d35d21b8f56c2eeef2e6bf7f28a20ba6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d35d21b8f56c2eeef2e6bf7f28a20ba6_JaffaCakes118
Size

359KB
MD5

d35d21b8f56c2eeef2e6bf7f28a20ba6
SHA1

22d791042b9cffcdb049e0935727b62929b09ccc
SHA256

dcd910af2f8052343c2476c719470dfddd337f47322f5658baf5cea1c010401c
SHA512

87b755d55971f704ab70794f83f42c8631c2f9edebf451596914cb6c04654b98f44a7611432bb4114675836615146cbf2ae2dbe542079e158b9c796bd2236cc4
SSDEEP

6144:S/sAHi5CAb5/DbtdKbgYZQjiDRbkfySeDBTtkAN0JtJ+Jt2Ai2QTugRlp:hai8K/XKxZQw2ySMQz+OK8p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d35d21b8f56c2eeef2e6bf7f28a20ba6_JaffaCakes118

Files

d35d21b8f56c2eeef2e6bf7f28a20ba6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2a2b8a1305f7546dcc09bf9fc21b714d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BackupSeek
LocalSize
GetACP
SetStdHandle
SetHandleInformation
GetTimeFormatA
GetProcessTimes
SetEnvironmentVariableW
FlushFileBuffers
GetCurrencyFormatW
lstrlenA
FindFirstChangeNotificationA
GetSystemDirectoryW
GetLogicalDriveStringsA
GetStringTypeW
PurgeComm
SetConsoleCursorPosition
lstrcatW
GetCurrentProcess
GetProcessHeaps
CreateEventA
HeapDestroy
FoldStringA
CancelIo
FindNextFileA
WriteFileEx
MoveFileExW
FatalExit
PulseEvent
FindCloseChangeNotification
CreateIoCompletionPort
EnumSystemLocalesW
EnumDateFormatsW
CreateSemaphoreW
GlobalWire
OpenSemaphoreA
SetUnhandledExceptionFilter
Module32Next
WaitNamedPipeW
IsValidLocale
HeapUnlock
GetProfileIntW
ReadFileScatter
GlobalFindAtomW
WriteConsoleOutputCharacterA
GetTimeFormatW
CreateFileW
BuildCommDCBAndTimeoutsA
GetCommProperties
SearchPathW
LocalCompact
PeekNamedPipe
BuildCommDCBW
FillConsoleOutputAttribute
ResetEvent
DefineDosDeviceA
Toolhelp32ReadProcessMemory
UpdateResourceA
ClearCommBreak
FoldStringW
GetShortPathNameW
GetEnvironmentStrings
GlobalUnWire
GetLogicalDriveStringsW
GetStringTypeExA
GetUserDefaultLangID
FormatMessageW
GetDefaultCommConfigW
WriteProfileStringW
IsBadHugeWritePtr
PrepareTape
GetCommTimeouts
GetSystemDefaultLangID
LeaveCriticalSection
OpenEventA
ReadConsoleInputW
GetTempPathW
SetEvent
SetConsoleCursorInfo
IsBadWritePtr
VirtualProtect
GlobalReAlloc
SetConsoleWindowInfo
GetStringTypeA
GetVolumeInformationA
WriteProcessMemory
CreateFileA
CreateTapePartition
RequestDeviceWakeup
GetOverlappedResult
SetEnvironmentVariableA
GetVersion
GetFileType
GetNumberOfConsoleInputEvents
WriteConsoleInputA
GetConsoleScreenBufferInfo
WaitCommEvent
Thread32Next
CreatePipe
EndUpdateResourceW
HeapWalk
OpenFileMappingW
SetCalendarInfoA
GetProcessAffinityMask
lstrcmpW
GetEnvironmentVariableW
WaitForSingleObject
OpenSemaphoreW
WritePrivateProfileStructA
GetModuleHandleA
GetFileAttributesW
SetFileAttributesA
FreeEnvironmentStringsW
DisableThreadLibraryCalls
GetSystemInfo
FindClose
CreateMailslotW
GetProcessHeap
_hwrite
CreateConsoleScreenBuffer
SetConsoleScreenBufferSize
lstrcatA
MapViewOfFile
GetLargestConsoleWindowSize
WriteFile
LocalUnlock
UpdateResourceW
SetFileApisToOEM
GetLocaleInfoW
FlushInstructionCache
LocalShrink
SetThreadLocale
SetCommTimeouts
_lopen
GetTapeParameters
IsBadStringPtrW
GetFileAttributesExW
GetCurrentDirectoryW
SetThreadContext
PostQueuedCompletionStatus
GlobalUnlock
EnumResourceLanguagesW
WriteProfileStringA
SetErrorMode
GetExitCodeThread
WriteConsoleOutputAttribute
DeleteFileW
WriteConsoleOutputW
SetSystemTimeAdjustment
ScrollConsoleScreenBufferA
lstrcpynA
InterlockedCompareExchange
CreateProcessW
FreeEnvironmentStringsA
GetComputerNameW
SetCurrentDirectoryA
GetNamedPipeHandleStateW
Sleep
WaitForMultipleObjects
GetPrivateProfileIntA
GetProcessShutdownParameters
SetSystemPowerState
InterlockedDecrement
DuplicateHandle
IsProcessorFeaturePresent
SetConsoleCtrlHandler
GetCompressedFileSizeW
GlobalDeleteAtom
GetProfileStringA
CreateDirectoryExW
RequestWakeupLatency
GetCurrentThread
ReadConsoleInputA
lstrcpyA
SetThreadPriorityBoost
FileTimeToLocalFileTime
lstrcmpiW
SetTapePosition
ContinueDebugEvent
VerLanguageNameA
_lcreat
Module32First
SetFilePointer
GlobalUnfix
LoadLibraryExA
SetLastError
GetAtomNameA
GetFileAttributesExA
GetFullPathNameW
RemoveDirectoryW
ExitProcess
GetCurrentDirectoryA
SuspendThread
GetStartupInfoA
CreateDirectoryA
GetDiskFreeSpaceExW
GetPrivateProfileStructA
VerLanguageNameW
GetLocaleInfoA
ClearCommError
GetPrivateProfileIntW
LocalFree
GetBinaryTypeA
GetFileInformationByHandle
GetConsoleCursorInfo
WritePrivateProfileStructW
LoadModule
Beep
GetStartupInfoW
PeekConsoleInputA
GetTimeZoneInformation
SizeofResource
SetProcessPriorityBoost
WaitForMultipleObjectsEx
GlobalFix
VirtualAlloc
Thread32First
TransactNamedPipe
_hread
EnumDateFormatsA
CompareStringW
CreateNamedPipeW
GetTapeStatus
GetVersionExA
SetComputerNameA

