0b5345650a038ce3952778d5064bd091_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b5345650a038ce3952778d5064bd091_JaffaCakes118
Size

79KB
MD5

0b5345650a038ce3952778d5064bd091
SHA1

a729ca00f846318d815444bbfb409ef5604835d0
SHA256

ef6b2a87c88981ab4a5ae9f27001904246f420669380cb10207f037d57b2caae
SHA512

fc816fd1c3bc06eaca71d81f135e3883c9a9b005aae3987445d0707d1f9da2aeaf7ab9c3968cd9d65b3347c047c77deb54074732e9339446cdd6bc821b73350b
SSDEEP

1536:8T31zZ9SYbQ7rRsMow4Djnxxcgd3sJKhLGLwgNGwAFRMrgzJSPt6CJ/2R1vD+oa0:87BZMJv4DBuI8tN1XrgzJe6uvB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b5345650a038ce3952778d5064bd091_JaffaCakes118

Files

0b5345650a038ce3952778d5064bd091_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b5d54d27dfad14b22d90b8fe52c16b1b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleA
GlobalSize
Thread32First
RequestWakeupLatency
VirtualLock
GlobalGetAtomNameW
SignalObjectAndWait
SetEndOfFile
ReadConsoleOutputA
GetPrivateProfileStringA
EnumResourceTypesA
PurgeComm
OpenFileMappingW
Process32First
VirtualProtect
DeviceIoControl
ReleaseSemaphore
FindCloseChangeNotification
SetFileApisToOEM
FileTimeToDosDateTime
SetSystemTime
lstrcatW
LoadLibraryExW
GetCalendarInfoW
GetProcAddress
SetConsoleCP
GetEnvironmentStringsA
SetProcessShutdownParameters
SetCommBreak
FlushViewOfFile
ClearCommBreak
GetShortPathNameA
CreateIoCompletionPort
WriteProfileStringW
SetVolumeLabelW
SetCurrentDirectoryA
lstrcatA
QueryDosDeviceA
GetExitCodeProcess
FlushFileBuffers
EndUpdateResourceW
DeleteAtom
FoldStringA
GlobalAddAtomW
CreateEventA
CreateNamedPipeW
CallNamedPipeA
TlsAlloc
GetStringTypeExA
GetProfileSectionA
GetCurrentDirectoryA
CreateProcessW
GetPrivateProfileSectionW
WriteFile
WriteFileGather
GlobalFix
WriteTapemark
GlobalGetAtomNameA
ReadFileScatter
GetStartupInfoW
SetProcessWorkingSetSize
SetConsoleActiveScreenBuffer
GetLogicalDriveStringsA
VirtualAlloc
SetConsoleWindowInfo
FindNextFileA
EnumSystemCodePagesA
GlobalLock
GetModuleFileNameW
SetProcessPriorityBoost
SetVolumeLabelA
WaitForSingleObjectEx
GetACP
SetSystemPowerState
GetCPInfoExW
SetThreadAffinityMask
CreateNamedPipeA
UnmapViewOfFile
GetTimeZoneInformation
LockFile
EnumResourceLanguagesA
MapViewOfFileEx
GetProcessTimes

advapi32

DeleteAce
RegQueryInfoKeyW
RegQueryInfoKeyA
SetSecurityInfoExW
RegCreateKeyW
RegSetKeySecurity
QueryServiceStatus
RegOpenKeyExA
RegEnumKeyExA
BuildTrusteeWithNameW
AllocateAndInitializeSid
OpenEventLogW
GetNamedSecurityInfoExA
RegEnumKeyExW
CryptGenRandom
GetAccessPermissionsForObjectA
CryptSetKeyParam
IsTextUnicode
GetCurrentHwProfileA
ReadEventLogA
LookupAccountSidA
EnumServicesStatusA
SetEntriesInAuditListA
RegCreateKeyExW
RegEnumKeyA
LookupPrivilegeValueA
LookupPrivilegeNameA
CryptGenKey
SetServiceStatus
CryptDuplicateHash
GetOverlappedAccessResults
RegSetValueExW
SetSecurityDescriptorGroup
GetSecurityDescriptorControl
BuildImpersonateExplicitAccessWithNameA
CryptSignHashA
BackupEventLogA
SetServiceBits
CryptDestroyKey
GetSecurityDescriptorGroup
LookupPrivilegeDisplayNameW
GetAccessPermissionsForObjectW
GetSecurityInfo
CryptReleaseContext
GetSecurityInfoExA
CryptHashData
RegisterServiceCtrlHandlerA
ImpersonateSelf
AddAccessDeniedAce
CryptDestroyHash
CreateServiceW
GetNamedSecurityInfoW
RegReplaceKeyW
ConvertSecurityDescriptorToAccessA
GetAuditedPermissionsFromAclA
RegCreateKeyExA
RegConnectRegistryW
AllocateLocallyUniqueId
GetSecurityDescriptorSacl
GetServiceDisplayNameW
DuplicateToken
GetSecurityDescriptorDacl
RegConnectRegistryA
SetFileSecurityW
ImpersonateLoggedOnUser
CopySid
SetKernelObjectSecurity
AreAllAccessesGranted
BuildTrusteeWithSidW
GetTrusteeTypeA
SetEntriesInAccessListA
CreatePrivateObjectSecurity
LookupPrivilegeValueW
GetTokenInformation
OpenBackupEventLogW
UnlockServiceDatabase
LookupAccountSidW
NotifyChangeEventLog

shlwapi

StrIsIntlEqualW
StrCSpnW
StrRChrIA
PathBuildRootA
SHOpenRegStreamW
StrRChrW
PathIsUNCServerW
PathMakeSystemFolderW
SHRegDeleteEmptyUSKeyW
PathIsPrefixA
PathRemoveFileSpecA
SHRegDeleteEmptyUSKeyA
PathCanonicalizeA
PathRemoveBlanksW
IntlStrEqWorkerW
StrCSpnIA
SHRegEnumUSValueW
UrlCanonicalizeA
PathFindSuffixArrayW
PathUndecorateW
SHRegCreateUSKeyW
UrlHashA
PathIsNetworkPathA
PathFindFileNameA
PathAddBackslashW
UrlEscapeA
wvnsprintfA
UrlHashW
ColorAdjustLuma
ChrCmpIA
PathIsLFNFileSpecW
SHRegSetUSValueA
SHRegEnumUSValueA
SHRegGetUSValueA
StrFormatKBSizeA
PathFileExistsA
UrlGetLocationA
UrlCombineA
SHRegGetBoolUSValueA
SHDeleteValueW
StrPBrkA
PathIsSystemFolderA
SHRegQueryUSValueW
PathGetArgsW
PathFindSuffixArrayA
UrlIsOpaqueW
PathRemoveBlanksA
StrChrA
PathStripToRootW
PathIsSystemFolderW
UrlIsW
SHQueryInfoKeyA
UrlUnescapeA
SHRegWriteUSValueA
StrCpyNW
StrRetToBufA
StrFromTimeIntervalW
PathSetDlgItemPathA
SHGetValueA
AssocQueryStringByKeyW
PathMatchSpecA
StrCSpnIW
SHGetThreadRef
PathCompactPathW
SHEnumKeyExW
SHRegCreateUSKeyA
UrlGetPartW
StrChrW
PathCanonicalizeW
StrCatBuffA
SHEnumValueA
PathIsContentTypeA
PathAppendW
SHRegQueryUSValueA
PathParseIconLocationW
PathCreateFromUrlW

ole32

CoGetStandardMarshal
OleCreateLinkFromData
CoGetClassObject
OleCreateStaticFromData
OleCreateLinkToFile
GetDocumentBitStg
CoRegisterPSClsid
StgSetTimes
StgOpenAsyncDocfileOnIFillLockBytes
MonikerRelativePathTo
OleFlushClipboard
OleConvertIStorageToOLESTREAMEx
WriteFmtUserTypeStg
CoGetInterfaceAndReleaseStream
CreateClassMoniker
CoReleaseServerProcess
CoDisconnectObject
CoInitializeEx
CoDosDateTimeToFileTime
CreateBindCtx
OleCreateEx
CoTaskMemRealloc
StgGetIFillLockBytesOnILockBytes
StringFromGUID2
OleIsRunning
CoRevokeMallocSpy
ReadClassStg
CoInitialize
OleQueryLinkFromData
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal
CoInitializeSecurity
WriteClassStm
OleGetIconOfClass
IsAccelerator
EnableHookObject
CreateFileMoniker
CoGetCallContext
CoTaskMemFree
CoLoadLibrary
CoIsHandlerConnected
CreateAntiMoniker
CoQueryReleaseObject
CoMarshalHresult
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
OleSave
WriteOleStg
OleRegGetMiscStatus
CoGetCallerTID
CoQueryClientBlanket
OleRegEnumVerbs
OleSetMenuDescriptor
CoGetInstanceFromFile
StgCreateStorageEx
OleCreateDefaultHandler
OleInitialize
OleCreateLinkToFileEx
CoQueryAuthenticationServices
ProgIDFromCLSID
CoRevokeClassObject
OleSetContainedObject
CoFreeLibrary
CoGetObject
StgCreateDocfile
CoCreateInstance
ReadFmtUserTypeStg
UtConvertDvtd16toDvtd32
OleRegEnumFormatEtc
CreateDataAdviseHolder
CoCreateFreeThreadedMarshaler
CoFileTimeNow

user32

RegisterClipboardFormatW
GetQueueStatus
GetDoubleClickTime
IsMenu
FindWindowExW
GetOpenClipboardWindow
SetWindowWord
SetMenuDefaultItem
GetClipboardData
ChangeMenuA
DdeCreateStringHandleA
IsDialogMessageA
DialogBoxParamW
CreateCaret
DefFrameProcW
ChangeClipboardChain
SetCursorPos
DdeInitializeW
SendInput
OpenDesktopW
GetLastActivePopup
CharUpperBuffA
LoadMenuW
DdeKeepStringHandle
ChangeDisplaySettingsW
GetDlgCtrlID
GetIconInfo
UnregisterDeviceNotification
GetMessageTime
RegisterHotKey
GetMenuItemID
UnloadKeyboardLayout
IsDialogMessageW
RealGetWindowClass
InvertRect
DrawFrame
AppendMenuA
SendIMEMessageExW
CharToOemA
SendDlgItemMessageW
CreateMDIWindowA
CreateDesktopA
TranslateMessage
DefWindowProcW
CharUpperA
SetWindowsHookExA
InsertMenuItemA
GetDlgItemInt
BroadcastSystemMessage
EnumClipboardFormats
GetMessageA
SetWindowContextHelpId
SetClassWord
OemToCharBuffW
SetThreadDesktop
DialogBoxParamA
CloseWindowStation
RegisterClassW
DrawFocusRect
CreateIconFromResource
NotifyWinEvent
DdeSetQualityOfService
SetLastErrorEx
GetClientRect
CharNextW
DispatchMessageW
GetParent
UnhookWinEvent
GetAncestor
SetRect
CreateAcceleratorTableA
GetKBCodePage

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b5d54d27dfad14b22d90b8fe52c16b1b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shlwapi

ole32

user32

Sections

.text Size: 67KB - Virtual size: 66KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 4KB

.text
Size: 67KB - Virtual size: 66KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 4KB