2b00cef9f6bbafcb95c1c061cec24376_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b00cef9f6bbafcb95c1c061cec24376_JaffaCakes118
Size

287KB
MD5

2b00cef9f6bbafcb95c1c061cec24376
SHA1

7d0d9f5772b7bff13e8117d636390bb1ba848fd3
SHA256

dfe0e4b3a70e02f0d428d539186d9554425ea03fb0265376be27657107d8187a
SHA512

3841b71d43c89005e54281f62fd9e374f07c1cb76d04fa08ccafa519ea2bfdaef3f1529af59eed63ede1cc57cca3edf001320f5e544127af9d76a31ff7975936
SSDEEP

6144:MeabB+Kvz2UIaZC0vZCwSBDMUMEn/RKL0YVFbgx:MRbB+6zdVQLBDQAZKVc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b00cef9f6bbafcb95c1c061cec24376_JaffaCakes118

Files

2b00cef9f6bbafcb95c1c061cec24376_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4f6287a6f53886dce7f3a333f1b8ce15

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

RestoreDC
CreateRectRgn
CreateCompatibleDC
RectVisible
GetBitmapBits
SetWinMetaFileBits
GetEnhMetaFileBits
GetViewportOrgEx
SetROP2
GetTextExtentPointW
GetDeviceCaps
ExtTextOutW
RealizePalette
GetPixel
FrameRgn
SetWindowOrgEx
GetPaletteEntries
PatBlt
GetEnhMetaFileDescriptionW
GetWindowOrgEx
GetDIBColorTable
SetViewportOrgEx
SetBrushOrgEx
LineTo
CloseEnhMetaFile
Rectangle
ExcludeClipRect
CreateFontIndirectW
SelectObject
MaskBlt
GetDIBits
CreateBitmap
GetWinMetaFileBits
SetEnhMetaFileBits
CreateDIBitmap
LPtoDP
GetDCOrgEx
SetMapMode
MoveToEx
SetDIBColorTable
GetClipRgn
GetEnhMetaFileHeader
GetStockObject
GetEnhMetaFilePaletteEntries
SetPixel
BitBlt
GetClipBox
CreateEnhMetaFileW
DeleteObject
CreateHalftonePalette
UnrealizeObject
CopyEnhMetaFileW
SelectPalette
PlayEnhMetaFile
StretchBlt
TranslateCharsetInfo
CreateBrushIndirect
SelectClipRgn
GetTextExtentPoint32W
GetCurrentPositionEx
IntersectClipRect
SetTextColor
DeleteEnhMetaFile
GetTextExtentPoint32A
SetStretchBltMode
GetTextMetricsA
SetBkColor
DeleteDC
GetObjectW
CreateSolidBrush
SetBkMode
GetTextMetricsW
CreateDIBSection
GetBrushOrgEx
CreatePalette
GetRgnBox
GetSystemPaletteEntries
CreatePenIndirect
SaveDC
CreateCompatibleBitmap

advapi32

GetTokenInformation
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExA
SetSecurityDescriptorDacl
RegFlushKey
RegCloseKey
RegOpenKeyExA
RegQueryValueExW
OpenProcessToken
InitializeSecurityDescriptor

oleaut32

SafeArrayGetLBound
SysReAllocStringLen
SafeArrayCreate
VariantCopy
GetActiveObject
VariantChangeType
SysAllocStringLen
SysAllocString
SafeArrayRedim
SafeArrayGetUBound
VariantClear
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayUnaccessData
SysFreeString
SafeArrayGetElement
SafeArrayAccessData
VariantInit
GetErrorInfo

