12e3e1deac8994336ad9a057232a3040_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

12e3e1deac8994336ad9a057232a3040_JaffaCakes118
Size

36KB
MD5

12e3e1deac8994336ad9a057232a3040
SHA1

c2832ac38a031f850a3b5b692f94ce93751eb572
SHA256

c69ce968a362f966c13b90a15b44bb1a38592f4f747743994396c8e31721c844
SHA512

72ff3bed66774e8fc8a82bee42ebff02473f24d2f941bd88cb4af576347362918cee21dfa22e647eded735d35cd66910df470da6f7ca9ecc8738de544be6de8a
SSDEEP

768:iVucE8cRa8EoQE7dHUIcBWMhfdjChOCGgdO3xui88:iccEpRUNBWMVDCFu88

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12e3e1deac8994336ad9a057232a3040_JaffaCakes118

Files

12e3e1deac8994336ad9a057232a3040_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6237ffd97640a3560be09e9e60d69c24

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
AddAtomW
AddConsoleAliasA
BackupWrite
Beep
BeginUpdateResourceW
BuildCommDCBAndTimeoutsW
CallNamedPipeW
CancelDeviceWakeupRequest
ClearCommError
ConnectNamedPipe
ContinueDebugEvent
ConvertThreadToFiber
CopyFileExA
CreateDirectoryExW
CreateEventA
CreateFiber
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateJobObjectW
CreateMailslotA
CreateMutexA
CreatePipe
CreateProcessW
CreateRemoteThread
CreateThread
CreateTimerQueue
CreateWaitableTimerA
CreateWaitableTimerW
DebugBreak
DefineDosDeviceA
DeleteFiber
DeleteFileA
DeleteTimerQueueEx
DeleteVolumeMountPointW
DeviceIoControl
EnterCriticalSection
EnumCalendarInfoA
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceNamesW
EnumResourceTypesW
EnumSystemCodePagesW
EnumSystemLanguageGroupsA
EnumSystemLocalesA
EnumSystemLocalesW
EnumUILanguagesA
EraseTape
ExitProcess
FatalAppExitA
FatalAppExitW
FileTimeToLocalFileTime
FindAtomW
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstFileExW
FindFirstVolumeA
FindFirstVolumeW
FindNextVolumeA
FindNextVolumeMountPointA
FindNextVolumeW
FindResourceA
FindVolumeClose
FindVolumeMountPointClose
FlushViewOfFile
FoldStringW
FormatMessageA
FormatMessageW
FreeConsole
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetAtomNameW
GetCPInfoExA
GetCalendarInfoA
GetCommandLineW
GetCompressedFileSizeA
GetConsoleAliasExesA
GetConsoleAliasExesLengthA
GetConsoleAliasesLengthW
GetConsoleFontSize
GetCurrentThreadId
GetDefaultCommConfigA
GetDefaultCommConfigW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesW
GetFileInformationByHandle
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocalTime
GetLogicalDriveStringsA
GetLogicalDrives
GetLongPathNameA
GetModuleHandleW
GetNamedPipeInfo
