dfec8946fc372fe838c7776eecf918e1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dfec8946fc372fe838c7776eecf918e1_JaffaCakes118
Size

953KB
MD5

dfec8946fc372fe838c7776eecf918e1
SHA1

fe429d75f98a8136b28550dd4be45f305650f27b
SHA256

9b1d23ee3a219d7be969014ecd729fe2ce06abf31b2e154fa386e8d14c9dc536
SHA512

eb5227ced586d434b1320e879671a0e880beb4280e68218aac260a94666a0ed649f7a7a61bafbb78e4a4ed21344a30bcb045cabbc0d3f1a89a6dd14781acb397
SSDEEP

12288:5Qs7WgPJtNHVBpDTmun+FfrL0cJGSKzdoj:5bWgh3HVvDXn+RnJdKz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfec8946fc372fe838c7776eecf918e1_JaffaCakes118

Files

dfec8946fc372fe838c7776eecf918e1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8a301388cbc9f400767c81e56c031038

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
SizeofResource
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpW
lstrcmpiW
LoadLibraryW
SetUnhandledExceptionFilter
SetLastError
SetFilePointer
SetEvent
SearchPathW
ReadFile
RaiseException
QueryPerformanceCounter
OutputDebugStringA
MultiByteToWideChar
MapViewOfFile
LockResource
LocalFree
LocalAlloc
LoadResource
LoadLibraryExW
LeaveCriticalSection
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapSetInformation
HeapFree
HeapAlloc
GetVersionExW
GetVersionExA
GetUserDefaultUILanguage
GetTimeFormatW
GetTempPathW
GetSystemTimeAsFileTime
GetSystemTime
GetSystemDirectoryW
GetSystemDefaultUILanguage
GetProcAddress
GetModuleFileNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileSize
GetFileAttributesW
GetFileAttributesExW
GetDateFormatW
GetCurrentThreadId
GetCurrentProcess
GetCurrentDirectoryW
GetCommandLineW
GetACP
FreeLibrary
FormatMessageW
FindResourceW
FindResourceExW
FindNextFileW
FindFirstFileW
FindClose
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
EnterCriticalSection
DeviceIoControl
DeleteFileW
DeleteCriticalSection
DebugBreak
CreateThread
CreateProcessW
CreateFileW
CreateFileMappingW
CreateEventW
CreateDirectoryW
CompareStringW
CloseHandle
GetFileAttributesA
VirtualAllocEx
GetProcessHeap
GetModuleHandleW
LoadLibraryA
GlobalAlloc
GetCurrentProcessId
GetDriveTypeW
GetVersion
Sleep
GetStartupInfoA
GetTickCount
GetModuleHandleA
lstrlenW
VerifyVersionInfoW

user32

ShowWindow
ShowWindowAsync
SystemParametersInfoA
SystemParametersInfoW
TranslateAcceleratorW
TranslateMessage
UnregisterClassA
UnregisterClassW
SetWindowTextW
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetRect
SetForegroundWindow
SetFocus
SetDlgItemTextW
SetCursor
SendMessageW
SendDlgItemMessageW
ScreenToClient
ReleaseDC
RegisterClassW
RegisterClassExW
RedrawWindow
PtInRect
PostThreadMessageW
PostQuitMessage
PostMessageW
OffsetRect
MoveWindow
MonitorFromWindow
ModifyMenuW
MessageBoxW
MapWindowPoints
MapDialogRect
LockWindowUpdate
LoadStringW
LoadImageW
LoadCursorW
LoadAcceleratorsW
KillTimer
IsZoomed
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDlgButtonChecked
IsDialogMessageW
IsChild
InvalidateRect
IntersectRect
InsertMenuW
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetWindow
GetSystemMenu
GetMonitorInfoW
GetMessageW
GetMenu
GetFocus
GetDlgItemTextW
GetDlgItem
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassInfoW
GetClassInfoExW
FillRect
EqualRect
EnumDisplayMonitors
EndPaint
EndDialog
EnableWindow
DrawTextW
DrawIconEx
DrawIcon
DispatchMessageW
DialogBoxParamW
DestroyWindow
DefWindowProcW
DefDlgProcW
CreateWindowExW
CreateMenu
CreateDialogParamW
CreateDialogIndirectParamW
CopyRect
CheckRadioButton
CheckDlgButton
CharUpperW
CharNextW
CharLowerW
BeginPaint
AppendMenuW
AllowSetForegroundWindow
AdjustWindowRectEx
AdjustWindowRect
EnableMenuItem
GetSystemMetrics
LoadIconW
UpdateWindow
LoadIconA
IsWindowVisible
SendMessageA
LoadBitmapW
DestroyIcon
GetSysColor
GetWindowRect

gdi32

StretchBlt
SetMapMode
UpdateColors
SelectPalette
RealizePalette
GetStockObject
SetRectRgn
AbortPath
GetObjectW
GetDeviceCaps
GetDIBColorTable
GetDCOrgEx
GetClipBox
EqualRgn
DeleteObject
CreateRectRgnIndirect
CreateRectRgn
CreatePalette
CreateFontIndirectW
CreateCompatibleBitmap
CombineRgn
BitBlt
DeleteColorSpace
SetTextAlign
SetTextColor
AbortDoc
SetBkMode
GdiGetBatchLimit
FlattenPath
GetDCBrushColor
CreateSolidBrush
CreateCompatibleDC
GdiFlush
DeleteDC
BeginPath
CancelDC
TranslateCharsetInfo
GetFontLanguageInfo
EndPage
CloseFigure
GetEnhMetaFileA
EndDoc
CloseMetaFile
GetBkMode
GetColorSpace
GetGraphicsMode
GetEnhMetaFileW
GetLayout
CreateHalftonePalette
DeleteEnhMetaFile
SelectObject
CreateMetaFileA

comdlg32

GetOpenFileNameW
GetFileTitleW
GetSaveFileNameW

advapi32

TraceMessage
RegisterTraceGuidsW
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
GetUserNameA
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
CredWriteW
CredWriteDomainCredentialsW
CredUnmarshalCredentialW
CredReadW
CredReadDomainCredentialsW
CredGetSessionTypes
CredFree
CredDeleteW
RegQueryValueExA
RegOpenKeyA
UnregisterTraceGuids

shell32

ExtractIconW
ShellExecuteExW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHGetDesktopFolder
SHAddToRecentDocs

ole32

CoCreateInstance
CoInitialize
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
StringFromGUID2
CoUninitialize

shlwapi

PathAppendW
SHStrDupW
PathStripPathW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW

winmm

timeGetTime

msvcrt

wcstombs
wcstok
wcsstr
wctomb
wcspbrk
wcsncmp
wcschr
ungetc
wcsrchr
_vsnwprintf
_CIpow
_XcptFilter
__badioinfo
__dllonexit
__getmainargs
__mb_cur_max
__p__commode
__p__fmode
__pioinfo
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_controlfp
_errno
_exit
_fileno
_initterm
_ismbblead
_lock
_onexit
_purecall
_read
_unlock
_vsnprintf
_wcsicmp
_wcslwr
_wcsnicmp
_wtoi
_wtol
bsearch
calloc
exit
free
isdigit
isleadbyte
iswctype
iswdigit
iswspace
isxdigit
localeconv
malloc
mbtowc
memcpy
memmove
memset
realloc
srand
time
toupper
towlower
towupper

Sections

.text
Size: 793KB - Virtual size: 793KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zzz0
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a301388cbc9f400767c81e56c031038

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

winmm

msvcrt

Sections

.text Size: 793KB - Virtual size: 793KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 19KB - Virtual size: 19KB

.zzz0 Size: 19KB - Virtual size: 18KB

.rsrc Size: 98KB - Virtual size: 98KB

.text
Size: 793KB - Virtual size: 793KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 19KB - Virtual size: 19KB

.zzz0
Size: 19KB - Virtual size: 18KB

.rsrc
Size: 98KB - Virtual size: 98KB