e2531bdacfcdb35b04c682edfaa86a68_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e2531bdacfcdb35b04c682edfaa86a68_JaffaCakes118
Size

636KB
MD5

e2531bdacfcdb35b04c682edfaa86a68
SHA1

4838b6fc2362c9d3c48119d14f96f22aaac01a39
SHA256

0a95f33fa0c5e46845a64ab054643e152ba365a7329389bd8bf6ab553319fd2d
SHA512

99bdce29f5da99b34106af543c0542efcb2747db219c1bbe7ce5e3390d18f2abcf09c7598d9708e35fab02112c911d396643ce7193c85713fac7444488cb2c58
SSDEEP

12288:fzzGuYCxLlQblbfWdwMurcogRUwjDT6Ifc2/BoolQblbfWdwMurcogRUwjD:xYMlGlbfW0rcQue2JoolGlbfW0rcQu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2531bdacfcdb35b04c682edfaa86a68_JaffaCakes118

Files

e2531bdacfcdb35b04c682edfaa86a68_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5bf8b16e0ae07db574126e512af636b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
DecryptFileW
RegSetValueExA
RegCreateKeyA
StartServiceCtrlDispatcherW
RegOverridePredefKey
QueryServiceStatus
RegQueryValueA
RevertToSelf
LsaRetrievePrivateData
RegRestoreKeyW
OpenProcessToken
StartServiceA
GetServiceKeyNameW
CreateProcessAsUserA
LsaOpenPolicy
RegLoadKeyA
RegSetValueExW
RegSetKeySecurity
EnumDependentServicesA
RegConnectRegistryA
LockServiceDatabase
CreateProcessAsUserW
AddAccessAllowedAce
QueryServiceLockStatusA
StartServiceCtrlDispatcherA
AllocateAndInitializeSid
MakeSelfRelativeSD
SetSecurityDescriptorGroup
SetServiceObjectSecurity
OpenServiceA
LookupPrivilegeValueW
SetEntriesInAclW
RegCreateKeyW
MakeAbsoluteSD
SetSecurityDescriptorDacl
ReadEventLogW
RegEnumKeyExA
GetServiceDisplayNameW
RegOpenKeyExA
RegisterServiceCtrlHandlerA
AdjustTokenPrivileges
RegUnLoadKeyW
FreeSid
RegReplaceKeyA
OpenSCManagerW
CloseServiceHandle
DeleteAce
RegisterServiceCtrlHandlerW
InitializeAcl
SetThreadToken
LookupAccountNameA
ImpersonateSelf
GetFileSecurityW
CopySid
GetSidSubAuthority
GetSidSubAuthorityCount
LookupAccountNameW
CreateServiceW
RegNotifyChangeKeyValue
QueryServiceConfigA
InitiateSystemShutdownA
GetUserNameA
GetEffectiveRightsFromAclW
EncryptFileW
ControlService
GetKernelObjectSecurity
SetServiceStatus
RegEnumKeyW
RegDeleteValueW
EnumServicesStatusA
LookupAccountSidA
ObjectCloseAuditAlarmW
OpenThreadToken
RegQueryValueW
DeleteService
RegSetValueW
RegSetValueA
ChangeServiceConfigW
AddAce
EnumDependentServicesW
GetAce
LsaQueryInformationPolicy
RegCreateKeyExA
SetSecurityDescriptorSacl
GetAclInformation
LsaAddAccountRights
GetUserNameW
GetSidIdentifierAuthority
RegQueryInfoKeyA
SetNamedSecurityInfoW
ChangeServiceConfigA
QueryServiceLockStatusW
RegCreateKeyExW
OpenEventLogW
SetFileSecurityA
LookupPrivilegeValueA
RegisterEventSourceA
SetEntriesInAclA
ChangeServiceConfig2W
InitializeSid
ReportEventW
LogonUserA
GetSidLengthRequired
IsTokenRestricted
GetLengthSid
RegOpenKeyExW
LsaFreeMemory
RegQueryInfoKeyW
ReportEventA
GetSecurityDescriptorDacl
RegCloseKey
RegQueryMultipleValuesW
ChangeServiceConfig2A
QueryServiceConfigW
InitializeSecurityDescriptor
SetFileSecurityW
OpenSCManagerA

rasapi32

RasEnumDevicesA
RasGetCountryInfoA
RasEnumEntriesA

msvcrt

_setmbcp
_itow
__set_app_type
ispunct
_fgetchar
__dllonexit
_onexit
atol
iswalnum
_y1
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_controlfp

imm32

ImmAssociateContext
ImmGetRegisterWordStyleA
ImmGetCompositionStringA
ImmGetCandidateListCountA
ImmSetCompositionWindow
ImmConfigureIMEA
ImmInstallIMEA
ImmGetConversionListA
ImmReleaseContext
ImmGetCompositionWindow

user32

GetGUIThreadInfo
SetParent
CloseWindow
OffsetRect
CharLowerBuffA
MapVirtualKeyW
BeginPaint
SetWindowRgn
PostMessageA
CopyIcon
PostThreadMessageA
RegisterWindowMessageA
EnumDisplaySettingsW
GetScrollPos
EnumClipboardFormats
GetTabbedTextExtentA
CharToOemBuffA
EnableMenuItem
CloseClipboard
DestroyAcceleratorTable
DdeConnect
DrawTextW
ChangeClipboardChain
GetWindowThreadProcessId
GetKeyboardLayout
ModifyMenuA
DefWindowProcA
ScrollWindowEx
PostQuitMessage
LockWindowUpdate
GetSysColor
GetWindow
IsCharUpperA
GetDlgCtrlID
LoadCursorFromFileA
DispatchMessageA
mouse_event
IsMenu
GetClassLongA
DestroyCursor
DefFrameProcW
DdeFreeStringHandle
DrawStateA
RegisterClassExW
SetActiveWindow
UnpackDDElParam
CopyImage
SetWindowPos
GetOpenClipboardWindow
EnumDisplaySettingsA
MapVirtualKeyA
CallWindowProcA
SetCaretPos
GetDlgItem
ScreenToClient
CharPrevW
InsertMenuW
GetMenu
ReleaseDC
TrackPopupMenuEx
GetLastActivePopup
FlashWindow
SetWinEventHook
WindowFromPoint
GetKeyboardLayoutNameW
GetDlgItemTextA
GetUserObjectInformationW
DialogBoxIndirectParamW
SetWindowPlacement
CreateWindowExA
InvalidateRgn
LoadKeyboardLayoutW
ValidateRgn
GetWindowLongA
GetPropA
CharToOemA
MapVirtualKeyExW
wvsprintfA
PackDDElParam
CreateIconFromResource
GetCapture
LoadImageA
EnumChildWindows
NotifyWinEvent
SetClassLongA
MoveWindow
DrawAnimatedRects
ValidateRect
WinHelpA
GetMessageA
MessageBeep
FrameRect
TrackPopupMenu
RemoveMenu
RegisterHotKey
AttachThreadInput
DrawTextA
ReplyMessage
GetClassNameW
GetDC
IsCharAlphaNumericA
GetClassInfoA
ToAsciiEx
SetKeyboardState
CharUpperBuffW
PostThreadMessageW
DragDetect
WinHelpW
MapWindowPoints
GetScrollRange
FindWindowExW
SendInput
GetMenuItemCount
DialogBoxIndirectParamA
EnumWindows
EnumThreadWindows
DrawFrameControl
IsIconic
CharNextA
IsDialogMessageA
VkKeyScanExA
MessageBoxA
CopyAcceleratorTableW
GetWindowWord
LoadMenuW
DrawIcon
SetWindowLongW
GetWindowTextLengthA
ShowCaret
GetKeyState
GetClipboardData
SetMenuDefaultItem
GetScrollInfo
IsWindowVisible
VkKeyScanW
EnableWindow
SendMessageA
LoadIconA
GetSystemMetrics
GetClientRect
GetMessagePos
IsWindow

gdi32

CreateCompatibleDC
BeginPath
GetBitmapBits
GetTextFaceA
OffsetViewportOrgEx
CreateRectRgnIndirect
GetRgnBox
CopyEnhMetaFileW
SetPixel
DeleteDC
StartDocW
ExtCreatePen
SetColorSpace
GetBrushOrgEx
GetCharABCWidthsW
AbortDoc
GetTextMetricsA
BitBlt
GetEnhMetaFileHeader
GdiFlush
SetMapMode
FillPath
CreateFontIndirectA
Escape
StrokePath
RemoveFontResourceW
OffsetRgn
SetColorAdjustment
SelectClipRgn
SetWindowOrgEx
SetWindowExtEx
SetPolyFillMode
GetDeviceGammaRamp
Polyline
ScaleWindowExtEx
GetTextExtentPoint32W
ExtCreateRegion
RectVisible
GetDIBColorTable
SelectPalette
CreatePenIndirect
GetDeviceCaps
GetViewportOrgEx
PlayEnhMetaFile
CreateDIBPatternBrushPt
ResetDCW
SetROP2
CreatePen
TextOutA
EnumMetaFile
GetKerningPairsA
ExtTextOutA
ExtSelectClipRgn
GetCharWidthA
GetDIBits
UpdateColors
GetTextExtentPoint32A
PlayMetaFileRecord
EnumFontFamiliesA
SetPixelV
GetStockObject
EndPath
Rectangle
GetPixel
GetDCOrgEx
CreateSolidBrush
SetBkColor
EnumFontFamiliesExW
CreateICA
PatBlt
CreateDCA
PlayMetaFile
CreateMetaFileA
SetStretchBltMode
CreateDCW
CopyEnhMetaFileA
SetBkMode
RemoveFontResourceA
GetTextExtentPointA
GetPolyFillMode
SetDeviceGammaRamp
GetTextCharsetInfo
DeleteColorSpace
DeleteEnhMetaFile
StartPage
CancelDC
PtVisible
SetWorldTransform
EnumEnhMetaFile
CreateRectRgn
CreateEnhMetaFileA
GetGlyphOutlineA
CreateFontA
CreateRoundRectRgn
CreateEnhMetaFileW
CloseFigure
SetViewportExtEx
GetNearestPaletteIndex
SetRectRgn
CreateCompatibleBitmap
GetEnhMetaFileW
EnumFontsW
ExtEscape
SetAbortProc
SetMetaFileBitsEx
GetWindowOrgEx
CreateFontIndirectW
DPtoLP
GetMetaFileBitsEx
GetEnhMetaFilePaletteEntries
Ellipse
GetObjectW
DeleteObject
CombineRgn
EndPage
ExtFloodFill
SwapBuffers
Chord
GetGlyphOutlineW
WidenPath
GetClipRgn
StartDocA
LPtoDP
SetViewportOrgEx
OffsetWindowOrgEx
PolyPolyline
EndDoc
EnumFontsA
GetObjectType
ResizePalette
GetTextAlign
GetFontData
PolyDraw
PlayEnhMetaFileRecord
CreateEllipticRgn
SetTextAlign
CreateHatchBrush
MoveToEx
SaveDC
CreateBitmap
GetEnhMetaFileBits
ScaleViewportExtEx
FillRgn
CombineTransform
GetBkColor
SetMetaRgn
SetArcDirection
IntersectClipRect
SetWinMetaFileBits
GetMapMode
CloseEnhMetaFile
SetGraphicsMode
GetClipBox
RestoreDC
GetTextColor
CreateICW
GetBkMode
Pie
PolyBezierTo
Polygon
CreateFontW
RealizePalette
StretchBlt
SetTextCharacterExtra
SetPixelFormat
CreatePolygonRgn
SetDIBColorTable
OffsetClipRgn
GetROP2
GetObjectA
GetWinMetaFileBits
MaskBlt
EqualRgn
Arc
GetTextMetricsW
UnrealizeObject
GetWorldTransform
RectInRegion
SetBitmapBits
PolyBezier
SetTextColor

kernel32

GetCurrentProcessId
GetModuleHandleA
GetStartupInfoA
Beep

mfc42

ord3346
ord1077
ord5302
ord2725
ord1055
ord4698
ord5307
ord1010
ord5714
ord2982
ord1034
ord3259
ord4465
ord1059
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord2554
ord3079
ord4080
ord1018
ord4424
ord1054
ord561
ord815
ord2514
ord641
ord5265
ord4376
ord4853
ord4998
ord6052
ord4078
ord1775
ord4407
ord1064
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord4486
ord6375
ord4274
ord1077
ord1089
ord3922
ord5731
ord3738
ord1048
ord3825
ord1576
ord1041
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord1060
ord1004
ord1021
ord4627
ord4425
ord1051
ord324
ord4234
ord4710
ord1168
ord1027
ord755
ord470
ord2379
ord2396

Sections

.text
Size: 376KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5bf8b16e0ae07db574126e512af636b7

Headers

File Characteristics

Imports

advapi32

rasapi32

msvcrt

imm32

user32

gdi32

kernel32

mfc42

Sections

.text Size: 376KB - Virtual size: 372KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 8KB - Virtual size: 1.6MB

.rsrc Size: 212KB - Virtual size: 210KB

.text
Size: 376KB - Virtual size: 372KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 8KB - Virtual size: 1.6MB

.rsrc
Size: 212KB - Virtual size: 210KB