d244810e46de0f1fffa950c189d35995_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d244810e46de0f1fffa950c189d35995_JaffaCakes118
Size

27KB
MD5

d244810e46de0f1fffa950c189d35995
SHA1

f05657c3ffb23862b1c9c0b319c1e41894541df8
SHA256

c28707cc99c6598144dd92a29d3073a50eee3683e0a805c2cd2a9eaf54b4f678
SHA512

b2549ab198eca6a22fbf42bf47960db13216c2b1096725640b04a6c8b1caa03e1d0f495b227ee18f5bb75bad6cc5dbbeb147cf72a2fb3ba8e04cb58be80ac67a
SSDEEP

384:4ItJGbE1kUyB1rrS1iJg3oaBSv9YE2g9ptyguQXvIDx+xIc:4IyBJSEOlQqEj9fygnXgAxT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d244810e46de0f1fffa950c189d35995_JaffaCakes118

Files

d244810e46de0f1fffa950c189d35995_JaffaCakes118
.exe windows:5 windows x86 arch:x86

22fe6798bba8cd2339306d53a140135e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FatalAppExitW
FindFirstFileExA
FindVolumeMountPointClose
GetACP
GetAtomNameW
GetBinaryTypeA
GetBinaryTypeW
GetCalendarInfoW
GetCommMask
GetCommModemStatus
GetCompressedFileSizeA
GetComputerNameA
GetComputerNameW
GetConsoleAliasesA
GetConsoleAliasesW
GetConsoleMode
GetCurrencyFormatA
GetEnvironmentVariableA
GetFileAttributesExW
GetFileSize
GetLocalTime
GetNumberOfConsoleMouseButtons
GetPrivateProfileIntA
GetProfileIntA
GetProfileStringA
GetShortPathNameA
GetStartupInfoW
GetSystemDefaultLangID
GetVersionExW
GetVolumeInformationA
GetVolumeInformationW
GetVolumeNameForVolumeMountPointA
GetVolumePathNameA
GetVolumePathNameW
GlobalGetAtomNameA
GlobalHandle
HeapValidate
IsBadWritePtr
IsProcessorFeaturePresent
IsValidCodePage
ExpandEnvironmentStringsW
LoadModule
LocalLock
MapUserPhysicalPages
MoveFileExA
OpenProcess
OutputDebugStringW
PurgeComm
ReadConsoleA
ReadConsoleOutputAttribute
ReplaceFile
SearchPathA
SetCalendarInfoW
SetCommBreak
SetCommTimeouts
SetConsoleDisplayMode
SetConsoleTextAttribute
SetConsoleTitleA
SetCriticalSectionSpinCount
SetCurrentDirectoryW
SetEnvironmentVariableW
SetErrorMode
SetProcessShutdownParameters
SetTimeZoneInformation
SignalObjectAndWait
SystemTimeToTzSpecificLocalTime
Toolhelp32ReadProcessMemory
TransactNamedPipe
TransmitCommChar
UnregisterWait
VirtualAllocEx
VirtualLock
VirtualProtect
WriteConsoleInputW
WriteConsoleOutputCharacterW
_hwrite
_lclose
lstrcat
lstrcpyW
EnumUILanguagesA
EnumSystemCodePagesW
EnumResourceNamesW
EnumResourceLanguagesW
DnsHostnameToComputerNameA
DeleteFileW
DefineDosDeviceA
VirtualAlloc
CreatePipe
CreateMutexW
CreateDirectoryExA
CopyFileExA
ConvertThreadToFiber
BuildCommDCBAndTimeoutsA
BeginUpdateResourceW
AddConsoleAliasA
LoadLibraryA
GetProcAddress
ExitProcess
GetWindowsDirectoryA
CreateFileA
LCMapStringA