user32

IntersectRect
DefMDIChildProcW
wvsprintfW
SetMenuItemInfoW
DestroyCaret
TranslateMessage
SetCaretBlinkTime
CharLowerBuffW
DialogBoxIndirectParamA
GetKeyNameTextA
GetMenuItemRect
GetClassLongW
UnhookWindowsHook
GetWindowLongW
SetWindowPlacement
CreateDialogParamA
OpenClipboard
OpenDesktopW
GetFocus
IsCharAlphaNumericA
CreateDialogIndirectParamA
MsgWaitForMultipleObjects
LoadStringW
UnregisterClassA
CreateIconFromResource
SetPropA
LookupIconIdFromDirectory
MapVirtualKeyW
GrayStringA
RegisterClassExA
DlgDirListComboBoxW
RegisterClassA
GetDC
DestroyIcon
LoadMenuA
CreateWindowStationA
DestroyWindow
GetUpdateRgn
SetWindowTextW
FindWindowA
GetWindowWord
GetKeyboardLayoutNameA
GetSysColorBrush
BeginDeferWindowPos
GetPropW
DlgDirListComboBoxA
SetMenuItemInfoA
CreateMDIWindowW
EnumDisplaySettingsA
LoadCursorW
EnableScrollBar
CharNextW
IsDialogMessageA
DrawIcon
TrackPopupMenu
GetClassInfoA
DlgDirSelectExW
DlgDirSelectExA
CopyImage
ChildWindowFromPoint
OpenWindowStationA
CharLowerW
EnumClipboardFormats
OpenInputDesktop
SetCursor
SetDlgItemTextW
CharToOemBuffW
GetDlgItem
InsertMenuW
CopyAcceleratorTableA
CharLowerA
ToUnicodeEx
DialogBoxParamW
EnableWindow
OpenDesktopA
CharNextExA
GetDlgItemTextA
EnumPropsA
EmptyClipboard
DialogBoxParamA
RemovePropA
LoadCursorFromFileW
DlgDirListA
EndPaint
ChangeClipboardChain
GetShellWindow
UpdateWindow
SetWindowsHookA
DrawTextW
EnumPropsExA
GetUserObjectInformationW
EnumPropsW
AnyPopup
CreateIconIndirect
GetMenuContextHelpId
ChangeDisplaySettingsExW
GetClipboardFormatNameA
EnableMenuItem
SetWindowLongW
GetMenuItemCount
FindWindowExW
EnumWindows
AppendMenuA
GetMessagePos
TranslateAcceleratorA
ShowCaret
SetClassLongA
GetProcessWindowStation
MsgWaitForMultipleObjectsEx
GetClipboardViewer
GetNextDlgTabItem
DrawStateW
VkKeyScanExA
SetScrollInfo
GetMenu
MessageBoxA
CallWindowProcA
ShowOwnedPopups
InsertMenuItemW
GetAsyncKeyState
TrackPopupMenuEx
RegisterWindowMessageW
LoadKeyboardLayoutW
GetWindowTextLengthW
GetMenuDefaultItem
HiliteMenuItem
SetLastErrorEx
ModifyMenuW
IsWindowEnabled
SetPropW
SendDlgItemMessageW
ModifyMenuA
LoadMenuIndirectW
PtInRect
GetMessageW
CreateDesktopA
mouse_event
GetInputState
BringWindowToTop
CreateMenu
IsRectEmpty
GetParent
GetDesktopWindow
ScrollDC
GetClassInfoExA
SwitchToThisWindow
UnionRect
SetMenuDefaultItem
GetCaretPos
GetClassWord
GetKeyboardState
ActivateKeyboardLayout
SetWindowPos
CharUpperW
InvalidateRgn
DeleteMenu
DragDetect
RemovePropW
ClientToScreen
CharPrevExA
CreateWindowExW
GetMessageExtraInfo
CharPrevW
GetTabbedTextExtentW
SetMessageExtraInfo
InvalidateRect
ShowWindowAsync
MessageBoxExW
MessageBoxIndirectW
CallMsgFilterA
GetScrollInfo
PostMessageA
GetMenuStringW
ShowScrollBar
IsCharLowerA
CreateAcceleratorTableA
PostQuitMessage
TabbedTextOutA
ReleaseCapture
OpenWindowStationW
BeginPaint
DefFrameProcA

gdi32

GetPath
GetCharWidth32A
CreateFontIndirectW
PlgBlt
GetTextCharsetInfo
Polyline
SetStretchBltMode
UpdateICMRegKeyA
MaskBlt
CloseEnhMetaFile
CreatePen
OffsetRgn
GetTextFaceW
GetTextCharacterExtra
SetTextCharacterExtra
SetPolyFillMode
PtVisible
GetCharacterPlacementA
CombineTransform
EnumICMProfilesW
FrameRgn
ModifyWorldTransform
ResetDCW
RectInRegion
GetBrushOrgEx
OffsetViewportOrgEx
GetGlyphOutlineA
SetWindowOrgEx
CopyMetaFileA
Ellipse
GdiComment
BitBlt
GetPolyFillMode
FixBrushOrgEx
GetObjectA
SetArcDirection
CloseMetaFile
GetStretchBltMode
PlayEnhMetaFile
AbortDoc
CancelDC
GetRandomRgn
CreateDIBSection
ExtCreateRegion
CreateDIBPatternBrush
SetBrushOrgEx
CopyEnhMetaFileA
CreateBrushIndirect
CreateFontW
SetColorAdjustment
GetCharacterPlacementW
CreateEnhMetaFileA
GetCharWidthW
SelectClipRgn
BeginPath
CreatePolyPolygonRgn
EndPath
GetViewportOrgEx
SetSystemPaletteUse
GetCharWidthA
GetWorldTransform
CreatePatternBrush
GetGlyphOutlineW
GetDeviceGammaRamp
CreatePalette
GetNearestColor
GetRegionData
PlayMetaFile
Rectangle
GetKerningPairsA
EndDoc
FloodFill
SetDIBits
SetTextColor
SetEnhMetaFileBits
ExcludeClipRect
OffsetWindowOrgEx
CreateRectRgnIndirect
SetDeviceGammaRamp
CopyMetaFileW
SetMapperFlags
SetRectRgn
StrokePath
ExtEscape
InvertRgn
CreateBitmapIndirect
CreateICW
SetBoundsRect
DeleteColorSpace
GetEnhMetaFileA
GetClipBox
SwapBuffers
OffsetClipRgn
SetViewportExtEx
GetWindowExtEx
SetICMProfileW
SetViewportOrgEx
GetTextExtentPoint32A
ResizePalette
SetWindowExtEx
GetEnhMetaFileDescriptionA
GetEnhMetaFilePaletteEntries
TranslateCharsetInfo
ExtCreatePen
StartPage
EnumObjects
GetCurrentPositionEx
GetDCOrgEx
CreateColorSpaceW
GetKerningPairsW
WidenPath
ScaleWindowExtEx
GetObjectType
ArcTo
PolyPolyline
UpdateICMRegKeyW

comdlg32

FindTextW
PageSetupDlgA
ChooseColorW
ChooseFontW
ChooseFontA
FindTextA
PrintDlgW

advapi32

ObjectDeleteAuditAlarmA
LookupSecurityDescriptorPartsA
OpenBackupEventLogW
SetSecurityDescriptorSacl
LookupPrivilegeValueA
InitializeSid
BuildExplicitAccessWithNameW
RegQueryValueExW
SetTokenInformation
OpenServiceA
GetKernelObjectSecurity
GetSecurityDescriptorGroup
OpenSCManagerW
RegQueryInfoKeyA
InitializeSecurityDescriptor
IsValidSid
RegOpenKeyW
RegCreateKeyA
InitiateSystemShutdownA
SetSecurityDescriptorOwner
DeleteAce
LookupPrivilegeDisplayNameA
ReadEventLogA
IsValidAcl
CryptSetKeyParam
BuildTrusteeWithNameW
GetAuditedPermissionsFromAclW
GetUserNameA
RegEnumKeyW
GetAce
CryptEnumProviderTypesW
RegDeleteKeyW
GetAuditedPermissionsFromAclA
GetServiceKeyNameA
CryptEncrypt
ObjectDeleteAuditAlarmW
MakeSelfRelativeSD
ImpersonateSelf
GetSidSubAuthority
GetSidLengthRequired
CryptDecrypt
CreatePrivateObjectSecurity
SetEntriesInAclW
QueryServiceConfigA
RegOpenKeyExA
CryptGetKeyParam
RegUnLoadKeyA
CryptContextAddRef
IsValidSecurityDescriptor
ObjectCloseAuditAlarmA
CryptEnumProvidersA
GetServiceDisplayNameW
StartServiceCtrlDispatcherA
RegUnLoadKeyW
AdjustTokenPrivileges
RegQueryMultipleValuesW
CryptEnumProviderTypesA
FindFirstFreeAce
ChangeServiceConfigW
RegSetValueW
ChangeServiceConfigA
RegRestoreKeyA
CryptCreateHash
BuildSecurityDescriptorW
InitializeAcl
RegCloseKey
BuildImpersonateExplicitAccessWithNameW
GetFileSecurityA
CryptSetProviderA
OpenBackupEventLogA
SetFileSecurityW
BuildExplicitAccessWithNameA
RegEnumKeyExW
OpenServiceW
GetSecurityDescriptorLength
GetMultipleTrusteeOperationW
SetServiceBits
LookupPrivilegeNameA
LookupAccountNameA
EnumServicesStatusA
PrivilegeCheck
BuildImpersonateExplicitAccessWithNameA
QueryServiceLockStatusA
CopySid
LookupSecurityDescriptorPartsW
GetMultipleTrusteeW
NotifyChangeEventLog
CloseEventLog
QueryServiceConfigW
ClearEventLogA
OpenProcessToken
SetServiceObjectSecurity
AccessCheck
DestroyPrivateObjectSecurity
RegSetValueExA
RegDeleteKeyA
CryptSetProviderExA
BuildTrusteeWithNameA
LookupAccountNameW
GetServiceKeyNameW
RegisterServiceCtrlHandlerW
RegCreateKeyExA

shell32

DragQueryFileW
SHBrowseForFolderA
DragQueryPoint
DoEnvironmentSubstW
SHAddToRecentDocs
SHChangeNotify
SHGetFileInfoA
SHBrowseForFolderW
DragFinish
SHQueryRecycleBinW
ExtractIconExA
SHGetSpecialFolderPathA
ExtractIconW
Shell_NotifyIconA
SHGetFileInfoW
SHEmptyRecycleBinW
SHGetSpecialFolderLocation
SHEmptyRecycleBinA
ShellAboutW
ExtractAssociatedIconExA
ShellAboutA
SHInvokePrinterCommandA
ShellExecuteW

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__set_app_type
_except_handler3
_controlfp
__p__fmode

Sections

.text
Size: 283KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

b9z0n7i1
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

992eu9i0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a2b8a1305f7546dcc09bf9fc21b714d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

msvcrt

Sections

.text Size: 283KB - Virtual size: 284KB

.rdata Size: 18KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 8KB

b9z0n7i1 Size: 45KB - Virtual size: 48KB

992eu9i0 Size: 4KB - Virtual size: 4KB

.text
Size: 283KB - Virtual size: 284KB

.rdata
Size: 18KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 8KB

b9z0n7i1
Size: 45KB - Virtual size: 48KB

992eu9i0
Size: 4KB - Virtual size: 4KB