msimg32

AlphaBlend

shell32

ShellExecuteA
ShellExecuteExA

kernel32

HeapAlloc
EnumSystemLocalesW
CreateThread
GetDiskFreeSpaceW
FindFirstFileW
LocalFree
FormatMessageW
lstrcpynW
EnterCriticalSection
SetConsoleCtrlHandler
CompareStringA
CreateEventW
CreateEventA
VirtualQuery
IsDBCSLeadByteEx
GetSystemInfo
TlsSetValue
MulDiv
lstrcmpiA
GetThreadLocale
VirtualAlloc
IsValidLocale
LoadLibraryExA
HeapFree
GetModuleHandleW
GetCommandLineW
GetFullPathNameW
GetCurrentThreadId
SwitchToThread
lstrlenW
LockResource
LCMapStringA
DeleteFileA
GetComputerNameW
lstrlenA
GlobalFree
GlobalSize
CreateMutexA
GetStdHandle
CompareStringW
UnmapViewOfFile
DebugBreak
FindClose
CreateFileW
SignalObjectAndWait
EnumCalendarInfoW
LeaveCriticalSection
FreeEnvironmentStringsA
GetSystemDefaultLCID
SetEndOfFile
TlsGetValue
GetDateFormatW
CloseHandle
VirtualProtect
SetErrorMode
GlobalAddAtomW
UnhandledExceptionFilter
ResetEvent
SetThreadPriority
WaitForSingleObject
CreateFileA
FreeResource
WideCharToMultiByte
GlobalLock
LoadResource
ResumeThread
ReleaseMutex
FlushInstructionCache
GetACP
FreeLibrary
GetFileType
VirtualFree
GetExitCodeThread
OutputDebugStringA
EnumSystemCodePagesW
WaitForMultipleObjectsEx
RtlUnwind
FindResourceW
SizeofResource
GetOEMCP
RaiseException
SetLastError
GetProcessHeap
IsDebuggerPresent
CreateFileMappingA
DeleteCriticalSection
ExitThread
GlobalAlloc
TlsFree
TlsAlloc
GetLocalTime
LoadLibraryExW
WriteFile
MapViewOfFileEx
GetUserDefaultLCID
SetThreadLocale
GetTimeZoneInformation
GlobalDeleteAtom
GetSystemDefaultLangID
GetModuleHandleA
lstrcpyW
SetHandleCount
SetFilePointer
GlobalUnlock
GetStringTypeExW
GlobalFindAtomW
lstrcpynA
GetProcessVersion
VirtualQueryEx
FormatMessageA
ReadFile
GetCurrentProcess
VirtualAllocEx

ole32

CreateStreamOnHGlobal
OleSetMenuDescriptor
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoGetClassObject
CoCreateInstance
IsEqualGUID
OleInitialize
CoInitialize
StringFromCLSID
OleDraw
IsAccelerator
ProgIDFromCLSID
OleUninitialize

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

comctl32

ImageList_Draw
FlatSB_SetScrollPos
ImageList_SetBkColor
ImageList_Add
_TrackMouseEvent
ImageList_GetBkColor
ImageList_SetIconSize
ImageList_BeginDrag
ImageList_GetImageCount
InitializeFlatSB
ImageList_Destroy
ImageList_DragShowNolock
ImageList_Create
ImageList_DragEnter
FlatSB_SetScrollProp
ImageList_DrawEx
ImageList_GetIconSize
FlatSB_GetScrollPos
ImageList_DragMove
ImageList_DragLeave
ImageList_EndDrag
FlatSB_GetScrollInfo
ImageList_Remove
ImageList_Read
FlatSB_SetScrollInfo
ImageList_Write
ImageList_GetDragImage
ImageList_SetImageCount

user32

DefWindowProcW
CreateIcon
GetMenuItemID
DestroyCursor
GetMenuStringW
EmptyClipboard
GetMenu
SetClassLongW
GetSystemMetrics
EnableMenuItem
DestroyWindow
GetWindowDC
GetPropW
SystemParametersInfoW
ClientToScreen
ScreenToClient
MsgWaitForMultipleObjectsEx
SetPropW
DrawFocusRect
MapVirtualKeyW
GetKeyNameTextW
GetUserObjectInformationA
IsWindowVisible
IsChild
CharNextW
SendMessageW
DrawTextW
DrawEdge
BeginPaint
GetClipboardData
SetActiveWindow
SetForegroundWindow
IntersectRect
GetClientRect
EnableScrollBar
OpenClipboard
OffsetRect
RemoveMenu
RegisterWindowMessageW
DeleteMenu
SystemParametersInfoA
KillTimer
SetTimer
SetScrollRange
RemovePropW
UpdateWindow
ReleaseDC
GetWindowThreadProcessId
SetScrollInfo
GetMessagePos
CallWindowProcA
IsZoomed
GetForegroundWindow
DispatchMessageA
GetClassLongW
IsDialogMessageA
GetWindowRect
ShowOwnedPopups
ScrollWindow
LoadCursorW
IsWindowUnicode
AdjustWindowRectEx
IsIconic
FrameRect
EndPaint
PostQuitMessage
SetMenuItemInfoW
OpenInputDesktop
CharUpperBuffW
InvalidateRect
SetWindowRgn
IsWindowEnabled
DrawIconEx
MessageBeep
GetIconInfo
GetDC
IsDialogMessageW
LoadIconW
GetMessageTime
EnableWindow
TrackPopupMenu
GetTopWindow
UnregisterClassW
CloseClipboard
GetMenuState
CallNextHookEx
GetKeyboardState
DrawFrameControl
WindowFromPoint
SetCursor
GetKeyboardType
PeekMessageW
GetKeyboardLayoutNameW
DrawIcon
FindWindowExW
GetScrollInfo
SetFocus
CheckMenuItem
InflateRect
GetLastActivePopup
GetSubMenu
UnhookWindowsHookEx
EnumThreadWindows
GetKeyState
DestroyIcon
GetWindowTextW
GetSysColorBrush
GetSysColor
GetKeyboardLayout
DrawMenuBar
SetWindowsHookExW
FillRect
CharLowerBuffW
InsertMenuItemW
SetScrollPos
CreateMenu
PeekMessageA
DispatchMessageW
SetRect
DefMDIChildProcW
IsWindow
SetParent
GetFocus
SetCapture
CharNextExA
LoadKeyboardLayoutW
RedrawWindow
GetCursorPos
MessageBoxW
FindWindowW
GetDesktopWindow
GetCapture
GetScrollPos
SetWindowLongW
GetClassInfoW
CreatePopupMenu
PostMessageW
PtInRect
SendMessageA
LoadStringW
DrawTextExW
DestroyMenu
RegisterClipboardFormatW
SetMenu
GetActiveWindow
InsertMenuW
EnumWindows
ActivateKeyboardLayout
RegisterClassW
WaitMessage
CallWindowProcW
GetClassNameA
CharLowerW
GetWindowLongW
MsgWaitForMultipleObjects
GetWindowPlacement
FindWindowA
GetMenuItemInfoW
GetMenuItemCount
GetWindowLongA
SetWindowTextW
GetCursor
DefFrameProcW
GetParent
SetClipboardData
wsprintfA
ShowScrollBar
CloseDesktop
GetSystemMenu
GetWindow
PostMessageA
GetDCEx
GetScrollRange
MapWindowPoints
ReleaseCapture
GetKeyboardLayoutList
SetWindowPos
SetWindowPlacement
ShowWindow
EnumChildWindows
SetWindowLongA
TranslateMDISysAccel
MessageBoxA
TranslateMessage
CreateWindowExW
LoadBitmapW

esent

JetCreateIndex
JetDupCursor
JetGetCursorInfo
JetUpdate
JetPrepareToCommitTransaction
JetRestore2
JetDBUtilities
JetGetTableColumnInfo
JetGetIndexInfo
JetTruncateLog
JetRollback
JetConvertDDL
JetGetLS
JetEnumerateColumns

input

CPlApplet

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 245KB - Virtual size: 754KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f6287a6f53886dce7f3a333f1b8ce15

Headers

File Characteristics

Imports

gdi32

advapi32

oleaut32

msimg32

shell32

kernel32

ole32

version

comctl32

user32

esent

input

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 245KB - Virtual size: 754KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 245KB - Virtual size: 754KB

.rsrc
Size: 5KB - Virtual size: 5KB