1259e88bf8ce96fa37a38800744b22e2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1259e88bf8ce96fa37a38800744b22e2_JaffaCakes118
Size

375KB
MD5

1259e88bf8ce96fa37a38800744b22e2
SHA1

121cb1e3b797f10405a521f5a9b845d9a116cc1e
SHA256

d0af759c804075ec08538e981c950a9338901b628427a774dc34dec42767946a
SHA512

5de61c3beebb9f3718d873a6f3e6265a2dc774b9cba8d5d0acddfe825df9b10b8f3ed55b69771a3f7976df9a39ea960f358e5e29e05c7637d85dc9777f572411
SSDEEP

6144:h8B1WTlBTJt39il23/yQ56zJETPOXF837JiKO0Wo56Q1YCHJApwvvbbaxqQ:hYMFt39il23/386LM2iKO09GafaxqQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1259e88bf8ce96fa37a38800744b22e2_JaffaCakes118

Files

1259e88bf8ce96fa37a38800744b22e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

abae25d4bd5500ae462f043b41891d74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

MapGenericMask
RegCloseKey
CloseEventLog
ReportEventA
GetTrusteeTypeW
RegSetValueA
ImpersonateLoggedOnUser
ChangeServiceConfigW
OpenEventLogA
BuildImpersonateTrusteeA
CryptSetProvParam
NotifyBootConfigStatus
AddAccessAllowedAce
QueryServiceConfigW
GetAuditedPermissionsFromAclW
EnumServicesStatusW
DeleteAce
BuildImpersonateTrusteeW
LockServiceDatabase
FindFirstFreeAce
SetEntriesInAclA
SetEntriesInAuditListW
LookupAccountSidA
CryptGetProvParam
RegRestoreKeyA
SetServiceObjectSecurity
SetSecurityInfoExW
LookupPrivilegeValueA
RegSaveKeyW
RegConnectRegistryW
ControlService
AdjustTokenPrivileges
RegRestoreKeyW
LookupPrivilegeDisplayNameW
GetCurrentHwProfileA
GetEffectiveRightsFromAclA
SetEntriesInAclW
RegUnLoadKeyA
ClearEventLogA
DestroyPrivateObjectSecurity
ChangeServiceConfigA
SetKernelObjectSecurity
RegEnumKeyA
ReadEventLogA
QueryServiceStatus
QueryServiceConfigA
QueryServiceLockStatusW
CryptContextAddRef
SetFileSecurityA
SetNamedSecurityInfoW
RegCreateKeyA
AbortSystemShutdownA
RegEnumKeyW
DuplicateTokenEx
CryptEnumProviderTypesW
GetExplicitEntriesFromAclW
ObjectOpenAuditAlarmA
LookupPrivilegeNameW
RegDeleteValueA
BackupEventLogA
RegLoadKeyA
StartServiceCtrlDispatcherW
RegOpenKeyExA
CryptDuplicateKey
CopySid
IsValidSecurityDescriptor
GetSecurityDescriptorControl
MakeAbsoluteSD
RegQueryValueExA
BuildTrusteeWithSidA
RegConnectRegistryA
BuildSecurityDescriptorA
SetTokenInformation
DeleteService
InitializeAcl

ole32

CoFreeUnusedLibraries
CoReleaseMarshalData
ReadFmtUserTypeStg
OleRegGetUserType
GetHGlobalFromStream
GetHookInterface
OleSetClipboard
CoSetProxyBlanket
CoRegisterMallocSpy
OpenOrCreateStream
OleCreateMenuDescriptor
OleCreateLinkToFileEx
OleTranslateAccelerator
CoUnmarshalInterface
StgIsStorageILockBytes
CoUninitialize
CreateFileMoniker
OleSaveToStream
OleConvertOLESTREAMToIStorageEx
CreateItemMoniker
IsAccelerator
RevokeDragDrop
GetRunningObjectTable
CoQueryClientBlanket
OleRegGetMiscStatus
OleCreateFromFileEx
StringFromGUID2
PropVariantClear
OleRun
OleCreateLinkFromDataEx
StgCreateDocfile
OleDoAutoConvert
MonikerRelativePathTo
StgIsStorageFile
CoGetMalloc
CoGetCallerTID
CreateOleAdviseHolder
CreateDataAdviseHolder
GetConvertStg
CreatePointerMoniker
CoLoadLibrary
CoIsOle1Class
OleBuildVersion
OleCreateFromFile
CoInitializeEx
WriteClassStg
CreateStreamOnHGlobal
OleNoteObjectVisible
OleLoad
CoMarshalInterThreadInterfaceInStream
CLSIDFromProgID
StgCreateDocfileOnILockBytes
OleSetMenuDescriptor
CoDisconnectObject
OleDestroyMenuDescriptor
CoCreateInstance
DoDragDrop
CoGetObject
CreateObjrefMoniker
OleCreateLinkEx
CoGetCurrentLogicalThreadId
CoFileTimeNow
CoGetStandardMarshal
OleCreateFromDataEx

