15fecf1edee603ce57bbd4e1279aeff3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15fecf1edee603ce57bbd4e1279aeff3_JaffaCakes118
Size

718KB
MD5

15fecf1edee603ce57bbd4e1279aeff3
SHA1

50a4147c568c06b45a6544ff5cbd1f98614da666
SHA256

41a718552315b74e09f89cd21e77b3cc693c6ae454066988f5660f045acc740f
SHA512

68a20e99a38289905f374d971bcde6f25127f81218692721efe3b67329d613ade18a111317598016787fbb20ee2d6a6f47fbee1fdb662faaef7cdad08c9392dd
SSDEEP

12288:yoAOlX1Oj/IUADXYCP5otFV3lzhZz2LM0K2mhAMJ/cPlJJigZDL:yoblX12ITh5oBlzhZzIMR2O/GlJJJX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15fecf1edee603ce57bbd4e1279aeff3_JaffaCakes118

Files

15fecf1edee603ce57bbd4e1279aeff3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5782ec928ab82752e44599ca13f97d17

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
SetEndOfFile
CopyFileA
GetDriveTypeA
SearchPathA
GetEnvironmentVariableA
GetSystemDirectoryA
GetWindowsDirectoryA
SizeofResource
FlushFileBuffers
SetFileAttributesA
FreeResource
FormatMessageA
MulDiv
GetVersion
SetPriorityClass
GetPriorityClass
GetCurrentProcess
GetVersionExA
GlobalMemoryStatus
GetLocaleInfoA
QueryPerformanceCounter
GetTimeFormatA
CompareFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GetSystemTime
GetCurrentThreadId
SetCommState
GetCommState
SetCommTimeouts
GetCommTimeouts
ClearCommError
GetOverlappedResult
WaitCommEvent
PurgeComm
OutputDebugStringA
GetTempFileNameA
SuspendThread
GetCommandLineA
SetCurrentDirectoryA
MoveFileA
FileTimeToLocalFileTime
GetFileTime
GetDiskFreeSpaceExA
WaitForSingleObject
SetCommMask
CreateEventA
Beep
GetComputerNameA
GetLogicalDrives
OpenProcess
GetCurrentThread
GetTimeZoneInformation
GetUserDefaultLCID
LoadResource
QueryPerformanceFrequency
CreateProcessA
SetEnvironmentVariableA
HeapAlloc
HeapFree
GetProcessHeap
HeapSize
HeapSetInformation
GetStartupInfoW
HeapCreate
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
RaiseException
ExitProcess
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringW
GetStringTypeW
HeapReAlloc
GetConsoleCP
GetConsoleMode
LoadLibraryW
RtlUnwind
SetStdHandle
WriteConsoleW
CreateFileW
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
SetErrorMode
GetVolumeInformationA
LoadLibraryA
GetProcAddress
FreeLibrary
GetFullPathNameA
RemoveDirectoryA
CreateDirectoryA
GetCurrentDirectoryA
ExpandEnvironmentStringsA
FindFirstFileA
FindClose
FindNextFileA
GetFileAttributesA
WideCharToMultiByte
DeleteFileA
GetDateFormatA
WriteFile
lstrlenA
MultiByteToWideChar
OpenMutexA
CreateMutexA
GetLastError
SetFilePointer
ReadFile
GetPrivateProfileIntA
ResumeThread
CreateThread
lstrcmpA
GetTickCount
GetLocalTime
Sleep
TerminateProcess
TerminateThread
ReleaseMutex
GetTempPathA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcmpiA
lstrcpynA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleHandleA
GetModuleFileNameA
CreateFileA
GetFileSize
CloseHandle
lstrcatA
lstrcpyA
GetExitCodeProcess

gdi32

LPtoDP
SetTextColor
SetBkMode
CreateSolidBrush
CreatePen
Rectangle
GetDIBits
CreateFontA
CreateFontIndirectA
CreateCompatibleBitmap
StretchBlt
GetStockObject
GetDeviceCaps
SetPixel
CreateCompatibleDC
SelectObject
GetObjectA
CreateBitmap
GetPixel
SetBkColor
BitBlt
DeleteDC
GetTextMetricsA
DeleteObject

user32

ChangeDisplaySettingsA
CallNextHookEx
SetKeyboardState
keybd_event
GetDoubleClickTime
mouse_event
SetCursorPos
GetWindowLongA
SendMessageTimeoutA
FindWindowA
SetFocus
SetActiveWindow
BringWindowToTop
IsIconic
GetDesktopWindow
GetMenuStringA
GetMenuItemInfoA
GetSubMenu
GetMenu
IsMenu
VkKeyScanA
GetSystemMenu
PeekMessageA
RegisterClassA
GetClassInfoA
GetFocus
AttachThreadInput
GetWindowThreadProcessId
GetClassNameA
SetWindowTextA
IsWindowEnabled
GetParent
CheckDlgButton
IsDlgButtonChecked
IsZoomed
SetWindowLongA
EnableWindow
SetWindowPos
ShowCursor
PtInRect
WindowFromPoint
EndPaint
BeginPaint
GetClipboardData
IsClipboardFormatAvailable
DrawIconEx
EnumWindows
GetClassInfoExA
wvsprintfA
WaitForInputIdle
ExitWindowsEx
CallWindowProcA
SetCursor
TranslateMessage
DispatchMessageA
GetMessageA
MessageBoxA
UpdateWindow
SetForegroundWindow
CreatePopupMenu
AppendMenuA
GetCursorPos
TrackPopupMenu
GetMenuItemCount
DestroyMenu
KillTimer
SendMessageA
SetWindowsHookExA
GetForegroundWindow
GetWindowTextA
GetAsyncKeyState
GetTopWindow
SystemParametersInfoA
SetTimer
UnhookWindowsHookEx
IsWindow
DestroyWindow
ShowWindow
PostQuitMessage
DefWindowProcA
wsprintfA
GetKeyState
MapVirtualKeyA
DrawTextA
CopyRect
IsWindowVisible
InvalidateRect
GetSysColor
SetClipboardData
GetClientRect
CloseClipboard
GetDC
CreateCursor
LoadIconA
GetSystemMetrics
LoadImageA
LoadCursorA
RegisterClassExA
SetRect
CreateWindowExA
GetWindow
GetDlgItem
ReleaseDC
GetWindowRect
OpenClipboard
GetNextDlgTabItem
EmptyClipboard
LoadAcceleratorsA
PostMessageA
TranslateAcceleratorA
EnumChildWindows
IsDialogMessageA

advapi32

RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
ControlService
StartServiceA
ChangeServiceConfigA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
GetUserNameA
RegEnumValueA
RegEnumKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegQueryInfoKeyA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

comctl32

ImageList_Draw
ord17
InitCommonControlsEx

shell32

ShellExecuteA
SHGetMalloc
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHFileOperationA
FindExecutableA
SHChangeNotify
ExtractIconExA
SHGetPathFromIDListA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

ole32

CoCreateInstance
OleUninitialize
CLSIDFromProgID
OleInitialize
CreateStreamOnHGlobal
CoUninitialize
CoInitialize

oleaut32

SafeArrayGetElement
VariantClear
SysAllocString
SafeArrayGetUBound

odbc32

ord10
ord31
ord9
ord2
ord43
ord13
ord54
ord24
ord6
ord18
ord11
ord45
ord7
ord50
ord1
ord57

Sections

.text
Size: 351KB - Virtual size: 351KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5782ec928ab82752e44599ca13f97d17

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

advapi32

comdlg32

comctl32

shell32

version

ole32

oleaut32

odbc32

Sections

.text Size: 351KB - Virtual size: 351KB

.rdata Size: 97KB - Virtual size: 96KB

.data Size: 6KB - Virtual size: 37KB

.rsrc Size: 191KB - Virtual size: 190KB

.reloc Size: 31KB - Virtual size: 30KB

.text
Size: 351KB - Virtual size: 351KB

.rdata
Size: 97KB - Virtual size: 96KB

.data
Size: 6KB - Virtual size: 37KB

.rsrc
Size: 191KB - Virtual size: 190KB

.reloc
Size: 31KB - Virtual size: 30KB