297aac13288dd40c42ed6a7b282aaf28_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

297aac13288dd40c42ed6a7b282aaf28_JaffaCakes118
Size

668KB
MD5

297aac13288dd40c42ed6a7b282aaf28
SHA1

00c7cc60a6e4e262ee1936ed9b5730fecd720049
SHA256

c662f8c24b229cccf357264f4fe0d0a39976851038e03e35f8f489a561aba509
SHA512

6dc8bf25f5afab798a74fa5a5dd04e615afc9c58b13f09998a188a6b837ee5c2dd77643622acfc4ccccec326c5bf0f9629a6969dc2461576d2c5f26c4ddd581c
SSDEEP

12288:J7sOmnNfC0in2DeZFl7apZotFPxtycJ2Bmw6CYb:Ns/nF+2OfyH4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
297aac13288dd40c42ed6a7b282aaf28_JaffaCakes118

Files

297aac13288dd40c42ed6a7b282aaf28_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5d9db884cb2eb528263249e4220c18a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

powrprof

CanUserWritePwrScheme
EnumPwrSchemes
GetActivePwrScheme
WritePwrScheme
ReadPwrScheme
WriteProcessorPwrScheme
ReadProcessorPwrScheme
SetActivePwrScheme
CallNtPowerInformation

user32

GetCursorPos
GetSystemMetrics
SetMenuDefaultItem
CreateIconIndirect
GetIconInfo
RegisterWindowMessageW
UnpackDDElParam
IsRectEmpty
LoadIconW
SetScrollRange
SetParent
UnionRect
SetRect
GetDCEx
LockWindowUpdate
GetSubMenu
ReuseDDElParam
LoadMenuW
LoadAcceleratorsW
InsertMenuItemW
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorW
UnregisterClassW
CharUpperW
WaitMessage
DeleteMenu
GetDialogBaseUnits
GetSysColorBrush
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
ShowOwnedPopups
SetScrollPos
GetScrollPos
SetForegroundWindow
KillTimer
SetTimer
IsIconic
GetSystemMenu
PostMessageW
AppendMenuW
CreatePopupMenu
DrawIcon
DestroyIcon
MessageBoxW
wsprintfW
SetWindowLongW
LoadCursorW
CopyIcon
MessageBeep
GetSysColor
IsWindow
ReleaseCapture
GetParent
SetCapture
RedrawWindow
InvalidateRect
ReleaseDC
GetDC
GetWindowRect
PtInRect
SetCursor
GetClientRect
SendMessageW
EnableWindow
DrawFocusRect
FrameRect
FillRect
InflateRect
CopyRect
GetWindow
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
GetWindowLongW
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
GetMenuItemCount
GetMenuItemID
UnregisterClassA
GetMenu
UpdateWindow
IsWindowVisible
ShowScrollBar
GetScrollRange
GetKeyState
TrackPopupMenu
TrackPopupMenuEx
ScrollWindow
MapWindowPoints
PeekMessageW
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
DestroyWindow
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageW
SetActiveWindow
GetLastActivePopup
GetForegroundWindow
GetWindowTextW
GetWindowTextLengthW
SetFocus
GetFocus
RemovePropW
GetPropW
SetPropW
GetClassNameW
GetClassLongW
CallNextHookEx
SetWindowsHookExW
GetCapture
IsChild
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
RemoveMenu
InsertMenuW
GetMenuStringW
GetMenuState
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
CheckMenuItem
EnableMenuItem
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
IsDialogMessageW
SetWindowTextW
MoveWindow
ShowWindow
IsWindowEnabled
ScrollWindowEx
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetActiveWindow
GetDesktopWindow
GetKeyNameTextW
MapVirtualKeyW
WindowFromPoint
GetWindowThreadProcessId
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageW

uxtheme

EnableThemeDialogTexture

kernel32

LocalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
CopyFileW
GlobalFree
GetModuleHandleA
WideCharToMultiByte
lstrcmpA
lstrlenA
GetCurrentProcessId
InterlockedExchange
CompareStringA
GetLocaleInfoW
EnumResourceLanguagesW
GetVersion
ConvertDefaultLocale
ResumeThread
WaitForSingleObject
SetEvent
SuspendThread
CreateEventW
InterlockedDecrement
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
InterlockedIncrement
GlobalGetAtomNameW
GetAtomNameW
GetThreadLocale
FileTimeToSystemTime
SystemTimeToFileTime
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetCurrentDirectoryW
MoveFileW
GetStringTypeExW
lstrcmpiW
ReadFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
FindClose
MulDiv
GetVolumeInformationW
GetFullPathNameW
GetShortPathNameW
SetErrorMode
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesW
GetFileAttributesW
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
GetSystemTimeAsFileTime
RaiseException
HeapReAlloc
ExitProcess
ExitThread
CreateThread
HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetTickCount
TerminateProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
GetTimeZoneInformation
FatalAppExitA
VirtualAlloc
SetConsoleCtrlHandler
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
SetLastError
lstrcmpW
GetVersionExA
GetVersionExW
DeleteFileW
GetSystemPowerStatus
FormatMessageW
OpenMutexW
CreateMutexW
GetModuleFileNameW
CreateFileW
SetFilePointer
CloseHandle
WriteFile
GetLastError
GetModuleHandleW
GetProcAddress
GetWindowsDirectoryW
LoadLibraryW
FreeLibrary
lstrcatW
lstrlenW
CreateProcessW
lstrcpyW
GetCurrentProcess
GetCurrentThread
GetPriorityClass
GetThreadPriority
GetProcessAffinityMask
SetPriorityClass
SetThreadPriority
SetProcessAffinityMask
Sleep
SizeofResource
QueryPerformanceFrequency
QueryPerformanceCounter
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
FindFirstFileW

gdi32

PatBlt
CreateRectRgnIndirect
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreateCompatibleDC
CreatePatternBrush
CreateDIBPatternBrushPt
GetMapMode
ExtSelectClipRgn
SetRectRgn
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
PolyBezierTo
CombineRgn
DPtoLP
GetTextMetricsW
CreateCompatibleBitmap
GetCharWidthW
CreateFontW
StretchDIBits
GetBkColor
DeleteDC
RectVisible
PtVisible
StartDocW
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
GetDeviceCaps
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateDIBSection
CreateBitmap
DeleteObject
GetBitmapBits
CreateBitmapIndirect
GetObjectW
CreateFontIndirectW
GetStockObject
GetTextExtentPoint32W
SelectClipPath

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCloseKey
RegQueryValueW
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegSetValueW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyW
RegCreateKeyW
RegCreateKeyExW

shell32

ShellExecuteW
ExtractIconW
SHGetFileInfoW
DragFinish
DragQueryFileW
Shell_NotifyIconW

comctl32

ord17

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveExtensionW
PathFindExtensionW

ole32

CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
ReadClassStg
OleDuplicateData
StringFromCLSID
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CoDisconnectObject
CoCreateInstance
OleRegGetUserType
CoTreatAsClass
StringFromGUID2
CLSIDFromString
ReadFmtUserTypeStg

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarBstrFromDate

Sections

.text
Size: 440KB - Virtual size: 439KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5d9db884cb2eb528263249e4220c18a

Headers

File Characteristics

Imports

powrprof

user32

uxtheme

kernel32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 440KB - Virtual size: 439KB

.rdata Size: 112KB - Virtual size: 111KB

.data Size: 12KB - Virtual size: 239KB

Size: 56KB - Virtual size: 53KB

.rsrc Size: 44KB - Virtual size: 41KB

.text
Size: 440KB - Virtual size: 439KB

.rdata
Size: 112KB - Virtual size: 111KB

.data
Size: 12KB - Virtual size: 239KB

.rsrc
Size: 44KB - Virtual size: 41KB