shlwapi

PathIsNetworkPathW
UrlGetPartA
PathSkipRootA
StrToIntA
wvnsprintfA
UrlGetPartW
PathCompactPathExW
PathRemoveArgsA
PathCreateFromUrlW
PathFileExistsW
SHRegDeleteUSValueW
SHRegQueryInfoUSKeyA
StrFromTimeIntervalA
StrFormatByteSizeW
PathAddExtensionA
SHSetThreadRef
PathSetDlgItemPathW
SHRegOpenUSKeyA
SHRegOpenUSKeyW
ChrCmpIA
PathRemoveExtensionA
UrlCompareW
PathGetArgsA
PathCreateFromUrlA
PathSetDlgItemPathA
SHGetThreadRef
PathFindOnPathW
PathIsUNCServerW
SHOpenRegStream2W
UrlIsNoHistoryW
SHCopyKeyW
PathBuildRootA
SHRegEnumUSKeyW
IntlStrEqWorkerA
StrDupW
SHStrDupW
SHRegWriteUSValueA
PathParseIconLocationW
StrTrimA
SHGetValueW
SHEnumKeyExA
PathIsDirectoryA
StrRStrIW
UrlGetLocationA
StrRetToBufW
PathGetCharTypeA
PathCompactPathA
UrlIsNoHistoryA
PathMatchSpecW
SHRegGetUSValueA
PathRemoveExtensionW
ChrCmpIW
PathParseIconLocationA
ColorHLSToRGB
PathAddExtensionW
PathIsUNCServerA
SHIsLowMemoryMachine
SHSkipJunction
PathUnquoteSpacesA
SHDeleteValueW
PathMakePrettyW
PathRemoveFileSpecA
StrDupA
PathIsURLA
SHRegDeleteEmptyUSKeyA
PathStripPathA
StrCpyW
SHOpenRegStreamA
StrStrW

user32

LookupIconIdFromDirectoryEx
GetTopWindow
SetClassWord
EmptyClipboard
InsertMenuItemW
SetSysColors
ChildWindowFromPointEx
DdeInitializeW
SubtractRect
PtInRect
MsgWaitForMultipleObjectsEx
IsRectEmpty
PostThreadMessageA
GetNextDlgTabItem
GetScrollInfo
SetWindowWord
CharUpperW
IntersectRect
WaitMessage
SetUserObjectInformationW
SetMessageExtraInfo
CharLowerW
RealChildWindowFromPoint
SendIMEMessageExW
BroadcastSystemMessageA
TabbedTextOutA
SetClipboardViewer
GrayStringW
CharNextW
DestroyMenu
DragDetect
UnpackDDElParam
OffsetRect
SendNotifyMessageA
CloseDesktop
GetMenuInfo
GetComboBoxInfo
SetWindowTextA
SystemParametersInfoW
GetClassInfoExW
IsCharUpperA
CreateWindowExA
GetDoubleClickTime
PeekMessageA
CreateWindowExW
SendDlgItemMessageA
MessageBoxW
InsertMenuW
GetClipboardSequenceNumber
GetShellWindow
DdeImpersonateClient
EndDialog
IsCharAlphaW
PostQuitMessage
UpdateWindow
LookupIconIdFromDirectory
SetWindowRgn
SetMenuDefaultItem
IsCharAlphaA
SendMessageTimeoutW
GetActiveWindow
GetUserObjectInformationA
TileChildWindows
SendMessageW
OemKeyScan
GetSysColor
CreateAcceleratorTableW
SetUserObjectInformationA
CheckMenuItem
ValidateRgn
DdeSetQualityOfService
CreateCaret
IsCharLowerA
ChangeDisplaySettingsExW
SetCursorPos
CloseWindowStation
LoadImageW
VkKeyScanExW
MessageBoxA
CharUpperBuffW

kernel32

lstrcat
EnumDateFormatsA
GetFileAttributesW
GetCurrencyFormatW
DosDateTimeToFileTime
SetFileApisToANSI
DefineDosDeviceW
DisableThreadLibraryCalls
LocalAlloc
MultiByteToWideChar
SetConsoleWindowInfo
SetPriorityClass
SetCommMask
FindFirstFileW
VirtualProtect
GetComputerNameA
CancelIo
SetCalendarInfoA
GlobalMemoryStatus
GetCurrentProcess
GetWindowsDirectoryA
GetLongPathNameA
SetCurrentDirectoryA
FreeEnvironmentStringsW
LoadLibraryA
FreeLibraryAndExitThread
ContinueDebugEvent
LocalFileTimeToFileTime
OutputDebugStringW
FindFirstChangeNotificationW
CommConfigDialogA
FlushInstructionCache
GetTickCount
FindFirstFileExA
GetBinaryType
GetStringTypeExW
WriteConsoleInputW
OpenFileMappingA
AreFileApisANSI
TransactNamedPipe
SetConsoleCursorPosition
ReadDirectoryChangesW
ScrollConsoleScreenBufferW
ReadConsoleOutputA
IsDebuggerPresent
VirtualProtectEx
IsDBCSLeadByteEx
ScrollConsoleScreenBufferA
IsDBCSLeadByte
GetSystemTimeAdjustment
GetPrivateProfileStringA
DeleteAtom
lstrcpyW
GetCalendarInfoA
GetStringTypeA
OpenProcess
CreateFileMappingA
GetCommandLineW
HeapLock
HeapWalk
OpenWaitableTimerW
IsBadStringPtrA
QueryPerformanceCounter
GlobalFindAtomW
ReadProcessMemory
SetFileApisToOEM
EnumSystemLocalesA
GetProfileIntA
IsBadHugeReadPtr
LockFileEx
GetProfileStringA
SetConsoleTitleW
ResetWriteWatch
GetVersionExA
WritePrivateProfileSectionW
BackupRead
GetSystemPowerStatus
GetLogicalDriveStringsA
OpenEventW
InitAtomTable
GetTimeFormatW
Sleep
FileTimeToDosDateTime
GetConsoleCP
InitializeCriticalSectionAndSpinCount
VirtualAlloc

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

abae25d4bd5500ae462f043b41891d74

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

ole32

shlwapi

user32

kernel32

Sections

.text Size: 61KB - Virtual size: 61KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 8KB

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 8KB