user32

SetWindowTextA
SetWindowsHookA
SetWindowsHookExA
SwitchDesktop
TileWindows
ToAsciiEx
ToUnicode
TrackMouseEvent
VkKeyScanExA
WindowFromDC
keybd_event
AttachThreadInput
BeginDeferWindowPos
BeginPaint
BroadcastSystemMessageW
CallMsgFilter
CallMsgFilterW
ChangeDisplaySettingsExW
CharToOemA
CloseClipboard
CloseWindowStation
CopyImage
CreateDialogIndirectParamW
CreateIcon
CreateIconFromResourceEx
DdeConnect
DdeCreateDataHandle
DdeDisconnect
DdeFreeStringHandle
DdeGetData
DdeGetLastError
DdeInitializeW
DefDlgProcW
DefFrameProcA
DestroyAcceleratorTable
DlgDirListComboBoxA
DlgDirSelectComboBoxExW
DragDetect
DrawFrameControl
DrawIconEx
EnableScrollBar
EndPaint
EnumDisplaySettingsExA
EnumThreadWindows
FindWindowExA
FindWindowW
FlashWindow
FreeDDElParam
GetAltTabInfoA
GetCaretPos
GetClassInfoA
GetDialogBaseUnits
GetDlgItem
GetGUIThreadInfo
GetIconInfo
GetLastInputInfo
GetMenuStringA
GetNextDlgGroupItem
GetPriorityClipboardFormat
GetWindowTextA
HiliteMenuItem
IMPSetIMEW
IntersectRect
InvalidateRect
IsDialogMessage
IsDialogMessageA
IsWindowVisible
LoadMenuIndirectA
MapVirtualKeyW
MessageBoxExA
MessageBoxExW
ModifyMenuW
MonitorFromRect
MsgWaitForMultipleObjectsEx
OpenWindowStationA
PostMessageW
PostQuitMessage
PostThreadMessageW
RemovePropW
SendInput
SendMessageTimeoutW
SetCapture
SetClassLongA
SetClassWord
SetWindowLongW
SetWinEventHook
SetTimer
SetProcessWindowStation
SetProcessDefaultLayout
SetMenuDefaultItem
SetLastErrorEx
SetKeyboardState
SetDlgItemTextW
SetClipboardData

comdlg32

ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
GetFileTitleW
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
GetSaveFileNameW
PageSetupDlgA
PageSetupDlgW
PrintDlgA
PrintDlgExA
PrintDlgExW
PrintDlgW
ReplaceTextA
ReplaceTextW
ChooseColorA

shell32

ExtractIconW
ExtractIconExW
ExtractIconExA
ExtractAssociatedIconW
ExtractAssociatedIconExW
ExtractAssociatedIconExA
DuplicateIcon
DragFinish
DragAcceptFiles
DoEnvironmentSubstA
FindExecutableA
WOWShellExecute
Shell_NotifyIconW
Shell_NotifyIconA
Shell_NotifyIcon
ShellHookProc
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
ShellAboutW
ShellAboutA
SHQueryRecycleBinW
SHQueryRecycleBinA
SHPathPrepareForWriteW
SHPathPrepareForWriteA
SHGetSpecialFolderPathA
SHGetSettings
SHGetPathFromIDListW
SHGetPathFromIDList
SHGetMalloc
SHGetInstanceExplorer
SHGetIconOverlayIndexW
SHGetFolderPathW
SHGetFileInfoW
SHGetFileInfoA
SHGetFileInfo
SHGetDataFromIDListW
SHGetDataFromIDListA
SHFormatDrive
SHFileOperationA
SHFileOperation
SHEmptyRecycleBinW
SHEmptyRecycleBinA
SHCreateDirectoryExA
SHBrowseForFolderA
SHAppBarMessage
SHAddToRecentDocs
FindExecutableW

