d9e3d2bb0e8ae5d44166ddc89b70beae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d9e3d2bb0e8ae5d44166ddc89b70beae_JaffaCakes118
Size

560KB
MD5

d9e3d2bb0e8ae5d44166ddc89b70beae
SHA1

4bd789db3218921b6e76761fd397e4cc1a15701b
SHA256

961e3d9c9c4f27ad0eb1961a3fc38b19e5149a1b9017db64f5c5efd3bc41be78
SHA512

336290fbb644f7fa45f42c02b62d4011309786be2b9d1f3ce0597b373d1130b54c14e62c6c1b57894ca36ee8f9b40afeafee171dbf2f0a3dfd8940fe511799e1
SSDEEP

12288:VjMMnMMMMMkEeS1cjN41WB8kh1mBQknjlmf3lfbARK:VjMMnMMMMMlHASWBlXmBQkjifbOK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9e3d2bb0e8ae5d44166ddc89b70beae_JaffaCakes118

Files

d9e3d2bb0e8ae5d44166ddc89b70beae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d58688e8eb5183035bbdb836e534124f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAConnect
WSAAccept

ole32

CoLockObjectExternal
RevokeDragDrop
OleSetMenuDescriptor
OleSave
OleIsRunning
CLSIDFromString
WriteClassStg
BindMoniker
CoGetClassObject
CoRegisterClassObject
CoGetMalloc
OleCreateLinkFromData
StgOpenStorageOnILockBytes
OleUninitialize
MkParseDisplayName
CoIsOle1Class
CoFreeUnusedLibraries
StringFromGUID2
CoCreateInstance
IsAccelerator
OleGetIconOfClass
OleLoadFromStream
ReleaseStgMedium
OleDoAutoConvert
OleInitialize
CoDisconnectObject
OleConvertOLESTREAMToIStorage
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgIsStorageILockBytes
CLSIDFromProgID
CreateBindCtx
CoMarshalInterface
CreateStreamOnHGlobal
OleQueryLinkFromData
OleSaveToStream
CreateDataAdviseHolder
OleRegGetUserType
OleSetClipboard
OleDuplicateData
OleConvertIStorageToOLESTREAM
OleQueryCreateFromData
OleLoad
CoUnmarshalInterface
OleIsCurrentClipboard
OleGetClipboard
OleCreateLinkToFile
IIDFromString
GetClassFile
ReadClassStg
OleLockRunning
OleCreateFromFile
ProgIDFromCLSID
OleFlushClipboard
DoDragDrop
OleDestroyMenuDescriptor
CoRevokeClassObject
OleCreateMenuDescriptor
CreateOleAdviseHolder
OleCreateLink
OleTranslateAccelerator
StringFromCLSID
OleCreateFromData
OleGetAutoConvert
StgCreateDocfile
OleRun
RegisterDragDrop
ReadClassStm
CreateILockBytesOnHGlobal
StgOpenStorage

kernel32

GetCurrentDirectoryA
VirtualQuery
VirtualProtect
SetErrorMode
IsBadCodePtr
GetDriveTypeA
GetProcAddress
GetCurrentThreadId
ReleaseSemaphore
FreeEnvironmentStringsA
HeapFree
Sleep
CreateFileA
GlobalReAlloc
VirtualFree
UnhandledExceptionFilter
SizeofResource
_lread
InitializeCriticalSection
IsDBCSLeadByte
GetExitCodeProcess
GetShortPathNameA
TlsAlloc
InterlockedIncrement
SetStdHandle
GetTempPathA
LCMapStringW
HeapAlloc
LoadLibraryA
TlsFree
FormatMessageA
GetEnvironmentStringsW
VirtualAlloc
CreateSemaphoreA
FindNextFileA
WinExec
LeaveCriticalSection
UnlockFile
GetStartupInfoA
GetStringTypeA
HeapReAlloc
lstrcmpiW
GetCPInfo
WriteFile
GetFileTime
SetFilePointer
FlushFileBuffers
lstrcmpA
DuplicateHandle
MoveFileA
GetFileAttributesA
HeapDestroy
GetModuleHandleA
ResumeThread
LCMapStringA
GetTempFileNameA
GlobalAddAtomA
lstrcpyA
GlobalDeleteAtom
GetProfileStringA
SetEndOfFile
GlobalFree
TlsSetValue
GetUserDefaultLangID
GetFileType
FlushInstructionCache
GetVersion
SearchPathA
FileTimeToLocalFileTime
FormatMessageW
ExitThread
SetHandleCount
GetDateFormatA
GetModuleFileNameW
ReadFile
GetVolumeInformationA
GetUserDefaultLCID
GetCommandLineA
HeapCreate
TlsGetValue
CloseHandle
GlobalLock
RemoveDirectoryA
MultiByteToWideChar
GlobalUnlock
GetVersionExA
GetFullPathNameA
LockFile
IsBadReadPtr
lstrcmpiA
GetOEMCP
CreateProcessA
FileTimeToSystemTime
CompareStringA
GetModuleFileNameA
RtlUnwind
WideCharToMultiByte
GetCurrentProcessId
CompareStringW
SetFileAttributesA
FindClose
SetFileTime
CreateProcessW
GetSystemDefaultLangID
LockResource
SetEnvironmentVariableA
GlobalSize
FindResourceA
_lclose
FreeEnvironmentStringsW
ExitProcess
GetStringTypeExA
_lwrite
GetCurrentProcess
SetCurrentDirectoryA
WaitForSingleObject
FindFirstFileA
_llseek
GetStdHandle
SetEvent
GetSystemDefaultLCID
GetLocaleInfoA
lstrlenA
GetLocalTime
ResetEvent
lstrcatA
GetTimeZoneInformation
DeleteCriticalSection
lstrcpynA
GetEnvironmentStrings
GetStringTypeW
GlobalAlloc
GetSystemInfo
GetTickCount
TerminateProcess
GetWindowsDirectoryA
SystemTimeToFileTime
GetACP
HeapSize
GlobalHandle
SetLocalTime
FreeResource
EnterCriticalSection
CreateDirectoryA
LoadResource
CreateThread
GetSystemTime
DeleteFileA
GetSystemDirectoryA
LoadLibraryExA
MulDiv
CreateEventA
SetLastError
FreeLibrary
RaiseException
GetLastError
InterlockedDecrement

olecli32

OleEqual

user32

DeleteMenu
GetParent
ReleaseCapture
DdeQueryStringA
IsCharAlphaA
SetParent
SetWindowPos
FillRect
MsgWaitForMultipleObjects
SetFocus
DefMDIChildProcA
DdeGetLastError
wsprintfA
CharUpperA
GetCursor
GetScrollInfo
TranslateMDISysAccel
VkKeyScanA
DdeCreateDataHandle
MapWindowPoints
CreateCursor
OemToCharA
DdeFreeStringHandle
SubtractRect
DdeCmpStringHandles
UnregisterClassA
IsChild
EnableWindow
WindowFromPoint
GetActiveWindow
ModifyMenuA
CreateIcon
IsRectEmpty
GetIconInfo
PostThreadMessageA
DestroyAcceleratorTable
CharToOemA
GetFocus
GetForegroundWindow
SetClipboardData
GetQueueStatus
keybd_event
LoadIconA
GetMessageTime
GetMessagePos
ReleaseDC
DdeNameService
ShowScrollBar
UnhookWindowsHookEx
SetForegroundWindow
CreateWindowExA
DrawFocusRect
EnumThreadWindows
DdeConnect
FindWindowA
DdeQueryConvInfo
GetSysColor
GetClassInfoA
ShowCaret
KillTimer
TranslateMessage
GetMenuItemID
SetWindowRgn
GetKeyboardLayout
EmptyClipboard
GetWindowDC
SetMenuDefaultItem
GetClientRect
GetUpdateRect
ShowWindow
SendMessageA
SetCursorPos
GetDC
DdeInitializeA
AdjustWindowRect
MessageBeep
MessageBoxIndirectA
GetCaretPos
DdePostAdvise
EndDialog
SetMenu
SetWindowTextA
CreateDialogParamA
FrameRect
IsZoomed
IsIconic
DestroyMenu
ToAscii
DestroyIcon
GetWindowTextLengthA
SetCapture
GetClipboardFormatNameA
CopyRect
SetTimer
GetMenuItemInfoA
DefFrameProcA
ShowCursor
SetCaretPos
CreateAcceleratorTableA
DdeCreateStringHandleA
RegisterClassExA
CharUpperBuffA
SetScrollRange
TrackPopupMenu
SetDlgItemTextA
CharLowerBuffW
PeekMessageA
WaitMessage
GetSystemMenu
DispatchMessageA
GetWindow
UpdateWindow
FindWindowW
SetWindowsHookExA
SetKeyboardState
GetDoubleClickTime
CallNextHookEx
ScreenToClient
DrawFrameControl
LoadAcceleratorsA
SetWindowContextHelpId
DdeAbandonTransaction
InvalidateRgn
GetMenuItemCount
CreateCaret
IntersectRect
DestroyCursor
BeginDeferWindowPos
GetUpdateRgn
GetTabbedTextExtentA
CheckMenuItem
IsWindowEnabled
GetSubMenu
OpenClipboard
GetMenu
LoadCursorA
DestroyCaret
DeferWindowPos
LoadBitmapA
WaitForInputIdle
SetScrollPos
GetDCEx
OffsetRect
AdjustWindowRectEx
InsertMenuA
GetWindowTextA
GetKeyboardState
GetClipboardData
RegisterClassA
DdeSetUserHandle
DdeGetData
IsWindow
GetKeyState
CreatePopupMenu
DdeClientTransaction
PostMessageA
SetScrollInfo
BringWindowToTop
PostMessageW
EndPaint
CopyAcceleratorTableA
GetSystemMetrics
GetMenuStringA
WinHelpA
DdeDisconnect
AppendMenuA
CharLowerA
GetWindowThreadProcessId
DdeUninitialize
GetAsyncKeyState
DefWindowProcA
DrawTextA
GetWindowRect
GetWindowLongA
CharLowerBuffA
SetPropA
VkKeyScanW
EndDeferWindowPos
CharUpperBuffW
CallWindowProcA
GetMenuState
SetWindowsHookExW
LockWindowUpdate
EnableMenuItem
RemoveMenu
GetLastActivePopup
IsWindowVisible
DrawIcon
GetScrollPos
TabbedTextOutA
SystemParametersInfoA
DestroyWindow
LoadStringA
SetCursor
PeekMessageW
BeginPaint
GetClassNameA
DialogBoxParamA
SetRect
ClientToScreen
PtInRect
InvalidateRect
EqualRect
ClipCursor
DrawMenuBar
CharPrevA
HideCaret
GetWindowRgn
SetMenuItemInfoA
MessageBoxA
CloseClipboard
AttachThreadInput
DdeFreeDataHandle
GetDesktopWindow
RemovePropA
PostQuitMessage
GetPropA
SendDlgItemMessageA
GetCapture
IsDialogMessageA
LoadImageA
CharToOemBuffA
EnumClipboardFormats
RegisterClipboardFormatA
MoveWindow
GetDlgItem
CharNextA
GetClassInfoExA
SetActiveWindow
GetCursorPos
IsClipboardFormatAvailable
GetCaretBlinkTime
CreateMenu
InflateRect
SetWindowLongA

ddraw

DirectDrawEnumerateA

advapi32

RegEnumKeyW
RegQueryInfoKeyA
RegCreateKeyA
RegEnumValueW
RegDeleteKeyA
LookupPrivilegeValueA
RegEnumValueA
InitializeSecurityDescriptor
DeregisterEventSource
RegDeleteKeyW
ReportEventA
AdjustTokenPrivileges
RegisterEventSourceA
RegOpenKeyW
RegOpenKeyExA
RegCloseKey
RegSetValueA
RegSetValueExA
RegDeleteValueW
RegQueryValueA
RegSetValueExW
RegQueryValueExA
RegDeleteValueA
OpenProcessToken
SetSecurityDescriptorDacl
RegEnumKeyA
RegOpenKeyA
RegCreateKeyW
RegQueryValueExW

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 520KB - Virtual size: 517KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d58688e8eb5183035bbdb836e534124f

Headers

File Characteristics

Imports

ws2_32

ole32

kernel32

olecli32

user32

ddraw

advapi32

Sections

.text Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 2.0MB

.idata Size: 16KB - Virtual size: 12KB

.rsrc Size: 520KB - Virtual size: 517KB

.rdata Size: 8KB - Virtual size: 5KB

.text
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 2.0MB

.idata
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 520KB - Virtual size: 517KB

.rdata
Size: 8KB - Virtual size: 5KB