109c70082a147ba9d4600d8a185a1e40_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

109c70082a147ba9d4600d8a185a1e40_JaffaCakes118
Size

81KB
MD5

109c70082a147ba9d4600d8a185a1e40
SHA1

f686fe87f01eaf439be43bd12c7f7a36cc400f7a
SHA256

65970d3aab730fc082d33d24f599bc9d6053da4b119900ec0fabcee80313b639
SHA512

b14b0ee8d88cfaf683e1573768b8b606958af4ab5620c7a19328236e8ef93b294c8f991645eb259b8df8abbd4c57fea99c558b29329c9e5162b549c51d091dfa
SSDEEP

1536:vpMMzSxK+WuLM+6D7H4qOeXBKkFbiTekPI9lu:hMUSxK+WuLM+6DzOgVsX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
109c70082a147ba9d4600d8a185a1e40_JaffaCakes118

Files

109c70082a147ba9d4600d8a185a1e40_JaffaCakes118
.exe windows:6 windows x86 arch:x86

9035fc59b377873ed0ee00503ee034c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExW
OpenThreadToken
RegOpenKeyExW
OpenThreadToken
RegDeleteKeyW
RegOpenKeyW
GetTokenInformation
GetTokenInformation
RegDeleteKeyW
RegOpenKeyExA
GetTokenInformation
AdjustTokenPrivileges
RegQueryValueExA
AddAccessAllowedAce
FreeSid
RegCloseKey
AddAccessAllowedAce
RegDeleteKeyW
RegCreateKeyExA
RegQueryValueExA
RegQueryInfoKeyW
FreeSid
RegQueryValueExW
RegCloseKey
RegEnumValueW
InitializeAcl
AddAccessAllowedAce
OpenProcessToken
InitializeAcl
InitializeSecurityDescriptor
RegCloseKey
FreeSid
GetTokenInformation
RegDeleteValueW
RegSetValueExW
GetLengthSid
RegEnumValueW
RegQueryValueExW
AdjustTokenPrivileges
RegSetValueExW
RegSetValueExA
GetLengthSid
SetSecurityDescriptorDacl
RegOpenKeyExW
RegDeleteValueW
RegOpenKeyW
RegSetValueExW
RegOpenKeyExW
RegSetValueExA
RegEnumKeyExW
RegSetValueExW
RegSetValueExW
RegCreateKeyExA
RegQueryValueExA
CloseServiceHandle
InitializeAcl
RegQueryValueExA
FreeSid
FreeSid
RegDeleteValueW
RegQueryValueExA
SetSecurityDescriptorDacl
RegCreateKeyExW
InitializeAcl
RegEnumKeyExW
RegEnumValueW
RegCreateKeyExW

gdi32

DeleteDC
SetBkColor
CreateCompatibleBitmap
GetTextExtentPoint32W
GetDeviceCaps
SetBkColor
DeleteObject
SetBkMode
PatBlt
LineTo
CreateCompatibleDC
GetTextExtentPoint32W
CreateCompatibleBitmap
GetStockObject
DeleteDC
GetTextMetricsW
GetTextMetricsW
MoveToEx
CreateFontIndirectW
ExtTextOutW
GetTextExtentPoint32W
TextOutW
SelectObject
SetBkColor
TextOutW
CreateBitmap
SetBkMode
CreateCompatibleDC
GetDeviceCaps
SetTextColor
DeleteDC
PatBlt
LineTo
StretchBlt
BitBlt
SetBkMode
CreateSolidBrush
CreateBitmap
GetTextMetricsW
SelectObject
CreateCompatibleDC
PatBlt
CreateBitmap
CreateBitmap
GetStockObject
MoveToEx
LineTo
DeleteObject
SelectObject
SelectObject
CreateFontIndirectW
CreateCompatibleDC

kernel32

MultiByteToWideChar
GetCommandLineA
GetCurrentThreadId
QueryPerformanceCounter
GetModuleHandleA
FormatMessageW
GetModuleFileNameA
GetModuleHandleA
GetACP
WaitForSingleObject
GetCommandLineW
GetCommandLineW
SetUnhandledExceptionFilter
GetModuleHandleW
GetCurrentProcess
GetACP
GetCurrentProcess
GetTickCount
SetUnhandledExceptionFilter
GetProcessHeap
FormatMessageW
MultiByteToWideChar
GetACP
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
SetEvent
MultiByteToWideChar
QueryPerformanceCounter
GetProcessHeap
SetUnhandledExceptionFilter
GetModuleHandleW
QueryPerformanceCounter
GetCurrentThreadId
VirtualFree
GetTickCount
VirtualFree
SetUnhandledExceptionFilter
GetCommandLineW
GetModuleFileNameA
GetTickCount
GetModuleHandleA
GetCurrentProcess
GetCommandLineA
GetTickCount
GetCurrentThreadId
GetModuleHandleW
GetModuleHandleW
GetCurrentThreadId
GetTickCount
FormatMessageW
LocalFree
GetCurrentProcess
WaitForSingleObject
GetCurrentThreadId
GetACP
GetTickCount
QueryPerformanceCounter
GetProcessHeap
VirtualFree
SetEvent
LocalAlloc
GetCommandLineW
GetModuleHandleW
GetACP
QueryPerformanceCounter
QueryPerformanceCounter
GetModuleHandleW
GetProcessHeap
GetProcessHeap
GetProcessHeap
GetCurrentProcess
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
QueryPerformanceCounter
GetACP
GetModuleHandleW
LocalAlloc
GetModuleFileNameA
GetProcessHeap
GetModuleHandleA
GetACP
GetCommandLineW
GetModuleHandleW
HeapAlloc
GetModuleHandleA
GetModuleHandleA
GetProcessHeap
SetUnhandledExceptionFilter
GetCommandLineW
QueryPerformanceCounter
MultiByteToWideChar
GetCurrentProcessId
SetEvent
SetUnhandledExceptionFilter
GetModuleFileNameA
GetCommandLineW
LocalFree
WaitForSingleObject
GetModuleHandleW
GetCurrentProcess
QueryPerformanceCounter
GetCommandLineA
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleA
GetModuleHandleA
FormatMessageW
WaitForSingleObject
SetEvent
FormatMessageW
SetUnhandledExceptionFilter
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceCounter
GetModuleHandleA
GetModuleFileNameA
LocalAlloc
GetModuleFileNameA
WaitForSingleObject
GetModuleHandleW
GetCommandLineA
VirtualFree
QueryPerformanceCounter
GetModuleHandleW
GetModuleFileNameA
GetCommandLineA
LocalAlloc
SetUnhandledExceptionFilter
LocalAlloc
LocalAlloc
GetModuleHandleW
GetModuleHandleA
WaitForSingleObject
GetModuleFileNameA
GetCurrentProcess
FormatMessageW
LocalFree
GetModuleFileNameA
GetTickCount
GetACP
VirtualFree
GetACP
LocalAlloc

shell32

SHGetDesktopFolder
ExtractIconExW
DragQueryFileW
SHGetSpecialFolderLocation
SHChangeNotify
ShellAboutW
SHGetFolderPathW
SHGetFolderPathW
SHGetSpecialFolderLocation
Shell_NotifyIconW
SHGetFileInfoW
DragAcceptFiles
SHGetMalloc
SHGetPathFromIDListW
SHChangeNotify
Shell_NotifyIconW
SHGetPathFromIDListW
ShellAboutW
CommandLineToArgvW
ShellAboutW
DragAcceptFiles
SHGetFileInfoW
DragQueryFileW
SHGetFolderPathW
Shell_NotifyIconW
SHChangeNotify
DragAcceptFiles
DragAcceptFiles
SHGetFileInfoW
SHGetSpecialFolderPathW
ExtractIconW
ExtractIconW
ShellAboutW
ShellAboutW
SHChangeNotify
DragQueryFileW
ShellExecuteExW
ExtractIconExW
DragQueryFileW
Shell_NotifyIconW
SHGetPathFromIDListW
DragQueryFileW
SHChangeNotify
SHGetFolderPathW
DragFinish
DragFinish
SHGetMalloc
Shell_NotifyIconW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetFileInfoW
SHGetSpecialFolderPathW
CommandLineToArgvW
SHGetPathFromIDListW
SHGetFileInfoW
ExtractIconExW
ExtractIconExW
DragAcceptFiles
ShellExecuteExW
ShellAboutW
SHGetDesktopFolder

user32

GetMessageW
DefWindowProcW
GetDlgItem
CreateWindowExW
DestroyWindow
GetSystemMetrics
LoadIconW
DefWindowProcW
SendMessageW
LoadIconW
DestroyWindow
GetDlgItem
SendMessageW
GetDlgItem
GetDC
GetDlgItem
GetMessageW
DefWindowProcW
LoadIconW
CreateWindowExW
GetWindowRect
GetDC
GetSystemMetrics
GetMessageW
CreateWindowExW
LoadIconW
CreateWindowExW
SetTimer
ShowWindow
ShowWindow
SendMessageW
GetMessageW
ShowWindow
GetSystemMetrics
GetDlgItem
DestroyWindow
GetWindowRect
ShowWindow
GetDC
GetDlgItem
PostMessageW
GetDlgItem
PostMessageW
SendMessageW
ReleaseDC
PostMessageW
GetWindowRect
GetSystemMetrics
GetSystemMetrics
GetAncestor
SetTimer
CreateWindowExW
GetMessageW
GetDlgItem
GetDlgItem
GetWindowRect
GetDlgItem
ShowWindow
ShowWindow
DefWindowProcW
SendMessageW
GetSystemMetrics
SetTimer
CreateWindowExW
GetMessageW
ShowWindow
DestroyWindow
SendMessageW
SetTimer
GetDlgItem
GetWindowRect
GetMessageW
SetTimer
CreateWindowExW
PostMessageW
GetDC
DefWindowProcW
ShowWindow
CreateWindowExW
ReleaseDC
DefWindowProcW
DefWindowProcW
DestroyWindow
GetMessageW
GetWindowRect
DestroyWindow
LoadIconW
DestroyWindow
CreateWindowExW
GetDC
SendMessageW
DestroyWindow
PostMessageW
GetMessageW
ShowWindow
SetTimer
DefWindowProcW
GetDlgItem
DestroyWindow
GetMessageW
LoadIconW
GetSystemMetrics
DestroyWindow
GetWindowRect
DefWindowProcW
PostMessageW
LoadIconW
DefWindowProcW
GetSystemMetrics
ShowWindow
GetSystemMetrics
CreateWindowExW
DestroyWindow
DefWindowProcW
SendMessageW
SendMessageW
GetWindowRect
CreateWindowExW
GetWindowRect
GetSystemMetrics
GetWindowRect
LoadIconW
GetDC
CreateWindowExW
GetWindowRect
GetSystemMetrics
GetSystemMetrics
SetTimer
GetWindowRect
SendMessageW
GetMessageW
DefWindowProcW
DefWindowProcW
DestroyWindow
ShowWindow
GetDC
DefWindowProcW
DefWindowProcW
PostMessageW
SendMessageW
SendMessageW
GetDC
DestroyWindow
ShowWindow

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9035fc59b377873ed0ee00503ee034c4

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

shell32

user32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 12KB - Virtual size: 92KB

.data Size: 42KB - Virtual size: 44KB

.xdata Size: 512B - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 12KB - Virtual size: 92KB

.data
Size: 42KB - Virtual size: 44KB

.xdata
Size: 512B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB