2c8dc5006fa83088095eecc383db0031_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c8dc5006fa83088095eecc383db0031_JaffaCakes118
Size

130KB
MD5

2c8dc5006fa83088095eecc383db0031
SHA1

0ea3fec1bfe9c19ed2cbd1e20b54784aa1729c11
SHA256

e1f5f6455b995641ce42637b114fa08ab355d464fb6e0b1e0be3686b967f6c22
SHA512

20c3717219d2c01a5c135adbe998f215d138670603120c076b19df31588c55ad98934366b0c391b70b3ad355df65edb7b2560f2ad2a9dc9359ad2acc9d51ff4a
SSDEEP

3072:fcBxg523/wB4Odv8B9iZ0Dypm2cN4T5vM+joDyoj9WKXaJjyyM4xg:fcBx2cYBtdv8W+DypEuTRMaoxjsJZa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c8dc5006fa83088095eecc383db0031_JaffaCakes118

Files

2c8dc5006fa83088095eecc383db0031_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2038853cc434426f248793272822b6d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlIsNoHistoryA
PathCreateFromUrlW
SHGetValueW
PathParseIconLocationW
PathIsSystemFolderA
StrIsIntlEqualW
SHAutoComplete

ole32

CoQueryAuthenticationServices
EnableHookObject
CoGetCurrentLogicalThreadId
WriteClassStm
StgCreateStorageEx
CoSuspendClassObjects
CoFileTimeToDosDateTime

user32

InsertMenuA
LoadKeyboardLayoutW
ScrollDC
LookupIconIdFromDirectory
RealGetWindowClass
GetClassInfoExW
WinHelpA
MessageBeep
SendDlgItemMessageA
RegisterDeviceNotificationA
GetDC
RegisterClipboardFormatW
DialogBoxIndirectParamA
OemKeyScan
DestroyIcon
DefFrameProcW
DdeFreeStringHandle
DdeQueryConvInfo
TranslateAcceleratorA
EnumWindowStationsW
GetTitleBarInfo
OffsetRect
MessageBoxW
CreateWindowStationW
GetSystemMetrics
SetWindowTextA
PostThreadMessageA
UnregisterClassW
SetCaretPos
EnumDisplayMonitors
TileChildWindows
OpenDesktopA
CharLowerA
CreateAcceleratorTableA
CharPrevExA
CopyAcceleratorTableA
LockWindowUpdate
SendInput
IsRectEmpty
EnumDisplayDevicesA
GetAncestor
EndMenu
IsCharAlphaNumericA
SetMenuItemInfoA
SetPropW
GetWindowTextLengthA
GetKBCodePage
EnumPropsW
InSendMessageEx
GetInputDesktop
CheckMenuRadioItem
GetDlgCtrlID
GetClipCursor
GetClipboardFormatNameA
GetClassInfoW
SetDlgItemInt
SetRectEmpty
GetDesktopWindow
SetForegroundWindow
GetTabbedTextExtentW
CreateWindowExA
DlgDirSelectComboBoxExA
LoadBitmapA
GetCursor
CharToOemA
RegisterWindowMessageW
DrawTextW
VkKeyScanW
DestroyCursor
DdeCreateStringHandleW
LoadStringW
GetOpenClipboardWindow
CopyImage
SetWindowLongA
DdeFreeDataHandle
CharUpperA
DrawAnimatedRects
DdeAddData
GetCaretPos
SetCapture
IsCharLowerW
BringWindowToTop
IsIconic
ShowCursor
EnableMenuItem
BroadcastSystemMessage
GetMenuItemInfoW
GetPropA
CreateIconFromResource
DefWindowProcW
UnregisterHotKey
DlgDirSelectComboBoxExW
EnumDisplayDevicesW
LoadBitmapW
SetProcessWindowStation
EnumWindowStationsA
DdeUnaccessData
GetDlgItemTextA
DdeEnableCallback
EnumPropsExA
RealChildWindowFromPoint
LoadAcceleratorsA
FlashWindow
SetDlgItemTextA
GetCaretBlinkTime
SetTimer
CharPrevW
CharToOemBuffW
EnumDesktopWindows
SendMessageCallbackW
EnumPropsExW
ReplyMessage
EnableScrollBar
SetWindowTextW
CallMsgFilterA
SendNotifyMessageW
EnumClipboardFormats
CheckRadioButton
GetTabbedTextExtentA
DrawMenuBar
SwitchToThisWindow
CallWindowProcW
LoadIconA
MessageBoxA
CharUpperW
CloseWindowStation
DdeImpersonateClient
GetWindowWord
DrawStateA
CreateMenu
TranslateMessage
PeekMessageW
ChildWindowFromPointEx
DefWindowProcA
GetClipboardSequenceNumber
DeferWindowPos
GetWindowRgn
IsChild
InsertMenuW
MonitorFromWindow
GetMenuItemRect
SetWindowContextHelpId
EnableWindow
MapVirtualKeyA
CreateWindowExW
CallMsgFilter
RegisterClassExW
SendNotifyMessageA
SetWindowRgn
TrackPopupMenuEx
DdeAccessData
DlgDirSelectExW
MonitorFromRect
DdeAbandonTransaction
PackDDElParam
SetMenuItemBitmaps
CallWindowProcA
RedrawWindow
GetScrollInfo
GetMenuItemInfoA
IsCharAlphaW
GetMenuStringW
ChangeDisplaySettingsExW
RegisterClassA
InsertMenuItemW
SendMessageTimeoutA
RemoveMenu
UnpackDDElParam
GetMenuState
GetClientRect
WINNLSEnableIME
CreateIconFromResourceEx
SendMessageTimeoutW
DlgDirListComboBoxA
BroadcastSystemMessageA
GetWindowModuleFileNameW
DdeDisconnect
EnumDesktopsW
GetMenuInfo
RegisterDeviceNotificationW
TabbedTextOutA
DrawFocusRect
GetMenuStringA
SetWindowPlacement
ModifyMenuA
DdeKeepStringHandle
GetMenuBarInfo
SetSysColors
CloseDesktop
SetCaretBlinkTime
SystemParametersInfoW
GetDCEx
GetKeyboardState
ExcludeUpdateRgn
InternalGetWindowText
SetDoubleClickTime
GetDoubleClickTime
WindowFromDC
TranslateAcceleratorW

kernel32

HeapUnlock
GetCurrentProcess
GetDiskFreeSpaceA
WaitNamedPipeA
GetSystemTimeAdjustment
GetLocaleInfoW
MulDiv
GetUserDefaultLCID
lstrcmpiA
GetThreadContext
QueryPerformanceCounter
SetConsoleMode
GetThreadTimes
SetConsoleWindowInfo
FindNextFileA
MoveFileExW
VirtualAlloc
MoveFileExA
HeapLock
LocalShrink
RemoveDirectoryW
GlobalAlloc
WriteFileEx
GetLongPathNameA
FillConsoleOutputAttribute
AreFileApisANSI
SetEvent
SetProcessAffinityMask
GlobalAddAtomW
GetStringTypeExW
SetConsoleCursorPosition
WritePrivateProfileStructW
GetThreadLocale
GetStdHandle
InitializeCriticalSectionAndSpinCount
MoveFileW
GetSystemTimeAsFileTime
SetComputerNameW
GetVersionExW
VirtualQueryEx
SetMailslotInfo
LCMapStringA
WaitForSingleObjectEx
WriteConsoleOutputAttribute
FileTimeToLocalFileTime
FreeEnvironmentStringsA
VerLanguageNameA
SetPriorityClass
QueryDosDeviceA
CopyFileExW
GetAtomNameA
GetCompressedFileSizeW
GetTempFileNameW
GetProcessPriorityBoost
ConvertDefaultLocale
CreateEventW
FlushViewOfFile
EnumDateFormatsExW
CreateFileW
GlobalDeleteAtom
GetExitCodeProcess
GetProcAddress
OpenEventA
GetCurrencyFormatA
LoadModule
SetLocaleInfoA
SetConsoleCtrlHandler
GetCompressedFileSizeA
SetFileAttributesA
SetConsoleCursorInfo
GetStringTypeA
RequestDeviceWakeup
GetStringTypeW
FindFirstFileA
CopyFileW
lstrcmpW
ExpandEnvironmentStringsA
WriteConsoleW
GetProfileStringA
SuspendThread
GetAtomNameW
GetThreadSelectorEntry
GetACP
FindNextFileW
ReadDirectoryChangesW
IsValidCodePage
GetDevicePowerState
IsBadWritePtr
Heap32First
SetVolumeLabelW
GetConsoleMode
GetPrivateProfileSectionNamesA
ReadConsoleA
GetSystemInfo
GetSystemDirectoryW
GetFileAttributesExA
GetConsoleCursorInfo
CreateWaitableTimerA
DisableThreadLibraryCalls
ScrollConsoleScreenBufferW
LocalFree
GlobalReAlloc
WritePrivateProfileStringW
GetModuleHandleW
GetCurrencyFormatW
SetMessageWaitingIndicator
SetConsoleTextAttribute
ReleaseSemaphore
FindAtomA
GetProfileIntA
GetComputerNameW
GetMailslotInfo
ReadFileEx
lstrcmp
Heap32Next
TlsFree
SetConsoleActiveScreenBuffer
GetShortPathNameA
VirtualProtect
MapViewOfFileEx
lstrlenA
CreateMailslotA
SetLastError
FormatMessageW
SetThreadLocale
SetEndOfFile
SetThreadPriority
CreateSemaphoreW
ExpandEnvironmentStringsW
GetLogicalDriveStringsA
ReadConsoleW
ScrollConsoleScreenBufferA
IsBadStringPtrA
LoadLibraryA

advapi32

SetKernelObjectSecurity
ReportEventA
RegCreateKeyW
RegQueryInfoKeyA
RegSaveKeyW
CryptDestroyKey
SetSecurityDescriptorSacl
SetNamedSecurityInfoA
RegCreateKeyExA
EnumServicesStatusA
SetFileSecurityW

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2038853cc434426f248793272822b6d8

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

ole32

user32

kernel32

advapi32

Sections

.text Size: 91KB - Virtual size: 90KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 512B - Virtual size: 16KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 91KB - Virtual size: 90KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 512B - Virtual size: 16KB

.rsrc
Size: 2KB - Virtual size: 1KB