0d16e358e1a1c49df4a6431e19fb36c7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d16e358e1a1c49df4a6431e19fb36c7_JaffaCakes118
Size

205KB
MD5

0d16e358e1a1c49df4a6431e19fb36c7
SHA1

54bf5e8d9612c28de76f1e5e40a12fe6ad44a7ae
SHA256

76d5ddd4f32816f8a9daab82694d59a5fc1874796934d2b312db9cd04dcac221
SHA512

1ff5e1f78b0f53f71df67f1a1d96dfca36923f991e461c62a3033ee4afd9d2edfc116af692e8be8654c37e1ebb3eb42105dc35224637ddf7062a98339836b56f
SSDEEP

3072:JFKGRvAVOcLUDHNPRXTvc6texGTwkhzgYR72l2pK6eaWb35u:KGRa+vTzYxI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d16e358e1a1c49df4a6431e19fb36c7_JaffaCakes118

Files

0d16e358e1a1c49df4a6431e19fb36c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d23bae3e08d691e641c6ba043a6ad6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderLocation
DragQueryFileA
Shell_NotifyIconW
Shell_NotifyIconA
Shell_NotifyIconW

msvcrt

malloc
wcscspn
srand
memset
_acmdln
atol
memmove
tolower
mbstowcs
time
memset
sprintf
clock
wcstol
malloc
wcscspn
srand
memset
memmove
sprintf
wcstol
swprintf
wcscspn
rand
_acmdln
wcschr
clock
exit
mbstowcs
memcpy
wcsncmp
wcscspn
sqrt
wcsncmp
swprintf
tolower
_acmdln
malloc
rand
sprintf
clock
memset
wcscspn

version

VerQueryValueA
VerQueryValueA
GetFileVersionInfoA
VerFindFileA
GetFileVersionInfoSizeA
VerFindFileA
GetFileVersionInfoSizeA

kernel32

GlobalDeleteAtom
ExitThread
CreateEventA
GetCommandLineW
FreeResource
GetStdHandle
DeleteCriticalSection
FormatMessageA
LocalAlloc
FindClose
GetFullPathNameA
MoveFileExA
WaitForSingleObject
HeapDestroy
DeleteFileA
LoadLibraryExA
IsBadReadPtr
GetDateFormatA
GetFileType
SetEndOfFile
GlobalAddAtomA
lstrcpyA
SetLastError
LocalFree
MoveFileA
GetCommandLineA
CompareStringA
ResetEvent
GetOEMCP
GetStringTypeA
SetHandleCount
FreeLibrary
GetThreadLocale
GetVersion
HeapAlloc
GetUserDefaultLCID
GetCurrentThread
FindResourceA
LoadLibraryA
GetACP
SizeofResource
LoadResource
InitializeCriticalSection
MulDiv
lstrcatA
lstrcpynA
GetFileAttributesA
GetStartupInfoA
GetCurrentProcess
VirtualQuery
EnterCriticalSection
ReadFile
EnumCalendarInfoA
GetModuleHandleA
LocalReAlloc
GetStringTypeW
GetProcessHeap
GetLocaleInfoA
lstrlenA
SetErrorMode
VirtualFree
lstrcmpA
CloseHandle
lstrcmpiA
GetCPInfo
GetLocalTime
GetEnvironmentStrings
GetCurrentProcessId
IsBadHugeReadPtr
CreateThread
GetTickCount
GlobalFindAtomA
GetVersionExA
LockResource
GetTempPathA
GetSystemDefaultLangID
GetFileSize
ExitProcess
VirtualAllocEx
Sleep
GetCurrentThreadId
SetEvent
WriteFile
GlobalAlloc
LoadLibraryExA
RaiseException
lstrcmpA
LocalReAlloc
GetLocalTime
SetEndOfFile
lstrcpynA
HeapFree
GetCurrentThreadId
FindFirstFileA
GetModuleHandleW
WideCharToMultiByte
LoadResource
GetTempPathA
GetUserDefaultLCID
VirtualFree
SizeofResource
GetACP
CloseHandle
lstrcatA
GetVersionExA
GetFileSize
GetDateFormatA
LocalFree
GetCommandLineA
GetStdHandle
FindResourceA
IsBadHugeReadPtr
lstrlenW
HeapAlloc
VirtualQuery
HeapDestroy
LoadLibraryA
GetStringTypeA
MoveFileExA
GetModuleFileNameA
GetModuleHandleA
lstrcmpiA
CreateEventA
CreateFileA
ReadFile
DeleteFileA
GetFileAttributesA
GetTickCount
GetLocaleInfoA
GetDiskFreeSpaceA
FormatMessageA
lstrlenA
GetStringTypeW
GetProcessHeap
GetSystemDefaultLangID
GetCurrentProcess
LockResource
GetVersion
GetOEMCP
InitializeCriticalSection
IsBadReadPtr
GetEnvironmentStrings
FreeResource
VirtualAlloc
GetLastError
GetThreadLocale
FindClose
SetHandleCount
CreateThread
Sleep
MoveFileA
lstrcpyA
GetCPInfo
ExitProcess
WaitForSingleObject
GetStartupInfoA
GetFileType
SetEvent
ResetEvent
SetErrorMode
GetCurrentProcessId
CompareStringA
GlobalFindAtomA
GlobalAddAtomA
EnterCriticalSection
GetModuleHandleA
GlobalDeleteAtom
GetVersion
DeleteFileA
GetSystemDefaultLangID
CloseHandle
IsBadReadPtr
GlobalAddAtomA
IsBadHugeReadPtr
GetUserDefaultLCID
CreateThread
GlobalFindAtomA
FreeLibrary
FindFirstFileA
SetEvent
LoadLibraryA
GetModuleHandleW
GetThreadLocale
GetDateFormatA
LoadResource
GetACP
SetLastError
GetFileAttributesA
GetModuleFileNameA
SetHandleCount
SizeofResource
GetFileType
EnumCalendarInfoA
SetFilePointer
GetTempPathA
GetCPInfo
GetFullPathNameA
lstrlenW
GetVersionExA
MoveFileA
HeapFree
GetLocaleInfoA
VirtualQuery
CompareStringA
FormatMessageA
lstrlenA
FindResourceA
GetDiskFreeSpaceA
ReadFile
GetEnvironmentStrings
MoveFileExA
GetTickCount
GetCommandLineW
LocalFree
GetLastError
SetErrorMode
GetStringTypeW
FindClose
SetEndOfFile
HeapDestroy
GetCurrentThread
CreateFileA
WriteFile
RaiseException
GetStdHandle
VirtualAlloc
GetFileSize
GetLocalTime
FreeResource
lstrcmpiA
ResetEvent
DeleteCriticalSection
GetCurrentProcess
ExitThread
LoadLibraryExA
MulDiv
InitializeCriticalSection
LockResource
ExitProcess
Sleep
lstrcpyA
WideCharToMultiByte
LocalAlloc
GetCurrentThreadId
CreateEventA
GetProcAddress
GetVersion
VirtualAllocEx
GetCurrentThread
MoveFileA
LocalReAlloc
EnterCriticalSection
GetDateFormatA
LoadLibraryExA
GetStringTypeA
GetFileSize
CompareStringA
LocalFree
CreateEventA
IsBadReadPtr
GetCommandLineW
GetACP
HeapAlloc
MulDiv
GetModuleHandleA
lstrlenW
SetThreadLocale
WriteFile
ExitThread
RaiseException
GetModuleFileNameA
GetModuleHandleW
LoadLibraryA
LoadResource
SetEndOfFile
SetHandleCount
InitializeCriticalSection
ReadFile
lstrcpynA
CreateThread
FindClose
LocalAlloc
GlobalDeleteAtom
GetCommandLineA
FindFirstFileA
GetProcessHeap
FindResourceA
FormatMessageA
IsBadHugeReadPtr
CreateFileA
SetLastError
GetCurrentProcess
lstrcpyA
MoveFileExA
GetOEMCP
GetCurrentProcessId
GetTempPathA
ExitProcess
GetUserDefaultLCID
SetEvent
GetThreadLocale
GetEnvironmentStrings
SizeofResource
lstrcatA
GetVersionExA
GetLocaleInfoA
GetStringTypeW
GetProcAddress
GetFileType
SetErrorMode
GetLocalTime
FreeLibrary
GlobalAddAtomA
GetSystemDefaultLangID
CloseHandle
WaitForSingleObject
lstrcmpA
GetDiskFreeSpaceA
DeleteCriticalSection
GetLastError
HeapDestroy
lstrlenA
lstrcmpiA
GetStartupInfoA
GlobalFindAtomA
EnumCalendarInfoA
GetCurrentThreadId
LockResource
DeleteFileA
SetHandleCount
LoadLibraryExA
lstrcmpiA
GetCurrentProcessId
SetErrorMode
EnumCalendarInfoA
GetStdHandle
HeapFree
IsBadReadPtr
WideCharToMultiByte
GetTickCount
GetCurrentProcess
CreateEventA
FormatMessageA
WaitForSingleObject
SetFilePointer
GetACP
HeapDestroy
GetModuleFileNameA
SetEvent
CloseHandle
GetStringTypeA
GetCPInfo
EnterCriticalSection
GlobalDeleteAtom
GetFullPathNameA
SetEndOfFile
GetLocaleInfoA
GetStringTypeW
SizeofResource
LocalReAlloc
FindResourceA
VirtualQuery
GetStartupInfoA
InitializeCriticalSection
GetUserDefaultLCID
IsBadHugeReadPtr
GetOEMCP
GlobalAddAtomA
ExitThread
RaiseException
GetThreadLocale
lstrlenW
GetFileAttributesA
GetFileSize
GetLastError
VirtualFree
GetEnvironmentStrings
VirtualAlloc
lstrcpynA
LoadLibraryA
LoadResource
GetProcessHeap
GetCurrentThreadId
CreateThread
GetDiskFreeSpaceA
GetLocalTime
CreateFileA
GetFileType
GetDateFormatA
DeleteFileA
SetLastError
GetVersionExA
FreeLibrary
FreeResource
MoveFileExA
GetCurrentThread
MulDiv
WriteFile
ExitProcess
MoveFileA
SetThreadLocale
Sleep
lstrcatA
lstrcmpA
FindFirstFileA
GetVersion
LocalAlloc
GetProcAddress
DeleteCriticalSection
HeapAlloc
GetTempPathA
GetLastError
LoadLibraryA
DeleteFileA
VirtualQuery
lstrcmpA
IsBadHugeReadPtr
GetStringTypeW
CloseHandle
ExitProcess
SetEndOfFile
GetProcessHeap
WaitForSingleObject
GetCommandLineW
GetThreadLocale
LoadResource
GetProcAddress
EnumCalendarInfoA
lstrcmpiA
GetFileSize
GetCPInfo
GetModuleHandleA
MoveFileExA
GetOEMCP
LoadLibraryExA
WideCharToMultiByte
CreateFileA
GetModuleFileNameA
DeleteCriticalSection
SetEvent
GetLocaleInfoA
SetFilePointer
ExitThread
RaiseException
GetLocalTime
GetCurrentProcessId
GetCurrentProcess
GetDiskFreeSpaceA
MoveFileA
CompareStringA
FindFirstFileA
GetStdHandle
GetStartupInfoA
VirtualAllocEx
SetLastError
GetVersionExA
GlobalFindAtomA
SetHandleCount
SetErrorMode
FreeResource
lstrcpyA
lstrcatA
GetDateFormatA
GetModuleHandleW
FindClose
IsBadReadPtr
GetTickCount
VirtualAlloc
GetEnvironmentStrings
VirtualFree
lstrlenW
GetVersion
CreateEventA
GetFullPathNameA
ResetEvent
GetCurrentThreadId
GlobalAlloc
LocalFree
LocalReAlloc
lstrcpynA
SizeofResource
GetStringTypeA
FindResourceA
EnterCriticalSection
lstrlenA
GetFileAttributesA
HeapDestroy
InitializeCriticalSection
GetCurrentThread
GlobalAddAtomA
GlobalDeleteAtom
GetFileType
GetFileSize
LocalReAlloc
SetErrorMode
CreateThread
GetLocaleInfoA
GetLocalTime
MoveFileA
GetStringTypeW