ole32

UtGetDvtd32Info
UtConvertDvtd32toDvtd16
StringFromCLSID
StgOpenStorage
StgCreatePropStg
SetConvertStg
STGMEDIUM_UserSize
STGMEDIUM_UserFree
ReleaseStgMedium
ReadFmtUserTypeStg
ReadClassStg
OpenOrCreateStream
OleSave
OleRegGetUserType
OleNoteObjectVisible
OleLoadFromStream
OleIsCurrentClipboard
OleGetIconOfClass
OleFlushClipboard
OleDraw
OleDoAutoConvert
OleCreateMenuDescriptor
OleCreateFromDataEx
OleCreate
OleConvertOLESTREAMToIStorage
MonikerRelativePathTo
IsAccelerator
IIDFromString
HWND_UserUnmarshal
HMETAFILE_UserUnmarshal
HMETAFILE_UserMarshal
HMETAFILE_UserFree
HMETAFILEPICT_UserUnmarshal
HMENU_UserMarshal
HICON_UserFree
HGLOBAL_UserUnmarshal
HGLOBAL_UserFree
HENHMETAFILE_UserMarshal
HENHMETAFILE_UserFree
HDC_UserSize
HBRUSH_UserMarshal
WdtpInterfacePointer_UserUnmarshal
HBITMAP_UserSize
HACCEL_UserSize
HACCEL_UserMarshal
GetHGlobalFromILockBytes
GetConvertStg
GetClassFile
FreePropVariantArray
DcomChannelSetHResult
CreateStreamOnHGlobal
CreateGenericComposite
CreateAntiMoniker
CoWaitForMultipleHandles
CoUnloadingWOW
CoTaskMemFree
CoSuspendClassObjects
CoSetProxyBlanket
CoSetCancelObject
CoRevokeMallocSpy
CoRevokeClassObject
CoRevertToSelf
CoResumeClassObjects
CoRegisterClassObject
CoRegisterChannelHook
CoReactivateObject
CoQueryReleaseObject
CoQueryAuthenticationServices
CoLockObjectExternal
CoIsOle1Class
CoIsHandlerConnected
CoInitializeEx
CoGetTreatAsClass
CoGetStandardMarshal
CoGetInterfaceAndReleaseStream
CoEnableCallCancellation
CoDisconnectObject
CoDeactivateObject
CoCreateInstance
CoCreateGuid
CoBuildVersion
CLSIDFromProgID
CLIPFORMAT_UserSize
HBRUSH_UserFree

oleaut32

VarR4FromR8
VarR4FromI1
VarR4FromBool
VarR4CmpR8
VarOr
VarNeg
VarI4FromR4
VarI4FromDisp
VarI4FromDec
VarI4FromDate
VarI4FromBool
VarI2FromR4
VarI2FromI4
VarI2FromI1
VarI2FromDisp
VarI1FromUI4
VarI1FromR8
VarI1FromI2
VarFormatNumber
VarFormatFromTokens
VarDecFromDate
VarDecCmp
VarDateFromUdateEx
VarDateFromUI4
VarDateFromUI2
VarDateFromUI1
VarDateFromStr
VarDateFromR4
VarDateFromI2
VarDateFromDec
VarCySu
VarCyNeg
VarCyInt
VarCyFromR4
VarCyFromI2
VarCyFromBool
VarBstrFromI4
VarBstrFromI1
VarBstrCmp
VarBstrCat
VarBoolFromCy
VarAdd
VARIANT_UserFree
SysStringLen
SysAllocStringLen
SysAllocString
SafeArraySetIID
SafeArrayPutElement
SafeArrayGetDim
SafeArrayAllocDescriptorEx
SafeArrayAllocData
RegisterTypeLi
RegisterActiveObject
OleSavePictureFile
OleLoadPictureFileEx
OleLoadPictureFile
LHashValOfNameSysA
DosDateTimeToVariantTime
CreateErrorInfo
BSTR_UserSize
BSTR_UserFree
VariantCopy
VariantClear
VariantChangeType
VarUdateFromDate
VarUI4FromUI1
VarUI4FromR4
VarUI2FromR8
VarUI2FromR4
VarUI2FromI4
VarUI2FromI2
VarUI2FromDec
VarR4FromUI4
VarR8FromDec
VarR8FromI1
VarR8FromI2
VarR8FromR4
VarRound
VarUI1FromBool
VarUI1FromI1
VarUI1FromI2
VarUI4FromI4

shlwapi

StrChrW
StrCmpNA
StrCmpNIA
StrCmpNIW
StrCmpNW
StrRChrIA
StrRChrIW
StrRChrW
StrStrIW
StrStrW
StrChrIW

msvcrt

memcpy

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22fe6798bba8cd2339306d53a140135e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

shell32

ole32

oleaut32

shlwapi

msvcrt

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 208B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 208B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB