2768fb618a43ee6be9bc0de1e64c4262_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2768fb618a43ee6be9bc0de1e64c4262_JaffaCakes118
Size

87KB
MD5

2768fb618a43ee6be9bc0de1e64c4262
SHA1

b514f64678cf0a817e7499509c09b25715a28611
SHA256

e6c130d1eb5daf087c85e48cc54f4c2b1fde0077e36efd7f7c0806a74c86d5b6
SHA512

c87d9620b757d4a750f6c7e4cceea5e14796b056866783b63eb8cdc6436affe1dcd02a3c98b18845ba951491c236581ce034a2222e5b7c2437fa9e03d1070e3f
SSDEEP

1536:Ng1vWEAyO37+Yng3+a29q57IWGlGGtXCngIvODZf564s2K5+e:NsvPbO37DgOa2guzlGMCg5564E5+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2768fb618a43ee6be9bc0de1e64c4262_JaffaCakes118

Files

2768fb618a43ee6be9bc0de1e64c4262_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c3daac4892a03ea2fe2c0c8dfb19654

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharUpperW
RealChildWindowFromPoint
WindowFromDC
SetDlgItemInt
SetWindowPlacement
GetScrollBarInfo
IntersectRect
CreateDialogParamW
DragObject
CharLowerBuffA
ImpersonateDdeClientWindow
GetDlgItemTextW
GetMonitorInfoW
PaintDesktop
DrawTextW
ExitWindowsEx
DestroyAcceleratorTable
LoadStringW
GetActiveWindow
DlgDirSelectExW
SetRect
SendDlgItemMessageA
MessageBoxA
ClientToScreen
GetAncestor
CharNextA
FindWindowW
GetDoubleClickTime
OpenClipboard
UnregisterHotKey
SetActiveWindow
GetFocus
SetSystemCursor
ReleaseDC
CreateWindowExA
GetListBoxInfo
SetMenuContextHelpId
SetForegroundWindow
EnumWindowStationsA
GetTitleBarInfo
TranslateAccelerator
OemToCharBuffA
LoadMenuW
DdeAddData
GetPriorityClipboardFormat
BroadcastSystemMessageA
NotifyWinEvent
ChangeDisplaySettingsExA
FlashWindowEx
GetWindowInfo
DdeUnaccessData
CreateAcceleratorTableA
UnregisterClassW
GetNextDlgGroupItem
GetMenuState
DrawAnimatedRects
VkKeyScanExA
EnumDisplaySettingsA
SwitchDesktop
GetCaretBlinkTime
SetMessageExtraInfo
GetClipboardViewer
GetMenuItemID
MonitorFromRect
IsMenu
DispatchMessageA
SetKeyboardState
CreateMDIWindowA
LoadKeyboardLayoutA
GetSubMenu
EqualRect
IsCharLowerA
CreateIconFromResource
GetClassInfoExA
GetScrollPos
SetCursor
SetCaretBlinkTime
SetWindowPos
GetMenuItemInfoW
IsZoomed
GetClassNameW
GetWindowRgn
GetPropW
ModifyMenuA
TranslateAcceleratorW
GetUpdateRgn
InternalGetWindowText
UnloadKeyboardLayout
GetWindowTextLengthW
DlgDirSelectComboBoxExW
IsDialogMessage
DdeInitializeA
SetProcessWindowStation
SendMessageA
EnumDisplayDevicesA
GetKBCodePage
WinHelpW
ChangeDisplaySettingsA
MessageBoxIndirectA
ReuseDDElParam
DdeFreeDataHandle
SendNotifyMessageA
GetProcessDefaultLayout
DdeQueryStringA
GetInputState
CopyAcceleratorTableA
GetDesktopWindow
SetWindowsHookA
GetSysColorBrush
OpenWindowStationA
GetMessageW
CascadeChildWindows
GetDlgItem
SendIMEMessageExW
DrawFocusRect
DefWindowProcW
CheckDlgButton
GetMenuItemRect
EnumWindows
SetDlgItemTextW
GetClipboardOwner
InvalidateRect
CallMsgFilterA
EnumDisplaySettingsExW
SetDoubleClickTime
EndDialog
InvertRect
DefFrameProcA
IsCharLowerW
RegisterHotKey
SendMessageCallbackA
LoadBitmapW

kernel32

GlobalLock
GetCommState
GetProcessAffinityMask
SetDefaultCommConfigW
HeapDestroy
CancelWaitableTimer
CreateNamedPipeW
LocalShrink
FlushConsoleInputBuffer
SwitchToFiber
GetProcessVersion
LoadLibraryW
lstrcatW
GetThreadTimes
SearchPathA
GetPrivateProfileSectionNamesW
SetConsoleMode
TerminateProcess
GetThreadPriorityBoost
WaitCommEvent
GlobalReAlloc
WriteProcessMemory
CreateEventA
SetCommMask
CreateConsoleScreenBuffer
SearchPathW
GetLongPathNameW
GetStringTypeExW
BeginUpdateResourceW
SetConsoleScreenBufferSize
WaitForMultipleObjectsEx
FindFirstChangeNotificationW
GetDefaultCommConfigW
FlushInstructionCache
GetComputerNameW
lstrcat
GetConsoleTitleA
FindAtomA
CreateSemaphoreA
GetACP
GetShortPathNameW
GetNamedPipeHandleStateW
UpdateResourceW
MoveFileExW
BuildCommDCBAndTimeoutsW
Heap32ListFirst
WritePrivateProfileStringW
WriteTapemark
FreeEnvironmentStringsW
LocalFree
ClearCommBreak
ReadDirectoryChangesW
ReadConsoleInputW
FileTimeToDosDateTime
ReadConsoleW
CreateIoCompletionPort
GetCalendarInfoW
GetDateFormatW
SetHandleCount
RaiseException
GetFileAttributesA
VirtualAlloc
QueueUserAPC
GetCommProperties
TlsFree
Heap32ListNext
SetCalendarInfoA
GetLogicalDriveStringsW
MoveFileA
SignalObjectAndWait
CancelDeviceWakeupRequest
DebugActiveProcess
lstrlenA
GetSystemTimeAdjustment
LoadResource
SetConsoleTitleW
EnumTimeFormatsA
LocalReAlloc
IsBadHugeWritePtr
SetFileAttributesW
WaitForSingleObjectEx
FindCloseChangeNotification
EraseTape
GetPrivateProfileStringA
OutputDebugStringA
GetProfileIntW
GlobalGetAtomNameW
Toolhelp32ReadProcessMemory
FreeEnvironmentStringsA
GetNamedPipeHandleStateA
LockResource
HeapUnlock
GetSystemInfo
GetPrivateProfileIntW
GetCurrentDirectoryW
GetConsoleTitleW
VirtualProtect
GetEnvironmentStrings
GetProcessWorkingSetSize
WritePrivateProfileStructW
ResumeThread
TransactNamedPipe
GetModuleFileNameW
LoadLibraryExA
ReadConsoleOutputW
FreeConsole
EnumResourceTypesW
VerLanguageNameA
FoldStringW
GetFileAttributesExA
ReadConsoleOutputCharacterW
Sleep
CreateMutexA
TlsGetValue
FillConsoleOutputCharacterW
BeginUpdateResourceA
GlobalFree
PrepareTape
GetSystemPowerStatus
DeleteAtom
LocalSize
WritePrivateProfileStructA
GetEnvironmentVariableW
ResetWriteWatch

shlwapi

UrlIsOpaqueW
PathCompactPathA
PathFindNextComponentW
PathCombineA
PathRenameExtensionA
PathIsRelativeA
SHCreateStreamOnFileA
PathRemoveBackslashW
StrCatW
UrlUnescapeW
PathIsUNCA
PathRemoveBlanksW
UrlUnescapeA
PathRemoveArgsW
StrSpnA
PathIsPrefixA
PathGetArgsW
SHRegDeleteUSValueA
PathAddExtensionA
PathFindExtensionW
AssocQueryStringW
StrChrW
PathMakePrettyW
UrlIsW
SHStrDupA
PathCompactPathExA
StrCmpNIA
ColorRGBToHLS
SHRegDeleteEmptyUSKeyA
PathRemoveExtensionW
PathIsFileSpecA
PathFindExtensionA
PathMakeSystemFolderA
SHEnumValueW
StrChrIW
PathFindFileNameW
PathIsLFNFileSpecW
SHIsLowMemoryMachine
SHRegDeleteEmptyUSKeyW
wvnsprintfA
UrlGetPartA
PathIsNetworkPathA
PathCanonicalizeW
SHRegEnumUSKeyW
PathSetDlgItemPathA
PathIsSameRootA
SHRegGetUSValueA
SHCopyKeyA
PathSkipRootW
PathCanonicalizeA
SHRegSetUSValueW
PathIsContentTypeW
PathIsUNCServerW
PathIsDirectoryEmptyA
SHRegDeleteUSValueW
StrFromTimeIntervalW
UrlApplySchemeA
SHRegGetUSValueW
PathFindFileNameA
SHSetValueW
PathRelativePathToA
StrStrIW
ColorAdjustLuma
PathStripPathW
SHRegWriteUSValueA
SHQueryValueExA
PathSearchAndQualifyA
SHRegEnumUSKeyA
PathAddBackslashA
PathCreateFromUrlW
PathIsRootW
PathIsURLW
StrRetToBufW
PathGetDriveNumberA
SHGetThreadRef
PathUndecorateA
SHDeleteKeyW
SHRegOpenUSKeyA
StrCmpIW
PathGetDriveNumberW
SHRegCreateUSKeyA
ChrCmpIW
SHRegQueryUSValueA
UrlIsA
StrToIntExA
StrChrA
AssocQueryKeyA
PathCommonPrefixA
StrToIntA
PathGetCharTypeA
StrDupA
SHDeleteValueW
PathIsDirectoryW
SHGetInverseCMAP
StrIsIntlEqualA
StrCSpnW
SHDeleteKeyA
PathRemoveFileSpecA
StrPBrkW
PathParseIconLocationW
UrlCanonicalizeA
PathSetDlgItemPathW
StrStrA
SHGetValueW
StrCSpnIW
PathIsSystemFolderW
StrFromTimeIntervalA
PathRemoveExtensionA
PathIsSystemFolderA

advapi32

BuildTrusteeWithSidW
ReportEventA
SetPrivateObjectSecurity
GetSecurityDescriptorDacl
GetEffectiveRightsFromAclW
EqualPrefixSid
ChangeServiceConfigW
RegLoadKeyW
DeleteService
RegisterServiceCtrlHandlerA
SetEntriesInAuditListA
RegEnumValueA
SetSecurityDescriptorSacl
OpenEventLogW
SetAclInformation
LookupAccountNameW
GetMultipleTrusteeOperationA
ObjectPrivilegeAuditAlarmW
GetServiceKeyNameW
CryptGetKeyParam
SetSecurityDescriptorGroup
InitializeSecurityDescriptor
LookupPrivilegeNameW
RegSetValueExA
GetAuditedPermissionsFromAclW
SetSecurityDescriptorDacl
RegCloseKey
CryptDecrypt
SetThreadToken
RegQueryMultipleValuesW
RegLoadKeyA
AddAce
GetPrivateObjectSecurity
CryptDuplicateKey
QueryServiceStatus
GetServiceDisplayNameA
OpenProcessToken
TrusteeAccessToObjectW
IsValidSecurityDescriptor
GetTrusteeTypeA
CryptDestroyHash
DestroyPrivateObjectSecurity
RegOpenKeyExA
GetNamedSecurityInfoW
GetNamedSecurityInfoExA
CloseEventLog
ObjectCloseAuditAlarmA
ConvertAccessToSecurityDescriptorA
CryptCreateHash
SetEntriesInAccessListW
GetTrusteeNameW
TrusteeAccessToObjectA
GetAccessPermissionsForObjectW
MakeSelfRelativeSD
FindFirstFreeAce
BuildImpersonateExplicitAccessWithNameA
BuildSecurityDescriptorW
SetEntriesInAclW
CryptEnumProvidersW
OpenServiceA
SetEntriesInAclA
GetTokenInformation
AllocateAndInitializeSid
ClearEventLogW
SetEntriesInAccessListA
OpenSCManagerW
OpenSCManagerA
SetServiceBits
CreateServiceW
RegisterServiceCtrlHandlerW
ConvertAccessToSecurityDescriptorW
RegisterEventSourceW
EnumDependentServicesA
AddAuditAccessAce
GetEffectiveRightsFromAclA
RegReplaceKeyA
CopySid
RegisterEventSourceA
ConvertSecurityDescriptorToAccessA
RegSaveKeyW
EqualSid
SetSecurityInfoExW
GetLengthSid
DeleteAce
BackupEventLogA
GetSecurityInfoExW
RegQueryValueExW
IsTextUnicode
AccessCheckAndAuditAlarmA
AbortSystemShutdownA
DeregisterEventSource
RegEnumKeyExA
CreatePrivateObjectSecurity
ObjectCloseAuditAlarmW
InitiateSystemShutdownW
GetSecurityDescriptorSacl
PrivilegedServiceAuditAlarmA
GetMultipleTrusteeOperationW
LookupAccountNameA
RegEnumValueW
CryptImportKey
CryptSetKeyParam
LookupPrivilegeNameA
CryptSetProviderW
CryptSetProviderA
AddAccessDeniedAce
SetServiceStatus
CryptGetUserKey
RegEnumKeyW
CryptSetProvParam
SetFileSecurityA
RegFlushKey
CreateProcessAsUserA
RegQueryMultipleValuesA
GetMultipleTrusteeA
LookupSecurityDescriptorPartsW
QueryServiceConfigA
CryptGetDefaultProviderW

ole32

OleCreateLinkEx
OleQueryCreateFromData
CoUninitialize
StgOpenAsyncDocfileOnIFillLockBytes
CoGetCallContext
CoCopyProxy
StgCreateDocfile
CoRevertToSelf
WriteStringStream
StringFromIID
PropVariantClear
ReleaseStgMedium
OleCreateEmbeddingHelper
CoCreateFreeThreadedMarshaler
CoRevokeClassObject
OleDestroyMenuDescriptor
GetRunningObjectTable
OleIsRunning
DoDragDrop
StgOpenStorage
StgCreateStorageEx
CoInitializeEx
CoGetCurrentProcess
CoGetInstanceFromFile
CoReleaseServerProcess
IsEqualGUID
OleGetIconOfFile
CoGetInterfaceAndReleaseStream
CreateILockBytesOnHGlobal
CoLoadLibrary
CreateOleAdviseHolder
StgSetTimes
ReadOleStg
CreateFileMoniker
CoCreateInstance
OleCreateFromData
OleRun
WriteOleStg
CoMarshalHresult
CoGetClassObject
GetClassFile
OleSaveToStream
CoFileTimeToDosDateTime
ReadFmtUserTypeStg
OleCreateMenuDescriptor
CoQueryAuthenticationServices
CoTreatAsClass
OleNoteObjectVisible
CoRegisterPSClsid
OleUninitialize
OleRegGetUserType
StgOpenStorageEx
CoQueryClientBlanket
CreateDataCache
CreateStreamOnHGlobal
CoInitializeSecurity
CoGetTreatAsClass
CoDosDateTimeToFileTime
OleCreateFromFileEx
MonikerCommonPrefixWith
OleQueryLinkFromData
CoResumeClassObjects
StgCreateDocfileOnILockBytes
CreateDataAdviseHolder
CoGetMalloc
OleCreateLinkToFile
OleConvertIStorageToOLESTREAM
OleLockRunning
OleRegEnumVerbs
OleGetClipboard
OleCreateFromFile
CoUnmarshalInterface
BindMoniker
GetHGlobalFromStream
PropVariantCopy
OleMetafilePictFromIconAndLabel
StringFromGUID2
OleRegEnumFormatEtc
CoAddRefServerProcess
OleSetContainedObject
OleSetClipboard
CreateGenericComposite
OleCreateLinkToFileEx
SetConvertStg
ProgIDFromCLSID
CoTaskMemAlloc
CoReleaseMarshalData
OleLoadFromStream
CoSetProxyBlanket
CoGetMarshalSizeMax
UpdateDCOMSettings
OleSetMenuDescriptor
RevokeDragDrop
SetDocumentBitStg
CoGetStandardMarshal
OleConvertOLESTREAMToIStorage
OleCreateDefaultHandler
OpenOrCreateStream
StgIsStorageFile
OleConvertIStorageToOLESTREAMEx
OleTranslateAccelerator
CoGetObject
CoCreateInstanceEx
IIDFromString
OleCreate
CLSIDFromString
CoGetInstanceFromIStorage
CoInitialize

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5c3daac4892a03ea2fe2c0c8dfb19654

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

shlwapi

advapi32

ole32

Sections

.text Size: 69KB - Virtual size: 68KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 150B

.text
Size: 69KB - Virtual size: 68KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 150B