GetNumberFormatA
GetNumberOfConsoleInputEvents
GetOverlappedResult
GetPrivateProfileSectionW
GetProcessHeaps
GetProcessPriorityBoost
GetProcessShutdownParameters
GetProcessVersion
GetProfileSectionA
GetQueuedCompletionStatus
GetShortPathNameW
GetStartupInfoW
GetStdHandle
GetStringTypeExW
GetStringTypeW
GetSystemDefaultLCID
GetSystemDefaultLangID
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTapeStatus
GetTempPathW
GetThreadContext
GetTimeFormatW
GetUserDefaultLangID
GetVersionExA
GetVolumeInformationW
GetWindowsDirectoryA
GetWriteWatch
GlobalCompact
GlobalDeleteAtom
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalUnWire
Heap32ListFirst
Heap32ListNext
Heap32Next
HeapCompact
HeapUnlock
IsBadHugeReadPtr
IsBadReadPtr
IsBadStringPtrW
IsDBCSLeadByte
IsDebuggerPresent
IsProcessorFeaturePresent
IsSystemResumeAutomatic
IsValidLanguageGroup
LoadLibraryW
LocalShrink
LocalSize
LocalUnlock
MapViewOfFile
Module32First
Module32FirstW
MoveFileWithProgressA
MultiByteToWideChar
OpenEventA
OpenFileMappingA
OpenSemaphoreA
OpenSemaphoreW
PeekConsoleInputW
Process32First
Process32FirstW
Process32Next
ProcessIdToSessionId
QueryDosDeviceA
QueryDosDeviceW
QueueUserAPC
QueueUserWorkItem
ReadConsoleOutputAttribute
ReadConsoleOutputCharacterA
ReadProcessMemory
ReleaseSemaphore
ReplaceFile
ResumeThread
RtlMoveMemory
ScrollConsoleScreenBufferA
SearchPathA
SearchPathW
SetCalendarInfoA
SetCommState
SetCommTimeouts
SetComputerNameExW
SetConsoleCursor
SetConsoleMode
SetConsoleTitleW
SetCriticalSectionSpinCount
SetCurrentDirectoryW
SetEnvironmentVariableW
SetErrorMode
SetFilePointer
SetHandleInformation
SetNamedPipeHandleState
SetPriorityClass
SetProcessPriorityBoost
SetProcessWorkingSetSize
SetStdHandle
SetTapeParameters
SetThreadIdealProcessor
SetThreadLocale
SetThreadPriorityBoost
SetTimerQueueTimer
SetUnhandledExceptionFilter
SetVolumeMountPointA
SetWaitableTimer
SetupComm
TerminateJobObject
TerminateProcess
Thread32First
TlsAlloc
TlsGetValue
Toolhelp32ReadProcessMemory
UnhandledExceptionFilter
UnlockFileEx
UnregisterWait
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualQuery
WinExec
WriteConsoleA
WriteConsoleOutputAttribute
WriteFile
WriteFileEx
WritePrivateProfileStringA
WritePrivateProfileStringW
WriteProcessMemory
WriteProfileSectionA
WriteProfileSectionW
WriteProfileStringA
_hwrite
_lread
_lwrite
lstrcat
lstrcmp
lstrcmpi
lstrcmpiA
lstrcpyW
lstrcpyn
lstrcpynW
lstrlenW
GetModuleHandleA
GetProcAddress
CreateFileW
GetWindowsDirectoryW
GetCurrentProcess
RtlUnwind

