f07919835629b9e071120969038ddf9b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f07919835629b9e071120969038ddf9b_JaffaCakes118
Size

560KB
MD5

f07919835629b9e071120969038ddf9b
SHA1

46c0714a5c112d3fdb581bc90c16af9994dc845e
SHA256

32e423ec6d689ac0f45ba832df31dedddfae9d5adebc3edc2d14a71bbf528b09
SHA512

60202fedcf73b16cfec8b0caf46f073cb6b1653556943ed8a54ce0e129b0e398a773e3b15023ce93914caae7b803e86786c7aa8723a9d8cb6906f6c563bdf9e5
SSDEEP

12288:BcZMMnMMMMMMmqkPh5NVvtAoYdNE2YrMN9Ico/MZ91TTCxmWBru+TcuPxG:eZMMnMMMMM8K3Nx1CpMMAl/MndwmW1u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f07919835629b9e071120969038ddf9b_JaffaCakes118

Files

f07919835629b9e071120969038ddf9b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4fe02a55380ba0b8f2b9d4463fb53bb0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyIcon
CreateCursor
LoadBitmapA
AttachThreadInput
GetClientRect
GetScrollPos
DdePostAdvise
DdeCmpStringHandles
GetMenu
DdeNameService
AdjustWindowRectEx
PostMessageW
GetDlgItem
SetPropA
CallWindowProcA
SetRect
DdeCreateDataHandle
GetClipboardFormatNameA
SetFocus
SetCapture
DrawTextA
CharLowerBuffW
GetWindowTextA
SetMenuItemInfoA
DdeCreateStringHandleA
GetCaretPos
SetForegroundWindow
CopyAcceleratorTableA
MsgWaitForMultipleObjects
GetKeyboardState
GetMenuStringA
LoadAcceleratorsA
EndDialog
ShowCaret
DeleteMenu
DdeUninitialize
GetLastActivePopup
PostThreadMessageA
SetWindowLongA
FindWindowW
GetSystemMetrics
ShowWindow
DispatchMessageA
TabbedTextOutA
RegisterClassExA
GetSysColor
ModifyMenuA
DeferWindowPos
FrameRect
GetWindowDC
CreateDialogParamA
SetCursorPos
RemovePropA
GetCapture
LoadIconA
BeginDeferWindowPos
GetUpdateRect
CreateIcon
DdeDisconnect
AdjustWindowRect
ShowScrollBar
BringWindowToTop
EqualRect
IsRectEmpty
DdeFreeDataHandle
SetCaretPos
DefMDIChildProcA
IsWindowEnabled
CreateWindowExA
SetWindowPos
HideCaret
SetDlgItemTextA
DefFrameProcA
VkKeyScanW
GetQueueStatus
SetWindowTextA
SendMessageA
SetCursor
GetSystemMenu
wsprintfA
InvalidateRect
GetWindowRgn
RegisterClassA
CallNextHookEx
DdeGetLastError
SetTimer
IsChild
SetWindowRgn
ToAscii
IsClipboardFormatAvailable
TranslateMDISysAccel
DdeQueryStringA
GetCaretBlinkTime
WaitMessage
SetScrollPos
DestroyWindow
OffsetRect
EnumClipboardFormats
MessageBeep
GetCursorPos
OpenClipboard
UnhookWindowsHookEx
SetMenuDefaultItem
GetClassInfoExA
TranslateMessage
CharToOemBuffA
DdeInitializeA
CreatePopupMenu
DdeClientTransaction
SetWindowsHookExW
TrackPopupMenu
DdeSetUserHandle
UpdateWindow
DialogBoxParamA
DdeFreeStringHandle
IntersectRect
AppendMenuA
VkKeyScanA
SetScrollInfo
GetWindowRect
SetMenu
UnregisterClassA
GetMenuItemInfoA
RegisterClipboardFormatA
MessageBoxIndirectA
OemToCharA
CheckMenuItem
EnumThreadWindows
EnableMenuItem
InvalidateRgn
CopyRect
DrawIcon
CharUpperBuffW
DrawFocusRect
LoadImageA
WindowFromPoint
IsIconic
CreateAcceleratorTableA
RemoveMenu
SetWindowContextHelpId
GetWindowThreadProcessId
EmptyClipboard
EnableWindow
ClipCursor
IsWindow
GetActiveWindow
DestroyCursor
GetClipboardData
PeekMessageA
DdeGetData
MapWindowPoints
GetDCEx
GetForegroundWindow
GetCursor
DdeConnect
WinHelpA
DestroyMenu
GetUpdateRgn
CharToOemA
EndDeferWindowPos
IsDialogMessageA
GetDoubleClickTime
FillRect
GetMessagePos
SubtractRect
GetWindowTextLengthA
SetClipboardData
LockWindowUpdate
IsCharAlphaA
SetWindowsHookExA
DrawMenuBar
ReleaseCapture
CharUpperA
IsWindowVisible
GetIconInfo
PostQuitMessage
ScreenToClient
GetMenuState
GetParent
CharNextA
LoadCursorA
keybd_event
DdeAbandonTransaction
ShowCursor
GetWindowLongA
GetClassInfoA
GetDesktopWindow
PeekMessageW
GetSubMenu
InflateRect
EndPaint
DrawFrameControl
CharPrevA
GetFocus
DestroyAcceleratorTable
BeginPaint
InsertMenuA
GetKeyState
GetWindow
MoveWindow
GetDC
SystemParametersInfoA
SetScrollRange
GetPropA
SetActiveWindow
GetAsyncKeyState
GetMenuItemID
GetMessageTime
SetKeyboardState
GetClassNameA
CreateCaret
DefWindowProcA
IsZoomed
CharLowerA
WaitForInputIdle
GetKeyboardLayout
FindWindowA
KillTimer
MessageBoxA
CloseClipboard
GetScrollInfo
GetTabbedTextExtentA
GetMenuItemCount
DestroyCaret
PostMessageA
SetParent
LoadStringA
CharUpperBuffA
ReleaseDC
DdeQueryConvInfo
CreateMenu
PtInRect
SendDlgItemMessageA
CharLowerBuffA
ClientToScreen

