13a99426b443f2e5491069e02f0a1c44_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

13a99426b443f2e5491069e02f0a1c44_JaffaCakes118
Size

34KB
MD5

13a99426b443f2e5491069e02f0a1c44
SHA1

620d60de75f0dc4a75d8da68f1dfe0c449ea6f1e
SHA256

994734424734848843b39ee64cdedff1d7e094904638983d1a3376deecc4ecc3
SHA512

dceac1fd8d63c21469a7adac95abca23e5acc436378ba200b9ad821c546973165aa78ae543f7a751d7cf51967d6b761112fec3e5a2f8e487a6e13c8360565b33
SSDEEP

384:m0Igqh9Y+SlhUfr9q7jAN3GT86IrIsAo3LmzxENiP40P5MWgJWQWgm:m0IvjglU8HAd/6IksAo3LmzCm9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13a99426b443f2e5491069e02f0a1c44_JaffaCakes118

Files

13a99426b443f2e5491069e02f0a1c44_JaffaCakes118
.exe windows:5 windows x86 arch:x86

abe67e22c2ce3f7a52753425d07ff019

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
ExitProcess
VirtualAlloc

user32

GetClassLongA
GetCaretBlinkTime
GetAsyncKeyState
GetAltTabInfoA
GetActiveWindow
FlashWindow
FindWindowW
EqualRect
EnumPropsW
EnumDesktopWindows
EnumClipboardFormats
EndDialog
EnableScrollBar
DrawIcon
DlgDirSelectComboBoxExA
DlgDirListA
DestroyIcon
DestroyAcceleratorTable
DdeQueryStringA
DdeInitializeW
DdeConnect
CreateWindowStationW
CreateMDIWindowW
CloseWindowStation
ClipCursor
ClientToScreen
CharLowerW
BringWindowToTop
AppendMenuA
GetCursor
GetDC
GetDCEx
GetKeyboardState
GetMenuCheckMarkDimensions
GetMenuItemInfoW
GetMessagePos
GetMessageW
GetQueueStatus
GetScrollPos
GetSysColorBrush
GetTabbedTextExtentA
GetThreadDesktop
GetWindowTextA
InSendMessage
InsertMenuItemA
InsertMenuW
InvalidateRect
IsCharAlphaA
IsChild
IsClipboardFormatAvailable
IsRectEmpty
LoadCursorFromFileA
LoadCursorFromFileW
LoadImageA
LoadKeyboardLayoutA
LoadMenuA
LockWindowUpdate
MessageBeep
MsgWaitForMultipleObjects
MsgWaitForMultipleObjectsEx
PackDDElParam
PaintDesktop
PostThreadMessageW
PtInRect
RealGetWindowClassW
RegisterHotKey
RemovePropA
SendDlgItemMessageA
SendMessageA
SendMessageCallbackA
SendNotifyMessageA
SetClassWord
SetClipboardData
SetClipboardViewer
SetDebugErrorLevel
SetLayeredWindowAttributes
SetMenuContextHelpId
SetWindowsHookExA
ShowScrollBar
ShowWindow
SubtractRect
SystemParametersInfoA
WinHelpW
VkKeyScanExW
UnregisterHotKey
UnpackDDElParam
UnhookWindowsHook
ToUnicode
ToAscii
TileChildWindows

gdi32

AddFontResourceA
ColorMatchToTarget
BeginPath
BitBlt
GetCurrentObject
cGetTTFFromFOT
XLATEOBJ_hGetColorTransform
TranslateCharsetInfo
TextOutW
StrokeAndFillPath
StartFormPage
SetVirtualResolution
SetViewportOrgEx
SetGraphicsMode
SetBrushOrgEx
SetBoundsRect
SetBkColor
SetBitmapDimensionEx
STROBJ_bEnum
ResetDCW
RemoveFontResourceA
RemoveFontMemResourceEx
RectInRegion
Polyline
Polygon
Pie
PathToRegion
PatBlt
PaintRgn
GetTextFaceW
GetTextExtentPointA
GetTextExtentExPointI
GetTextCharacterExtra
GetRasterizerCaps
GetROP2
GetObjectA
GetMiterLimit
GetMetaFileW
GetMetaFileA
GetMapMode
GetLayout
GetICMProfileW
GetICMProfileA
GetEnhMetaFilePaletteEntries
GetETM
GetDCPenColor
CombineTransform
GetCharWidthI
GetCharABCWidthsFloatA
GetCharABCWidthsA
GetBoundsRect
GdiTransparentBlt
GdiRealizationInfo
GdiPlayEMF
GdiInitSpool
GdiGetSpoolMessage
GdiGetCodePage
GdiEntry4
GdiEntry12
GdiEntry11
GdiEndDocEMF
GdiConvertMetaFilePict
GdiAddFontResourceW
FloodFill
FONTOBJ_pvTrueTypeFontFile
ExtTextOutA
ExtSelectClipRgn
ExtCreateRegion
EudcUnloadLinkW
Escape
EnumICMProfilesA
EngTextOut
EngMultiByteToWideChar
EngMultiByteToUnicodeN
EngFreeModule
EngCreatePalette
EngCreateClip
EngAcquireSemaphore
DescribePixelFormat
DeleteMetaFile
CreateRectRgnIndirect
CreatePolygonRgn
CreatePenIndirect
CreatePen
CreatePatternBrush
CreateICW
CreateFontIndirectA
CreateEllipticRgnIndirect
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CheckColorsInGamut

advapi32

RegOpenKeyW

shell32

ShellAboutW
Shell_NotifyIconW
ShellExecuteW
ShellExecuteExA
ShellExecuteEx
SHPathPrepareForWriteW
SHLoadNonloadedIconOverlayIdentifiers
SHLoadInProc
SHInvokePrinterCommandW
CheckEscapesW
CommandLineToArgvW
DoEnvironmentSubstA
DoEnvironmentSubstW
DragQueryFileW
DuplicateIcon
ExtractAssociatedIconA
ExtractAssociatedIconExA
ExtractAssociatedIconExW
ExtractAssociatedIconW
ExtractIconA
ExtractIconEx
ExtractIconExA
ExtractIconExW
FindExecutableA
SHAppBarMessage
SHBrowseForFolder
SHBrowseForFolderA
SHBrowseForFolderW
SHCreateDirectoryExA
SHCreateDirectoryExW
SHCreateProcessAsUserW
SHEmptyRecycleBinW
SHFileOperation
SHFileOperationA
SHFileOperationW
SHFormatDrive
SHGetDesktopFolder
SHGetDiskFreeSpaceA
SHGetDiskFreeSpaceExA
SHGetFileInfo
SHGetFileInfoA
SHGetFolderLocation
SHGetFolderPathA
SHGetFolderPathW
SHGetInstanceExplorer
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
WOWShellExecute

ole32

FmtIdToPropStgName
GetHGlobalFromILockBytes
HBITMAP_UserSize
HDC_UserFree
HDC_UserMarshal
HENHMETAFILE_UserUnmarshal
HGLOBAL_UserSize
HICON_UserMarshal
IsEqualGUID
OleConvertOLESTREAMToIStorageEx
OleCreateEx
OleCreateLinkToFile
OleGetIconOfFile
OleIsRunning
OleMetafilePictFromIconAndLabel
OleQueryCreateFromData
OleRegGetUserType
OleUninitialize
OpenOrCreateStream
RegisterDragDrop
SNB_UserSize
STGMEDIUM_UserMarshal
StgGetIFillLockBytesOnILockBytes
StgPropertyLengthAsVariant
StringFromCLSID
StringFromGUID2
WdtpInterfacePointer_UserMarshal
WdtpInterfacePointer_UserSize
WriteClassStg
WriteClassStm
CreateFileMoniker
CoRegisterMallocSpy
CoIsHandlerConnected
CoInitialize
CoGetCallContext
CoDisconnectObject
CoDisableCallCancellation
CoCreateGuid
DoDragDrop

shlwapi

StrChrIW
StrCmpNIW
StrCmpNW
StrRChrA
StrRChrIW
StrRStrIW
StrStrIW
StrChrA

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ddg
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abe67e22c2ce3f7a52753425d07ff019

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 9KB - Virtual size: 9KB

.ddg Size: 13KB - Virtual size: 13KB

.data Size: 512B - Virtual size: 132B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 9KB

.ddg
Size: 13KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 132B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB