179a81e1174983c3e0daa57cb85d745d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

179a81e1174983c3e0daa57cb85d745d_JaffaCakes118
Size

338KB
MD5

179a81e1174983c3e0daa57cb85d745d
SHA1

656b2b7cb178f2cef1ada8dc2197587e680740af
SHA256

332c59bfef437e08870e955030bfbbd2e56b3ccf257b87f38c3318f39860de58
SHA512

2f0ec1974759cbc3294691d45e50fd66854b6199f35e64743eaad60540cf03f26c001fd229c05b1ecc0300744e76aeeb7967e391dd0b6ecf50984ea788846a59
SSDEEP

6144:X44EAEGxYSNuwZN+P0GUcjfmlqLErpeKmDXmBSs0AKUEURq7X13SvPHg:X42pYSJ+Pq8+lh/mDXy0AKUHEz1Cvvg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
179a81e1174983c3e0daa57cb85d745d_JaffaCakes118

Files

179a81e1174983c3e0daa57cb85d745d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b873bc1fd9e03ba8780ebde50b4075e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasGetErrorStringA

advapi32

ClearEventLogA
RegNotifyChangeKeyValue
NotifyChangeEventLog

kernel32

GetStartupInfoA
GetTapePosition
DeleteCriticalSection
GlobalGetAtomNameW
GetBinaryTypeA
CommConfigDialogW
BackupSeek
CreateProcessW
DeleteFileW
GetModuleHandleA

user32

GetMessageTime
DestroyMenu
DrawEdge
WaitForInputIdle
IsDialogMessageA
DispatchMessageA
SendMessageCallbackA
SetWinEventHook
GetDlgCtrlID
ReuseDDElParam
GetMenu
GetWindowModuleFileNameA
DdePostAdvise
RegisterClassExA
IsIconic
SendMessageW
WinHelpW
LoadAcceleratorsA
GetWindowLongA
RemovePropA
EndDeferWindowPos
SetClassLongA
LoadMenuA
GetMenuContextHelpId
GetMenuItemInfoW
IsDlgButtonChecked
DlgDirListA
MessageBeep
SubtractRect
KillTimer
LoadImageW
CopyAcceleratorTableA
ShowCursor
HideCaret
GetForegroundWindow
SetDlgItemTextW
ModifyMenuW
TranslateAcceleratorA
GetDialogBaseUnits
SendMessageCallbackW
CharNextA
DefDlgProcA
DdeConnect
GetUserObjectSecurity
GetWindowTextW
SendMessageTimeoutA
LoadCursorFromFileA
DlgDirSelectComboBoxExA
MsgWaitForMultipleObjects
IsCharAlphaNumericA
OemToCharW
GetMenuStringA
CharLowerBuffW
GetActiveWindow
LoadMenuIndirectW
UnregisterHotKey
TranslateMDISysAccel
GetFocus
GetCursor
CallMsgFilterA
SetSystemCursor
CreateCursor
DlgDirListW
GetCursorPos
ImpersonateDdeClientWindow
CreateDialogParamW
LoadCursorA
CloseDesktop
EnableScrollBar
MsgWaitForMultipleObjectsEx
DialogBoxIndirectParamA
PostThreadMessageA
SetWindowsHookExW
RegisterClipboardFormatW
DlgDirSelectExA
SetScrollInfo
SetKeyboardState
DefWindowProcW
DefDlgProcW
GetWindowTextLengthW
SetWindowContextHelpId
PostThreadMessageW
GetCaretBlinkTime
OpenInputDesktop
DrawFocusRect
IntersectRect
GetSysColor
VkKeyScanA
CharLowerW
CharUpperW
ScrollWindowEx
GetClassWord
PtInRect
CreateDialogIndirectParamA
SetCapture
NotifyWinEvent
UnregisterClassA
GetMessagePos
EmptyClipboard
LoadBitmapW
CloseClipboard
SendDlgItemMessageW
CloseWindow
OemToCharBuffA
SetRectEmpty
SetWindowPos
AppendMenuA
CreatePopupMenu
RedrawWindow
InsertMenuItemW
GetClassNameA
ChangeMenuA
ShowWindow
DrawIcon
DdeQueryStringA
CharToOemW
SetDlgItemTextA
DefMDIChildProcA
GetClipboardFormatNameW
SetMenuDefaultItem
DialogBoxIndirectParamW
ReplyMessage
AdjustWindowRectEx
GetDCEx
GetAsyncKeyState
GetKeyboardType
SetPropW
GetLastActivePopup
EnableMenuItem
OemKeyScan
SystemParametersInfoW
CharLowerBuffA
UpdateWindow
GetClipCursor
DdeEnableCallback
SetWindowsHookA
EqualRect
GetDlgItemInt
PeekMessageW
IsWindowUnicode
WaitMessage
CallWindowProcA
DdeUnaccessData
DestroyIcon
VkKeyScanW
LoadIconA
DlgDirListComboBoxW
DdeAccessData
GetMessageW
GetMessageA
MapDialogRect
CreateIconIndirect
DdeInitializeA
InflateRect
InSendMessage
SetMenuContextHelpId
UnregisterClassW
SetMessageQueue
SetUserObjectInformationA
CountClipboardFormats
MapVirtualKeyW
OpenDesktopW
GetWindowModuleFileNameW
EnumWindows
GetTopWindow
GetKeyboardLayoutNameW
GetKeyNameTextA
SetProcessWindowStation
SetTimer
DispatchMessageW
EnumDisplaySettingsA
CreateMDIWindowW
VkKeyScanExW
SetMenuItemInfoW
FindWindowA
DestroyCaret
DrawStateA
EnumWindowStationsW
DdeGetLastError
GetNextDlgTabItem
WINNLSEnableIME
CharLowerA
CheckMenuRadioItem
ShowCaret
GetWindowTextA
LoadImageA
GetSubMenu
CreateIconFromResource
CreateCaret
GetClassInfoW
ChangeDisplaySettingsExW
CreateWindowStationW
GetDesktopWindow
IsRectEmpty
ChangeClipboardChain
IsCharLowerA
IsMenu
IsWindow
DdeQueryNextServer
ActivateKeyboardLayout
SetWindowLongA
CharUpperBuffW
RegisterClassA
GetKeyboardState
OemToCharA
SetLastErrorEx
GetScrollPos
CreateIconFromResourceEx
EnumPropsExW
TranslateMessage
ChildWindowFromPoint
LoadBitmapA
MessageBoxIndirectA
GetPriorityClipboardFormat

msvcrt

_XcptFilter
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_exit

shlwapi

SHEnumKeyExW
PathParseIconLocationW
PathFindOnPathA
PathAppendA
SHDeleteValueW
PathIsURLA
PathRelativePathToA
PathFileExistsA
PathAddBackslashA
PathRemoveBackslashA
PathGetArgsA
PathMakePrettyA
PathAppendW
PathRemoveArgsA
PathIsRootW
PathSkipRootW
StrNCatA
SHRegOpenUSKeyA
PathRenameExtensionA
PathSetDlgItemPathW
PathIsUNCW
PathIsURLW
StrToIntW
PathAddBackslashW
PathCanonicalizeA
PathIsPrefixW
PathFindExtensionW
PathCombineA
SHDeleteValueA
PathFindFileNameA
StrDupA
SHRegWriteUSValueA
PathIsUNCServerW
SHCreateShellPalette
SHRegDeleteUSValueA
PathStripPathA
PathRemoveFileSpecW
PathQuoteSpacesA
StrNCatW
PathGetArgsW
PathIsRelativeA
PathIsUNCServerShareW
SHDeleteEmptyKeyA
StrDupW
PathMatchSpecA
PathGetDriveNumberW
StrCSpnW
StrCpyW
PathRemoveArgsW
StrIsIntlEqualW
PathRemoveFileSpecA
PathSearchAndQualifyW
PathSearchAndQualifyA
PathCanonicalizeW
PathRenameExtensionW
PathSkipRootA
SHOpenRegStreamA
StrTrimW
PathCommonPrefixA
SHRegEnumUSValueW
PathStripToRootW
StrTrimA
SHSetValueA
SHRegQueryUSValueW
PathGetDriveNumberA
SHSetValueW

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1011KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b873bc1fd9e03ba8780ebde50b4075e4

Headers

File Characteristics

Imports

rasapi32

advapi32

kernel32

user32

msvcrt

shlwapi

Sections

.text Size: 104KB - Virtual size: 101KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 1011KB

.rsrc Size: 24KB - Virtual size: 21KB

.text
Size: 104KB - Virtual size: 101KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 1011KB

.rsrc
Size: 24KB - Virtual size: 21KB