259a02d1e7a53c1e8b41f34ba4349c8a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

259a02d1e7a53c1e8b41f34ba4349c8a_JaffaCakes118
Size

332KB
MD5

259a02d1e7a53c1e8b41f34ba4349c8a
SHA1

83a524255e6b40ae96872e665a5dafbc79063305
SHA256

850bce20ba58edee919633e30f688d49b9241b66beb682f4e46f6b5eb2b411b7
SHA512

2aff5420a51401cfe94b07bd5105c83bb093bf3130f89820ad116295e18eb9c672537a8376e33ca5798aaaa2265902792d7e5a342b4a7773ecb7e750f1f350e9
SSDEEP

6144:RGrQ1lHs10ykMaOd/ME8oqFq/0pXr33bn5am4/T+a:P5pRlE88/0Jz574L+a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
259a02d1e7a53c1e8b41f34ba4349c8a_JaffaCakes118

Files

259a02d1e7a53c1e8b41f34ba4349c8a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86f381a35e519b31d9e0a389e86e0bdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetAddConnection3W
WNetAddConnectionW
MultinetGetConnectionPerformanceA
WNetEnumResourceA
WNetConnectionDialog1W
WNetGetConnectionW

shlwapi

PathIsUNCServerA
SHRegGetBoolUSValueA
SHQueryInfoKeyW
PathIsFileSpecW
PathMatchSpecW
PathFindNextComponentA
PathIsDirectoryA
SHEnumValueW
PathCanonicalizeW
StrDupA
StrToIntExW
PathFindFileNameA
SHDeleteKeyW
PathIsURLW
PathRemoveBlanksW
PathAddBackslashA
SHSetValueW
SHRegDeleteUSValueA
PathFindOnPathA
PathIsContentTypeW
StrCpyW
PathMatchSpecA
SHQueryValueExW
SHRegSetUSValueW
SHDeleteValueA
SHRegCreateUSKeyW
PathGetDriveNumberA
SHGetValueW
PathCompactPathW
PathRemoveBackslashA
PathRemoveFileSpecW
SHRegWriteUSValueW
PathRenameExtensionA
SHRegOpenUSKeyW
PathIsDirectoryW
PathRelativePathToA
SHRegCreateUSKeyA
SHRegDeleteEmptyUSKeyW
PathStripToRootA
StrCSpnIA
PathBuildRootA
ChrCmpIA
StrDupW
SHRegEnumUSValueW
SHRegQueryUSValueA
PathFindExtensionW
PathParseIconLocationA
PathIsPrefixA
PathCommonPrefixW
PathIsUNCServerW
PathIsURLA
PathRenameExtensionW
StrToIntExA
StrCmpW
PathUnmakeSystemFolderW
SHEnumKeyExA
StrPBrkA
PathIsRelativeA
SHSetValueA
SHRegQueryUSValueW
PathCombineA
SHRegOpenUSKeyA
PathQuoteSpacesA
StrPBrkW
PathStripPathA
PathCompactPathA
PathSetDlgItemPathA
PathSearchAndQualifyA
StrNCatW
StrToIntA
PathStripToRootW
PathAddExtensionW
SHOpenRegStreamA
SHRegGetBoolUSValueW
PathCommonPrefixA
PathRemoveBackslashW
SHRegEnumUSKeyW
PathSearchAndQualifyW
PathFindNextComponentW
SHDeleteKeyA
PathIsRootW
SHDeleteValueW
PathCompactPathExW
PathBuildRootW
PathFindOnPathW
StrTrimW
PathFindExtensionA
StrSpnA
PathFindFileNameW
SHGetValueA
PathRemoveArgsA
PathIsUNCW
PathIsRelativeW
StrCSpnW
SHRegDeleteEmptyUSKeyA
PathCanonicalizeA
PathRemoveFileSpecA
PathIsUNCServerShareW
PathCombineW
StrNCatA
StrFormatByteSizeA
PathMakePrettyW
SHQueryValueExA
StrToIntW
PathIsPrefixW
PathRemoveBlanksA
SHRegCloseUSKey
SHRegSetUSValueA
PathGetArgsA
PathAddBackslashW
PathIsUNCA
StrSpnW
StrFormatByteSizeW
PathUnquoteSpacesW
StrCSpnA
PathSkipRootW
PathIsSystemFolderW
PathAppendW
PathGetArgsW
PathRelativePathToW
PathUnmakeSystemFolderA
SHRegGetUSValueW
PathFileExistsW
PathStripPathW
StrCmpIW
SHRegQueryInfoUSKeyA
PathIsUNCServerShareA
SHDeleteEmptyKeyA
StrTrimA
PathAddExtensionA
StrCSpnIW
StrCatW
PathAppendA

rasapi32

RasCreatePhonebookEntryW
RasCreatePhonebookEntryA

ole32

OleRegEnumVerbs
WriteClassStm
CreateDataCache
CoTaskMemFree
CoGetTreatAsClass
HWND_UserMarshal
CoGetStandardMarshal
StgCreateDocfileOnILockBytes
CoRegisterPSClsid
CreatePointerMoniker
OleSetClipboard
OleCreateEx
ReleaseStgMedium
CreateILockBytesOnHGlobal
OleLockRunning
CoUninitialize
StgSetTimes
OleDraw
MonikerRelativePathTo
HPALETTE_UserFree
CoCreateInstance
CoRegisterClassObject
CoGetMarshalSizeMax
OleCreateFromFileEx
CoLockObjectExternal
CoIsOle1Class
CreateBindCtx
HBITMAP_UserFree
CoRevokeClassObject
HWND_UserFree
HGLOBAL_UserFree
OleLoadFromStream
OleCreateStaticFromData

user32

GetWindowTextLengthW
TranslateAcceleratorA
SetRectEmpty
CreateDialogIndirectParamA
DdeClientTransaction
InsertMenuW
GetIconInfo
DdeConnectList
DialogBoxIndirectParamW
DrawIconEx
OemToCharW
GetWindowWord
CharToOemA
DdeCmpStringHandles
CreateWindowStationA
MapDialogRect
CharToOemBuffW
DdeInitializeA
GetClassLongA
DlgDirListComboBoxW
DrawEdge
GetSubMenu
RegisterClipboardFormatW
GetCaretPos
GetPropW
GetTopWindow
InvalidateRect
RegisterClassExA
SetWindowContextHelpId
GetMenuCheckMarkDimensions
SetParent
GetDialogBaseUnits
OpenWindowStationW
LoadStringA
SubtractRect
SetWindowPos
GetCursorPos
EnableScrollBar
GetWindowTextLengthA
CheckRadioButton
IsCharLowerA
CharPrevW
EnumWindowStationsW
CreateMenu
wvsprintfA
SetClassWord
DefDlgProcA
ToUnicodeEx
TrackPopupMenuEx
CharLowerBuffA
IsMenu
GetDesktopWindow
DdeKeepStringHandle
IsZoomed
GetWindowRgn
SetMenuItemBitmaps
ChangeClipboardChain
EndDeferWindowPos
EndDialog
DefMDIChildProcW
CreateDialogParamW
AdjustWindowRectEx
UnloadKeyboardLayout
DeleteMenu
LoadCursorFromFileW
CloseDesktop
SetWindowLongA
GetClassLongW
DefMDIChildProcA
DdeQueryStringA
LoadCursorA
IsWindowUnicode
GetMenuStringW
GetWindowLongA
DdeDisconnectList
PostThreadMessageA
OpenClipboard
DdeDisconnect
SetLastErrorEx
GetSysColorBrush
LoadCursorW
SetSystemCursor
SetSysColors
GetDoubleClickTime
CreateIconFromResource
GetClassNameA
GetKeyboardLayoutNameW
SetCapture
IsIconic
GetClipboardData

comdlg32

GetFileTitleA
ReplaceTextW
FindTextA
FindTextW
GetSaveFileNameA
PrintDlgW
CommDlgExtendedError

comctl32

UninitializeFlatSB
ImageList_Duplicate
ord8
ImageList_Copy
ord16
ImageList_SetIconSize
CreatePropertySheetPageA
ord5
ImageList_AddMasked
FlatSB_SetScrollRange

shell32

SHGetDesktopFolder
ExtractIconExA
FindExecutableA
SHInvokePrinterCommandA
ShellExecuteExW
SHBrowseForFolderA
SHFileOperationW
SHEmptyRecycleBinW
SHGetFileInfoA

oleaut32

GetErrorInfo

advapi32

EncryptFileA
LsaSetDomainInformationPolicy
GetLengthSid
StartServiceCtrlDispatcherA
OpenSCManagerW
ImpersonateLoggedOnUser
QueryServiceConfigA
SetNamedSecurityInfoA
GetSecurityDescriptorOwner
EqualPrefixSid
QueryServiceStatus
FindFirstFreeAce
RegRestoreKeyW
RegOpenKeyA
AllocateAndInitializeSid
AccessCheckAndAuditAlarmA
LsaRetrievePrivateData
GetTrusteeNameW
RegConnectRegistryW
RegEnumKeyExW
RegisterEventSourceA

version

VerQueryValueW
GetFileVersionInfoW
VerFindFileA

winmm

waveInGetID
joyGetPos
midiStreamPause
sndPlaySoundW
midiInMessage
mciGetDeviceIDFromElementIDA
joyGetDevCapsA
midiStreamProperty
waveOutBreakLoop
mciGetDeviceIDW
waveOutMessage
midiOutGetDevCapsA
mmioDescend
joyGetDevCapsW
mixerClose
waveInAddBuffer
midiOutGetID
waveInGetDevCapsW

msvcrt

__getmainargs
__p__commode
_adjust_fdiv
_controlfp
_except_handler3
__set_app_type
__setusermatherr
__p__fmode
_exit
_XcptFilter
exit
_acmdln
_initterm

kernel32

EndUpdateResourceA
EnumResourceLanguagesW
GetEnvironmentVariableW
GetModuleHandleA
GetStartupInfoA

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 904KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86f381a35e519b31d9e0a389e86e0bdc

Headers

File Characteristics

Imports

mpr

shlwapi

rasapi32

ole32

user32

comdlg32

comctl32

shell32

oleaut32

advapi32

version

winmm

msvcrt

kernel32

Sections

.text Size: 284KB - Virtual size: 282KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 904KB

.rsrc Size: 28KB - Virtual size: 24KB

.text
Size: 284KB - Virtual size: 282KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 904KB

.rsrc
Size: 28KB - Virtual size: 24KB