetKeyState
GetFocus
GetDlgItemTextW
GetDlgItemTextA
GetDlgItem
GetCursorPos
GetComboBoxInfo
GetClipboardOwner
GetClientRect
GetCapture
FindWindowExA
FillRect
EnumDesktopsW
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableMenuItem
EmptyClipboard
DispatchMessageA
DialogBoxParamA
DestroyWindow
DestroyMenu
DeleteMenu
DefWindowProcA
DdeUninitialize
DdeQueryStringW
DdeInitializeA
DdeFreeStringHandle
DdeDisconnect
DdeCreateStringHandleA
SetWindowLongA
SetWindowPos
ShowWindow
TabbedTextOutA
ToAsciiEx
TrackPopupMenu
TranslateAcceleratorA
TranslateMessage
GetMessagePos
GetCursor
IsWindowUnicode
DestroyIcon
UnregisterDeviceNotification
UpdateWindow
WaitMessage
WindowFromPoint
GetWindowModuleFileNameW
DdeConnect
DdeClientTransaction
CreateWindowExA
CreateIconFromResourceEx
CopyAcceleratorTableA
ClientToScreen
CheckMenuItem
CharToOemBuffA
CallMsgFilterA
BringWindowToTop
BeginPaint
IsGUIThread
IsMenu
GetMenuCheckMarkDimensions
GetDlgCtrlID
IsCharAlphaNumericW
GetAsyncKeyState
IsWindowEnabled
DrawMenuBar
GetOpenClipboardWindow
CopyIcon
GetActiveWindow
GetParent
GetSystemMetrics
CharNextA
GetMenuItemCount
GetTopWindow
GetDialogBaseUnits
InSendMessage
GetKBCodePage
ShowCaret
GetClipboardViewer
LoadIconA
GetClipboardData
GetDC
CreatePopupMenu
GetListBoxInfo
WindowFromDC
GetDesktopWindow
GetMessageTime
GetKeyboardLayout
GetShellWindow
DestroyCursor
CharLowerA
LoadCursorFromFileW
CloseClipboard
GetForegroundWindow
GetDoubleClickTime
ScreenToClient

gdi32

FillPath
FlattenPath
GetTextAlign
AbortDoc
AddFontResourceW
EndPage
BeginPath
BitBlt
CLIPOBJ_ppoGetPath
CreateColorSpaceA
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateEnhMetaFileW
CreateFontIndirectA
CreatePalette
CreatePen
CreateRectRgn
CreateSolidBrush
DPtoLP
DeleteObject
EndDoc
EngAcquireSemaphore
EngEraseSurface
EngLoadModule
EnumEnhMetaFile
EnumFontFamiliesA
EnumObjects
ExtCreatePen
ExtTextOutA
FixBrushOrgEx
FrameRgn
GdiConvertRegion
GdiFlush
GetBitmapBits
GetBkMode
EndPath
GetClipRgn
GetDIBits
GetDeviceCaps
GetEUDCTimeStampExW
GetObjectA
GetPaletteEntries
GetSystemPaletteEntries
GetTextExtentPoint32A
GetTextMetricsA
GetWindowExtEx
IntersectClipRect
LPtoDP
LineTo
MirrorRgn
MoveToEx
PlayMetaFile
PolyBezierTo
RemoveFontResourceExW
RestoreDC
SaveDC
ScaleViewportExtEx
SelectClipPath
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetDIBitsToDevice
SetPolyFillMode
SetTextAlign
SetTextColor
StartDocA
StartDocW
StartPage
StretchDIBits
XFORMOBJ_iGetXform
WidenPath
DeleteColorSpace
GetTextColor
CreatePatternBrush
UnrealizeObject
GetObjectType
DeleteDC
StrokePath
GetBkColor
GetPolyFillMode
GetROP2
GetFontLanguageInfo
GetColorSpace
GetClipBox
RealizePalette
CreateHalftonePalette

comdlg32

GetSaveFileNameA
GetOpenFileNameA
PrintDlgA

advapi32

RegSetValueA
RegQueryValueExW
RegQueryValueA
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyW
RegSetValueExA

shell32

DoEnvironmentSubstW
SHGetSpecialFolderPathW
ExtractAssociatedIconExA
DragQueryFileA
DragQueryFile
ShellExecuteW
DragAcceptFiles

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize

shlwapi

StrCmpNIW
StrCmpNW
StrRChrIW
StrChrW
StrRChrW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bee6d7aadd2ec1edd617703ad3260386

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 2KB - Virtual size: 1KB