ws2_32

WSAConnect
WSAAccept

olecli32

OleEqual

advapi32

RegOpenKeyA
RegDeleteValueW
RegEnumValueA
RegDeleteKeyW
RegSetValueExA
RegSetValueExW
RegQueryInfoKeyA
LookupPrivilegeValueA
RegOpenKeyW
AdjustTokenPrivileges
SetSecurityDescriptorDacl
RegSetValueA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyA
RegDeleteValueA
RegQueryValueExW
RegisterEventSourceA
RegOpenKeyExA
DeregisterEventSource
RegCreateKeyW
ReportEventA
RegQueryValueA
RegCloseKey
InitializeSecurityDescriptor
OpenProcessToken
RegEnumValueW
RegEnumKeyW

ole32

IIDFromString
CoUnmarshalInterface
OleDoAutoConvert
ReadClassStm
WriteClassStg
CoDisconnectObject
RevokeDragDrop
OleSaveToStream
OleLoad
CoFreeUnusedLibraries
OleFlushClipboard
OleCreateLink
CreateStreamOnHGlobal
CoLockObjectExternal
DoDragDrop
OleGetClipboard
OleCreateLinkToFile
StgOpenStorageOnILockBytes
OleUninitialize
IsAccelerator
OleRun
OleCreateFromData
ProgIDFromCLSID
OleGetIconOfClass
CoCreateInstance
OleConvertOLESTREAMToIStorage
GetClassFile
OleConvertIStorageToOLESTREAM
OleRegGetUserType
CLSIDFromString
OleTranslateAccelerator
CoRegisterMessageFilter
OleInitialize
OleCreateLinkFromData
CoGetMalloc
OleSave
OleLockRunning
OleLoadFromStream
StgCreateDocfileOnILockBytes
OleQueryCreateFromData
OleSetMenuDescriptor
OleQueryLinkFromData
OleIsCurrentClipboard
RegisterDragDrop
OleDestroyMenuDescriptor
CreateDataAdviseHolder
CoGetClassObject
CoIsOle1Class
StgOpenStorage
ReleaseStgMedium
CLSIDFromProgID
MkParseDisplayName
OleDuplicateData
CoMarshalInterface
StgIsStorageILockBytes
OleGetAutoConvert
StringFromGUID2
CreateILockBytesOnHGlobal
StringFromCLSID
CreateOleAdviseHolder
OleIsRunning
CoRegisterClassObject
OleCreateMenuDescriptor
BindMoniker
ReadClassStg
OleCreateFromFile
CoRevokeClassObject
OleSetClipboard
CreateBindCtx
StgCreateDocfile

kernel32

GetTempFileNameA
InterlockedDecrement
DeleteCriticalSection
CreateDirectoryA
ResetEvent
GetStdHandle
FileTimeToSystemTime
UnhandledExceptionFilter
GetWindowsDirectoryA
GetTickCount
GlobalAddAtomA
TlsGetValue
GetEnvironmentStrings
SizeofResource
HeapAlloc
UnlockFile
GetFullPathNameA
GetVersionExA
ExitProcess
HeapReAlloc
GetACP
GetCurrentDirectoryA
IsDBCSLeadByte
SetEnvironmentVariableA
LockFile
GetSystemDefaultLCID
GetStartupInfoA
_llseek
GetLastError
FindFirstFileA
GetProfileStringA
LoadLibraryExA
SetEndOfFile
GlobalReAlloc
GlobalSize
SetFileTime
GlobalDeleteAtom
EnterCriticalSection
GetCommandLineA
GetDateFormatA
SetHandleCount
IsBadCodePtr
lstrlenA
SetFileAttributesA
FreeEnvironmentStringsA
GetLocaleInfoA
GetUserDefaultLCID
GetSystemTime
TlsFree
LockResource
GetTempPathA
GetSystemDefaultLangID
GetVersion
TerminateProcess
ResumeThread
HeapDestroy
FreeResource
FindClose
LCMapStringA
GetFileType
LCMapStringW
FreeLibrary
lstrcpyA
RtlUnwind
CompareStringW
DeleteFileA
lstrcmpiA
VirtualAlloc
FileTimeToLocalFileTime
GetStringTypeA
LeaveCriticalSection
GetCurrentThreadId
IsBadReadPtr
SetErrorMode
WideCharToMultiByte
GetStringTypeW
CloseHandle
FlushFileBuffers
GlobalUnlock
WriteFile
GetTimeZoneInformation
GetStringTypeExA
FlushInstructionCache
GetDriveTypeA
FormatMessageA
LoadLibraryA
SearchPathA
GlobalFree
_lclose
GetCurrentProcess
InterlockedIncrement
CreateThread
FindNextFileA
TlsSetValue
FormatMessageW
GetModuleFileNameA
SetStdHandle
GetFileAttributesA
GetSystemInfo
SetCurrentDirectoryA
GlobalAlloc
GetVolumeInformationA
ExitThread
_lwrite
SetEvent
GetOEMCP
DuplicateHandle
GetProcAddress
SetLocalTime
lstrcmpiW
InitializeCriticalSection
SetFilePointer
SetLastError
GetShortPathNameA
CompareStringA
RaiseException
MoveFileA
HeapCreate
RemoveDirectoryA
CreateFileA
_lread
FreeEnvironmentStringsW
GetModuleHandleA
TlsAlloc
GlobalLock
VirtualQuery
WaitForSingleObject
lstrcmpA
ReadFile
CreateEventA
GetFileTime
GetLocalTime
ReleaseSemaphore
Sleep
VirtualFree
WinExec
LoadResource
GetEnvironmentStringsW
GetExitCodeProcess
lstrcpynA
GlobalHandle
HeapSize
GetModuleFileNameW
GetCPInfo
MulDiv
HeapFree
CreateProcessW
GetUserDefaultLangID
FindResourceA
CreateProcessA
GetSystemDirectoryA
lstrcatA
GetCurrentProcessId
SystemTimeToFileTime
VirtualProtect
CreateSemaphoreA
MultiByteToWideChar

ddraw

DirectDrawEnumerateA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 520KB - Virtual size: 517KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fe02a55380ba0b8f2b9d4463fb53bb0

Headers

File Characteristics

Imports

user32

ws2_32

olecli32

advapi32

ole32

kernel32

ddraw

Sections

.text Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 2.0MB

.idata Size: 16KB - Virtual size: 12KB

.rsrc Size: 520KB - Virtual size: 517KB

.rdata Size: 8KB - Virtual size: 5KB

.text
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 2.0MB

.idata
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 520KB - Virtual size: 517KB

.rdata
Size: 8KB - Virtual size: 5KB