30ee8347ea317a3ada4290ddbf2027b0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

30ee8347ea317a3ada4290ddbf2027b0_JaffaCakes118
Size

794KB
MD5

30ee8347ea317a3ada4290ddbf2027b0
SHA1

e63ce56fb0ab833dcea8ceaa149911487c9f17c9
SHA256

372e614f94f9e26728d69de20feb7a1df92fe5e6712a07b0c35c9f171c1711f7
SHA512

1477acef7e79e0106b1e947b855511e32bb9957be5a78ce47f0e20330feeeff3cc6befbdb98d7917cd98086c14d393eb2e910fca6d6aaf3570d34068f64f292d
SSDEEP

24576:5wAR1rgnIuORDhd5MRLP82gI+lzcTaUJLFF:rR1KoRDfOF5Wlzs9L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30ee8347ea317a3ada4290ddbf2027b0_JaffaCakes118

Files

30ee8347ea317a3ada4290ddbf2027b0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5ec4ac9c73c61f949e2a85d60cb1442a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

WindowFromPoint
WinHelpA
WaitMessage
UpdateWindow
UnregisterClassA
UnhookWindowsHookEx
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoA
ShowWindow
ShowScrollBar
ShowOwnedPopups
ShowCursor
SetWindowsHookExA
SetWindowPlacement
SetWindowLongA
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropA
SetMenuItemInfoA
SetMenu
SetFocus
SetClassLongA
SendMessageA
ScrollWindow
RemovePropA
RemoveMenu
RegisterWindowMessageA
RegisterClipboardFormatA
RegisterClassA
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextA
GetIconInfo
GetDCEx
GetCursor
GetClipboardData
GetClientRect
GetClassNameA
GetClassInfoA
GetCapture
GetActiveWindow
FrameRect
FindWindowA
FillRect
EnumWindows
EnumThreadWindows
EndPaint
EnableWindow
EnableScrollBar
DrawTextA
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawEdge
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreateWindowExA
CreateMenu
CreateIcon
CheckMenuItem
CallWindowProcA
CallNextHookEx
BeginPaint
CharLowerBuffA
CharLowerA
AdjustWindowRectEx
ActivateKeyboardLayout
GetKeyboardType
LoadStringA
MessageBoxA
CharNextA
GetNextDlgGroupItem
MessageBeep
UnregisterClassW
RegisterClipboardFormatW
PostThreadMessageW
GetDC
ReleaseDC
MapDialogRect
LoadIconW
LoadStringW
IsWindow
GetWindowDC
GetDesktopWindow
GetForegroundWindow
DispatchMessageW
TranslateMessage
PeekMessageW
LoadBitmapW
GetSysColorBrush
GetNextDlgTabItem
GetAsyncKeyState
DrawFocusRect
EqualRect
NotifyWinEvent
DestroyCursor
SetRectEmpty
RedrawWindow
GetParent
IsWindowVisible
SetWindowPos
SetParent
ClientToScreen
AppendMenuW
CreatePopupMenu
KillTimer
GetFocus
SetCapture
ReleaseCapture
SetCursor
ScreenToClient
GetCursorPos
ExitWindowsEx
OffsetRect
EnumChildWindows
FindWindowW
SetWindowTextW
GetWindowLongW
GetClassNameW
EnableMenuItem
GetSystemMenu
SetTimer
SetForegroundWindow
SetActiveWindow
GetWindowThreadProcessId
PostMessageW
IsHungAppWindow

shell32

SHGetMalloc
SHGetDesktopFolder
ShellExecuteExW
ShellExecuteW

advapi32

RegEnumKeyExA
OpenSCManagerW
RegDeleteValueW
RegDeleteKeyW
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegEnumKeyW
RegEnumValueW
RegQueryInfoKeyW
RegEnumKeyExW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryValueW
RevertToSelf
ObjectCloseAuditAlarmA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
QueryServiceStatus

gdi32

GetEnhMetaFileHeader
GetEnhMetaFileBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetBrushOrgEx
GdiFlush
ExtTextOutA
ExcludeClipRect
DeleteEnhMetaFile
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectA
CreateDIBitmap
CreateBrushIndirect
CopyEnhMetaFileA
CreateDIBSection
SetBitmapBits
GetBitmapBits
GetTextColor
SetTextColor
CreateRectRgn
EnumFontFamiliesW
DPtoLP
GetBkColor
LPtoDP
GetMapMode
GetCurrentObject
DeleteObject
SetDIBits
GetDIBits
CreateCompatibleBitmap
DeleteDC
Rectangle
GetDeviceCaps
GetEnhMetaFilePaletteEntries
CreateFontIndirectW
GetTextMetricsW
GetTextExtentPoint32W
Ellipse
ExtTextOutW
BitBlt
SelectObject
CreateCompatibleDC
GetObjectW
GetPixel
CreateBitmap
Escape
GetClipBox
GetViewportExtEx
GetWindowExtEx
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
ExtSelectClipRgn
SetBkMode
SetMapMode
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetRgnBox
SetBkColor
CreatePen
GetTextExtentExPointW
GetObjectA
GetPaletteEntries
GetSystemPaletteEntries
GetTextExtentPoint32A
GetTextMetricsA
GetWinMetaFileBits
GetWindowOrgEx
IntersectClipRect
MaskBlt
PatBlt
PlayEnhMetaFile
RealizePalette
SelectPalette
SetBrushOrgEx
SetDIBColorTable
SetEnhMetaFileBits
SetPixel
SetROP2
SetStretchBltMode
SetWinMetaFileBits
StretchBlt
UnrealizeObject
GetStockObject
CreateSolidBrush

shlwapi

PathAddBackslashW
PathAppendW
PathIsRootW
PathFindFileNameW
PathFileExistsW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

kernel32

GetModuleHandleA
DuplicateHandle
OpenProcess
VirtualAlloc
GetCurrentThreadId
ExpandEnvironmentStringsW
GetVersionExW
FreeResource
LocalFree
GetVersion
SetErrorMode
FindFirstFileA
lstrcmpA
GetPrivateProfileSectionW
GetWindowsDirectoryW
MoveFileExW
FindResourceExW
GetProcAddress
FreeLibrary
LoadLibraryW
LeaveCriticalSection
lstrcmpW
EnterCriticalSection
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
GetPrivateProfileStringW
GetLocaleInfoW
GetTimeZoneInformation
GetModuleFileNameW
LoadLibraryExW
GetUserDefaultLCID
GlobalAddAtomW
LoadLibraryA
GlobalDeleteAtom
GetModuleHandleW
GetSystemDirectoryW
OutputDebugStringA
CloseHandle
CreateThread
SetCurrentDirectoryW
GetSystemDefaultLangID
ReleaseMutex
SetFilePointerEx
EndUpdateResourceW
UpdateResourceW
BeginUpdateResourceW
CreateFileW
CopyFileW
GetDiskFreeSpaceExW
GetCurrentDirectoryW
GetEnvironmentVariableW
GetSystemDefaultLCID
CreateEventW
GetDriveTypeW
GetExitCodeThread
CompareStringA
EnumResourceLanguagesW
ConvertDefaultLocale
FormatMessageA
GetLogicalDriveStringsW
DeleteFileA
MoveFileA
CreateProcessA
GetFileAttributesA
CreatePipe
GetDriveTypeA
GetCurrentDirectoryA
CreateFileA
SetEnvironmentVariableW
GetConsoleOutputCP
WriteConsoleA
EnumSystemLocalesA
GetStringTypeA
GetDateFormatA
GetTimeFormatA
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
SetHandleCount
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
LCMapStringA
IsDebuggerPresent
GetLocaleInfoA
GetVersionExA
CommConfigDialogW
GetFullPathNameA
IsWow64Process
SetFileApisToANSI
GetConsoleProcessList
ReadConsoleInputA
OpenJobObjectW
AddVectoredExceptionHandler
GetCompressedFileSizeA
QueryInformationJobObject
GetPrivateProfileStringA
GetDiskFreeSpaceW
GetMailslotInfo
IsBadStringPtrA
SetCriticalSectionSpinCount
GetAtomNameW
ReadConsoleOutputCharacterA
GetConsoleWindow
SetThreadContext
SetFileApisToOEM
EnumCalendarInfoW
SearchPathA
GlobalFix
GetProfileIntW
ReplaceFileA
HeapQueryInformation
GetCurrentActCtx
CommConfigDialogA
AttachConsole
CreateActCtxW
EnumDateFormatsW
BackupRead
EndUpdateResourceA
GetLargestConsoleWindowSize
CreateJobObjectA
ReadConsoleInputW
LoadLibraryExA
lstrcpynA
SetCurrentDirectoryA
CreateEventA
EnumCalendarInfoA
FileTimeToDosDateTime
FindResourceA
GetDiskFreeSpaceA
GetLocalTime
GetStringTypeExA
GlobalAddAtomA
GlobalFindAtomA
SetThreadLocale
WinExec
lstrcpyA
ExitThread
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
WritePrivateProfileSectionW
GetSystemInfo
SetFileTime
SetFileAttributesW
GetFileTime
FlushFileBuffers
GetShortPathNameW
GetTempFileNameW
GetTempPathW
MoveFileW
LocalAlloc
HeapReAlloc
RaiseException
ExitProcess
RtlUnwind
IsProcessorFeaturePresent
GetACP
GetModuleHandleExW
HeapSize
VirtualProtect
VirtualQuery
GetStdHandle
GetProcessHeap
FormatMessageW
HeapAlloc
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
MulDiv
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
HeapFree
GetCommandLineW
GetFileAttributesExW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
CompareStringW
GlobalFlags
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetThreadLocale
UnlockFile
LockFile
GetVolumeInformationW
GlobalFindAtomW
SwitchToThread
WaitForSingleObject
GetTickCount
GetCurrentProcessId
GetPrivateProfileIntW
WritePrivateProfileStringW
SizeofResource
LockResource
LoadResource
FindResourceW
GetExitCodeProcess
GetCurrentProcess
CreateMutexW
TerminateThread
Sleep
MultiByteToWideChar
WideCharToMultiByte
SetLastError
GetFileAttributesW
GetFullPathNameW
lstrlenW
lstrcpynW
GetLastError
lstrlenA
InitializeCriticalSection
GetCurrentThread
DosDateTimeToFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
FindFirstFileW
FindNextFileW
FindClose
RemoveDirectoryW
CreateDirectoryW
SetEvent
ResetEvent
WaitForMultipleObjects
ReadFile
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsValidCodePage
GetOEMCP
GetCPInfo
GetStringTypeW
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
OutputDebugStringW
SetStdHandle
WriteConsoleW
ReadConsoleW
SetEnvironmentVariableA
FindNextFileA
WriteFile
SetEndOfFile
SetFilePointer
GetFileSize
DeleteFileW
DeleteCriticalSection

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ec4ac9c73c61f949e2a85d60cb1442a

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

advapi32

gdi32

shlwapi

kernel32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 39KB - Virtual size: 165KB

.rsrc Size: 123KB - Virtual size: 122KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 39KB - Virtual size: 165KB

.rsrc
Size: 123KB - Virtual size: 122KB