shlwapi

SHDeleteValueA
SHEnumValueA
SHGetValueA
SHStrDupA
PathIsDirectoryA
SHQueryValueExA
SHDeleteValueA
SHStrDupA
SHEnumValueA
PathFileExistsA
PathGetCharTypeA
SHQueryInfoKeyA
SHSetValueA
SHStrDupA
PathIsContentTypeA
SHDeleteKeyA

comctl32

ImageList_DrawEx
ImageList_Write
ImageList_Read
ImageList_Create
ImageList_Draw
ImageList_Remove

gdi32

CreateCompatibleDC
CreateDIBitmap
GetRgnBox
CreatePalette

user32

GetMenu
GetClipboardData
GetTopWindow
GetClassNameA
GetClientRect
UpdateWindow
SystemParametersInfoA
PostMessageA
MsgWaitForMultipleObjects
GetKeyboardState
SetWindowsHookExA
EnableWindow
GetSystemMenu

ole32

CoUninitialize
MkParseDisplayName
PropVariantClear
CoCreateGuid
CoDisconnectObject
OleCreateStaticFromData
CoGetObjectContext
CoUnmarshalInterface
MkParseDisplayName
CoGetMalloc
StgCreateDocfileOnILockBytes
CreateBindCtx
CreateOleAdviseHolder
CoRevokeClassObject

oleaut32

SafeArrayCreate
GetErrorInfo
VariantCopyInd
SafeArrayUnaccessData
SysReAllocStringLen
VariantCopyInd
SafeArrayUnaccessData
RegisterTypeLib
SafeArrayGetUBound
GetErrorInfo

comdlg32

FindTextA
GetSaveFileNameA
GetFileTitleA
ChooseColorA
GetOpenFileNameA

advapi32

RegOpenKeyA
GetLengthSid
RegQueryValueA
RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExA

Sections

CODE
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sfdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ssdata
Size: 512B - Virtual size: 197B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d23bae3e08d691e641c6ba043a6ad6d

Headers

File Characteristics

Imports

shell32

msvcrt

version

kernel32

shlwapi

comctl32

gdi32

user32

ole32

oleaut32

comdlg32

advapi32

Sections

CODE Size: 156KB - Virtual size: 156KB

DATA Size: 8KB - Virtual size: 8KB

.sfdata Size: 27KB - Virtual size: 26KB

.ssdata Size: 512B - Virtual size: 197B

.edata Size: 28KB - Virtual size: 27KB

.rsrc Size: 2KB - Virtual size: 2KB

CODE
Size: 156KB - Virtual size: 156KB

DATA
Size: 8KB - Virtual size: 8KB

.sfdata
Size: 27KB - Virtual size: 26KB

.ssdata
Size: 512B - Virtual size: 197B

.edata
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 2KB - Virtual size: 2KB