17172c64765759c9f9ab85f6c4d6f2cd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

17172c64765759c9f9ab85f6c4d6f2cd_JaffaCakes118
Size

6.3MB
MD5

17172c64765759c9f9ab85f6c4d6f2cd
SHA1

4a0378427dd4984826ce1d8e794c57b970cc7a5b
SHA256

e236ef252b815953f565c5b752cc8efb869e18be1235d1720a10acf2dac9a889
SHA512

b201853302ed90d74c6118a577ea5b80be46d8e26b17fb733468052c19c3b0e1c1be374eaca70b1d40c177fc875497051f2443dc7062254cfbe7928b56500b1f
SSDEEP

98304:M5xjXUgJkPsy24OzT1qnk1lBI4lDvz+cagCiTJWg14815Ee2ur9o9:M5xjX9JkPHs/N1lBIOvqDo9xji9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17172c64765759c9f9ab85f6c4d6f2cd_JaffaCakes118

Files

17172c64765759c9f9ab85f6c4d6f2cd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

150ab8234ab797114bea78e032d8365b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

CryptReleaseContext
CryptSetHashParam
CryptSignHashA
GetFileSecurityW
GetTokenInformation
GetUserNameA
GetUserNameW
IsTextUnicode
LookupAccountSidW
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegCreateKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExA
RegOpenKeyExW
RegOpenKeyW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegQueryValueW
RegRestoreKeyW
RegSaveKeyExW
RegSetValueExW
RegSetValueW
SetFileSecurityW

kernel32

CloseHandle
CreateFileA
CreateFileMappingA
CreateProcessW
CreateSemaphoreW
CreateThread
CreateTimerQueueTimer
DecodePointer
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeleteTimerQueueTimer
DeviceIoControl
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumResourceLanguagesW
EnumResourceNamesW
EnumResourceTypesW
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FindResourceExW
FindResourceW
FlushFileBuffers
FlushInstructionCache
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCompressedFileSizeW
GetComputerNameA
GetComputerNameW
GetConsoleCP
GetConsoleMode
GetCurrencyFormatW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalDriveStringsW
GetLogicalProcessorInformation
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetNumaHighestNodeNumber
GetNumberFormatW
GetOEMCP
GetPrivateProfileIntW
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
GetPrivateProfileStringW
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProfileIntW
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeExW
GetStringTypeW
GetSystemDefaultLCID
GetSystemDefaultUILanguage
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathW
GetThreadLocale
GetThreadPriority
GetThreadTimes
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultUILanguage
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFlags
GlobalFree
GlobalGetAtomNameW
GlobalHandle
GlobalLock
GlobalMemoryStatusEx
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapQueryInformation
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
IsBadStringPtrW
IsDBCSLeadByteEx
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalReAlloc
LockFile
LockResource
MapViewOfFile
MoveFileA
MoveFileW
MulDiv
MultiByteToWideChar
OpenFileMappingA
OpenProcess
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
RegisterWaitForSingleObject
ReleaseSemaphore
RemoveDirectoryW
ReplaceFileW
ResetEvent
ResumeThread
RtlUnwind
SearchPathW
SetConsoleCtrlHandler
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleCount
SetLastError
SetStdHandle
SetThreadAffinityMask
SetThreadPriority
SetUnhandledExceptionFilter
SetVolumeLabelW
SignalObjectAndWait
SizeofResource
Sleep
SuspendThread
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
TzSpecificLocalTimeToSystemTime
UnhandledExceptionFilter
UnlockFile
UnmapViewOfFile
UnregisterWait
UnregisterWaitEx
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileStringW
WriteProcessMemory
lstrcatW
lstrcmpA
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winspool.drv

GetJobW
OpenPrinterW

comctl32

ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetImageCount

gdi32

CreateHatchBrush
CreatePalette
CreatePatternBrush
CreatePen
CreatePolyPolygonRgn
CreatePolygonRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
DPtoLP
DeleteDC
DeleteObject
Ellipse
EndDoc
EndPage
EnumFontFamiliesExW
EnumFontFamiliesW
Escape
ExcludeClipRect
ExtCreatePen
ExtCreateRegion
ExtFloodFill
ExtSelectClipRgn
ExtTextOutW
FillPath
FrameRgn
GdiFlush
GetBitmapBits
GetBitmapDimensionEx
GetBkColor
GetBkMode
GetBoundsRect
GetCharWidthW
GetClipBox
GetClipRgn
GetCurrentObject
GetCurrentPositionEx
GetDIBits
GetDeviceCaps
GetLayout
GetMapMode
GetNearestColor
GetNearestPaletteIndex
GetObjectA
GetObjectType
GetObjectW
GetPaletteEntries
GetPixel
GetPolyFillMode
GetROP2
GetRegionData
GetRgnBox
GetStockObject
GetStretchBltMode
GetSystemPaletteEntries
GetTextAlign
GetTextCharsetInfo
GetTextColor
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextFaceW
GetTextMetricsW
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
IntersectClipRect
LPtoDP
LineTo
MoveToEx
OffsetClipRgn
OffsetRgn
OffsetViewportOrgEx
OffsetWindowOrgEx
PatBlt
PolyBezierTo
Polyline
PtInRegion
PtVisible
RealizePalette
RectVisible
Rectangle
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectObject
SelectPalette
SetAbortProc
SetArcDirection
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetLayout
SetMapMode
SetPaletteEntries
SetPixel
SetPixelFormat
SetPixelV
SetPolyFillMode
SetROP2
SetRectRgn
SetStretchBltMode
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StartDocW
StartPage
StretchDIBits
StrokeAndFillPath
StrokePath
TextOutW
UnrealizeObject
FillRgn

msimg32

TransparentBlt

shell32

SHGetFileInfoW
ShellExecuteExW
ShellExecuteW
StrStrIW

user32

CopyAcceleratorTableW
CopyIcon
CopyImage
CopyRect
CountClipboardFormats
CreateAcceleratorTableW
CreateDialogIndirectParamW
CreateIconFromResourceEx
CreateIconIndirect
CreatePopupMenu
CreateWindowExW
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeleteMenu
DestroyAcceleratorTable
DestroyCaret
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawStateW
DrawTextExW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndDialog
EnumChildWindows
EnumDisplayDevicesW
EnumDisplayMonitors
EnumThreadWindows
EnumWindows
EqualRect
FillRect
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetCaretPos
GetClassInfoExW
GetClassInfoW
GetClassLongW
GetClassNameW
GetClientRect
GetClipboardData
GetComboBoxInfo
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDialogBaseUnits
GetDlgCtrlID
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextW
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardState
GetLastActivePopup
GetMenuCheckMarkDimensions
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMenuStringW
GetMessagePos
GetMessageTime
GetMessageW
GetMonitorInfoW
GetNextDlgGroupItem
GetNextDlgTabItem
GetParent
GetPropW
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetTabbedTextExtentA
GetTabbedTextExtentW
GetTopWindow
GetUpdateRect
GetWindowContextHelpId
GetWindowDC
GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GetWindowWord
GrayStringW
HideCaret
InflateRect
InsertMenuItemW
InsertMenuW
IntersectRect
InvalidateRect
InvalidateRgn
InvertRect
IsCharLowerW
IsChild
IsClipboardFormatAvailable
IsDialogMessageW
IsIconic
IsMenu
IsRectEmpty
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsW
LoadBitmapW
LoadCursorW
LoadIconW
LoadImageW
LoadMenuW
LoadStringW
LockWindowUpdate
LookupIconIdFromDirectoryEx
MapDialogRect
MapVirtualKeyExW
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxW
ModifyMenuW
MonitorFromPoint
MonitorFromRect
MonitorFromWindow
MoveWindow
NotifyWinEvent
OffsetRect
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RealChildWindowFromPoint
RedrawWindow
RegisterClassExW
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ReuseDDElParam
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SendMessageTimeoutW
SendMessageW
SendNotifyMessageW
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongW
SetClipboardData
SetCursor
SetCursorPos
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetMenu
SetMenuDefaultItem
SetMenuItemBitmaps
SetMenuItemInfoW
SetParent
SetPropW
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowContextHelpId
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowCaret
ShowOwnedPopups
ShowScrollBar
ShowWindow
SubtractRect
SystemParametersInfoW
TabbedTextOutW
ToUnicodeEx
TrackMouseEvent
TrackPopupMenu
TrackPopupMenuEx
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnpackDDElParam
UnregisterClassW
UpdateLayeredWindow
UpdateWindow
ValidateRect
VkKeyScanExW
WaitMessage
WinHelpW
WindowFromDC
WindowFromPoint
mouse_event
wsprintfA
wsprintfW
wvsprintfW
GetSystemMenu

winmm

PlaySoundW

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTreatAsClass
CoUninitialize
CreateBindCtx
CreateFileMoniker
CreateGenericComposite
CreateILockBytesOnHGlobal
CreateItemMoniker
CreateStreamOnHGlobal
DoDragDrop
GetHGlobalFromILockBytes
IsAccelerator
OleCreate
OleCreateFromData
OleCreateFromFile
OleCreateLinkFromData
OleCreateLinkToFile
OleCreateMenuDescriptor
OleCreateStaticFromData
OleDestroyMenuDescriptor
OleDraw
OleDuplicateData
OleFlushClipboard
OleGetClipboard
OleGetIconOfClass
OleInitialize
OleIsCurrentClipboard
OleLoad
OleLockRunning
OleRegGetUserType
OleRun
OleSave
OleSaveToStream
OleSetContainedObject
OleSetMenuDescriptor
OleTranslateAccelerator
OleUninitialize
ReadClassStg
ReadFmtUserTypeStg
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
SetConvertStg
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
StringFromCLSID
StringFromGUID2
WriteClassStg
WriteClassStm
WriteFmtUserTypeStg

oleaut32

GetErrorInfo

shlwapi

StrCmpLogicalW
StrFormatByteSizeW
StrFormatKBSizeW
UrlUnescapeW

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloe
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

150ab8234ab797114bea78e032d8365b

Headers

File Characteristics

Imports

advapi32

kernel32

version

winspool.drv

comctl32

gdi32

msimg32

shell32

user32

winmm

imm32

ole32

oleaut32

shlwapi

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.data Size: 15KB - Virtual size: 14.1MB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 18KB - Virtual size: 20KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloe Size: 2.3MB - Virtual size: 2.3MB

.text
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 15KB - Virtual size: 14.1MB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 18KB - Virtual size: 20KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloe
Size: 2.3MB - Virtual size: 2.3MB