user32

BeginPaint
BlockInput
BroadcastSystemMessageA
BroadcastSystemMessageW
CallNextHookEx
CallWindowProcW
ChangeClipboardChain
ChangeDisplaySettingsA
ChangeDisplaySettingsExA
ChangeDisplaySettingsExW
CharLowerBuffA
CharLowerBuffW
CharLowerW
CharNextA
CharNextW
CharToOemBuffW
CharUpperBuffA
CharUpperBuffW
CharUpperW
CheckDlgButton
ChildWindowFromPoint
ChildWindowFromPointEx
CopyAcceleratorTableW
CopyIcon
CopyRect
CountClipboardFormats
CreateAcceleratorTableA
CreateAcceleratorTableW
CreateDesktopW
CreateDialogIndirectParamW
CreateIcon
CreateIconIndirect
CreateWindowExW
DdeClientTransaction
DdeCreateDataHandle
DdeCreateStringHandleA
DdeCreateStringHandleW
DdeDisconnectList
DdeEnableCallback
DdeGetData
DdeGetLastError
DdeInitializeW
DdeNameService
DdePostAdvise
DdeQueryConvInfo
DdeQueryStringW
DdeReconnect
DdeUnaccessData
DdeUninitialize
DefFrameProcA
DefMDIChildProcW
DefWindowProcA
DeferWindowPos
DestroyCaret
DispatchMessageW
DlgDirListA
DlgDirListW
DlgDirSelectComboBoxExW
DlgDirSelectExW
DragDetect
DragObject
DrawAnimatedRects
DrawFrame
DrawFrameControl
DrawMenuBar
DrawStateA
DrawStateW
DrawTextExA
DrawTextW
EmptyClipboard
EnableMenuItem
EnumDesktopWindows
EnumDesktopsA
EnumDisplayDevicesA
EnumDisplaySettingsExA
EnumDisplaySettingsW
EnumPropsExW
EnumPropsW
EnumThreadWindows
EnumWindowStationsA
ExcludeUpdateRgn
FillRect
FlashWindow
FreeDDElParam
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoExA
GetClassInfoW
GetClassLongA
GetClassLongW
GetClientRect
GetComboBoxInfo
GetCursor
GetDialogBaseUnits
GetDlgCtrlID
GetDlgItem
GetDoubleClickTime
GetForegroundWindow
GetGuiResources
GetInputDesktop
GetKBCodePage
GetKeyNameTextW
GetKeyboardLayoutList
GetKeyboardLayoutNameW
GetKeyboardType
GetLastActivePopup
GetListBoxInfo
GetMenuBarInfo
GetMenuContextHelpId
GetMenuDefaultItem
GetMenuItemInfoW
GetMenuItemRect
GetMenuState
GetMenuStringW
GetMessageA
GetMessagePos
GetMonitorInfoA
GetMonitorInfoW
GetMouseMovePointsEx
GetQueueStatus
GetScrollBarInfo
GetScrollInfo
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetTabbedTextExtentW
GetThreadDesktop
GetUserObjectInformationW
GetUserObjectSecurity
GetWindowLongA
GetWindowLongW
GetWindowModuleFileNameW
GetWindowPlacement
GetWindowRgn
GetWindowTextW
GrayStringW
HiliteMenuItem
IMPGetIMEW
IMPQueryIMEW
IMPSetIMEW
InSendMessageEx
InflateRect
InsertMenuW
IsCharAlphaNumericW
IsCharUpperA
IsChild
IsDialogMessage
IsRectEmpty
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsA
LoadBitmapW
LoadCursorFromFileA
LoadImageA
LoadImageW
LoadMenuA
LoadStringA
LoadStringW
LockWindowUpdate
LockWorkStation
LookupIconIdFromDirectory
MapVirtualKeyExW
MessageBeep
MessageBoxA
MessageBoxExA
MessageBoxW
ModifyMenuA
MoveWindow
MsgWaitForMultipleObjectsEx
OemKeyScan
OemToCharBuffW
OpenClipboard
OpenIcon
OpenInputDesktop
OpenWindowStationA
PeekMessageA
PostQuitMessage
RedrawWindow
RegisterClassA
RegisterClassExA
RegisterDeviceNotificationA
RegisterDeviceNotificationW
RegisterShellHookWindow
RegisterWindowMessageA
RegisterWindowMessageW
ReuseDDElParam
ScrollWindow
ScrollWindowEx
SendDlgItemMessageA
SendDlgItemMessageW
SendIMEMessageExA
SendIMEMessageExW
SendInput
SendMessageA
SendMessageCallbackA
SendMessageCallbackW
SendMessageTimeoutW
SendNotifyMessageA
SendNotifyMessageW
SetActiveWindow
SetCaretPos
SetClassLongA
SetCursorPos
SetDebugErrorLevel
SetDeskWallpaper
SetFocus
SetMenu
SetMenuContextHelpId
SetMenuInfo
SetMenuItemBitmaps
SetMenuItemInfoW
SetMessageQueue
SetPropA
SetScrollInfo
SetShellWindow
SetThreadDesktop
SetUserObjectInformationW
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextA
SetWindowTextW
ShowCaret
ShowCursor
SubtractRect
SwitchToThisWindow
SystemParametersInfoA
ToUnicode
TranslateAcceleratorA
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnpackDDElParam
UnregisterClassA
UpdateLayeredWindow
VkKeyScanA
VkKeyScanExW
WaitMessage
WinHelpW
mouse_event
GetSystemMenu
AttachThreadInput
ActivateKeyboardLayout

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6237ffd97640a3560be09e9e60d69c24

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 30KB - Virtual size: 30KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 30KB - Virtual size: 30KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB