4443e190b131f82b74c48ed5e19a6b12_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4443e190b131f82b74c48ed5e19a6b12_JaffaCakes118
Size

457KB
MD5

4443e190b131f82b74c48ed5e19a6b12
SHA1

edc178aa9f3702ea6e8941453b21791fd6d29f3e
SHA256

a62778d5e45a7ab73728e00599e729be8810cf64122dfafd221865983510133c
SHA512

7ae3480f5e99a27499af7c3b617009656c2e207d47ddb11b0ff99e1ad860218fd9b4865e738e98bf899c09a62fba7b633cda54552a33202069f298873a9dbcdc
SSDEEP

12288:WGayxOs4DcJOKdQahJnQjLmrmqiSyMf+6EN:chs4gOKdfGybf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4443e190b131f82b74c48ed5e19a6b12_JaffaCakes118

Files

4443e190b131f82b74c48ed5e19a6b12_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c42a0318e878729a9963c1bb51f621bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHChangeNotify
SHFileOperationW
SHGetPathFromIDListA
SHGetPathFromIDListW
ShellExecuteExW
SHBindToParent
SHGetSpecialFolderLocation
SHGetFileInfoW
ExtractIconW
ShellExecuteA
SHPathPrepareForWriteW
Shell_NotifyIconW
SHGetFolderLocation
DragQueryFileW
SHGetDataFromIDListW
SHSetLocalizedName
SHGetFolderPathW
ShellAboutW
SHGetSpecialFolderPathW
SHBrowseForFolderW
SHGetDesktopFolder
ExtractIconExW
ShellExecuteW
ExtractAssociatedIconExW
SHGetFolderPathAndSubDirW
SHCreateShellItem
SHAppBarMessage
Shell_NotifyIconA
SHGetInstanceExplorer

uxtheme

OpenThemeData
DrawThemeBackground
GetThemeAppProperties
GetThemePartSize
DrawThemeParentBackground
IsThemeActive
GetThemeMetric
GetThemeBackgroundContentRect
GetThemeColor
CloseThemeData
GetThemeBackgroundExtent
GetThemeFont
SetWindowTheme
GetThemeMargins
IsAppThemed

gdi32

MoveToEx
StretchBlt
CreatePatternBrush
GetDeviceCaps
GetStockObject
SetRectRgn
RestoreDC
CreateBitmap
SetTextColor
CreateDCW
CreatePalette
GetTextExtentPoint32W
CreateEnhMetaFileA
PatBlt
CreateRectRgnIndirect
CreateSolidBrush
GetPixel
CloseMetaFile
GetSystemPaletteEntries
GetBkColor
GetPaletteEntries
CreatePen
SetBkMode
GetLayout
CreatePolygonRgn
ExtCreateRegion
GetObjectA
GetBkMode
SetWindowOrgEx
GetTextExtentExPointI
SetWindowExtEx
RectVisible
GetObjectW
GetGlyphIndicesW
DeleteObject
CreateMetaFileW
GetClipBox
OffsetRgn
PlayEnhMetaFile
CreateFontIndirectA
SetPaletteEntries
SetTextAlign
GetTextColor
SaveDC
DeleteEnhMetaFile
StretchDIBits
Rectangle
CombineRgn
CloseEnhMetaFile
TextOutA
BitBlt
GetTextExtentPoint32A
SetViewportOrgEx
EqualRgn
IntersectClipRect
DeleteDC
GetDCOrgEx
SetDCPenColor
GetTextAlign
RealizePalette
OffsetWindowOrgEx
CreateCompatibleBitmap
CreateDIBPatternBrushPt
TextOutW
CreateDCA
CreateDIBSection
SelectPalette
CreateRectRgn
GetRgnBox
CreateHalftonePalette
SetBkColor
GetDIBits
CreateFontW
GetTextCharset
LPtoDP
CreateCompatibleDC
SetLayout
SetBrushOrgEx
SetStretchBltMode
ExtTextOutW
GetBrushOrgEx
SetMapMode
CreateFontIndirectW
SelectObject
GetTextExtentPointW
LineTo
GetTextMetricsW
SetViewportExtEx
GetRegionData

user32

GetMenuItemCount
FindWindowW
DestroyAcceleratorTable
ChangeClipboardChain
GetMessagePos
SetMenuItemBitmaps
GetSysColorBrush
GetClipboardFormatNameW
RegisterWindowMessageW
SetClipboardViewer
CopyIcon
SetClipboardData
SetPropA
DdeClientTransaction
DrawTextW
CheckMenuRadioItem
SystemParametersInfoW
FillRect
RegisterClassW
GetCapture
GetMenuItemInfoW
EndMenu
MonitorFromRect
MessageBoxExA
SetWindowPlacement
SetParent
EnumChildWindows
ReleaseCapture
DispatchMessageA
UpdateWindow
CallWindowProcW
GetDesktopWindow
LoadAcceleratorsW
MapVirtualKeyW
IsChild
GetWindowRect
GetShellWindow
EnableWindow
MessageBeep
SetRect
UpdateLayeredWindow
MonitorFromPoint
MessageBoxIndirectA
GetMenuStringW
GetDC
GetParent
GetMessageA
GetProcessWindowStation
ShowScrollBar
ShowCaret
GetDlgItem
RegisterClipboardFormatW
GetAncestor
SetActiveWindow
GetClassLongW
RegisterClipboardFormatA
DestroyWindow
SetTimer
GetLastActivePopup
SendMessageTimeoutW
DrawFrameControl
CallNextHookEx
PostQuitMessage
wsprintfW
CallMsgFilterW
EnableMenuItem
LoadStringW
LockSetForegroundWindow
TranslateMessage
MapWindowPoints
TranslateAcceleratorW
IsWindow
DialogBoxParamA
GetDlgItemTextW
AllowSetForegroundWindow
TrackMouseEvent
GetNextDlgTabItem
DeferWindowPos
GetAsyncKeyState
SetMenuDefaultItem
SetWindowPos
GetCursorPos
IsWindowEnabled
GetClassNameW
MessageBoxExW
SetForegroundWindow
GetTopWindow
GetMenuItemInfoA
DrawTextExW
MsgWaitForMultipleObjects
CharLowerW
GetLastInputInfo
InflateRect
CheckDlgButton
DestroyMenu
DdeUninitialize
GetScrollInfo
FindWindowExW
IsMenu
DialogBoxIndirectParamA
GetMonitorInfoW
GetClientRect
InsertMenuItemW
DdeFreeStringHandle
AdjustWindowRectEx
IsWindowVisible
EndDialog
GetClassInfoW
DdeGetData
SetCursor
TrackPopupMenuEx
PostThreadMessageW
CreateDialogParamW
MapDialogRect
SendDlgItemMessageW
GetSubMenu
RegisterClassExW
HideCaret
OffsetRect
EnumThreadWindows
AttachThreadInput
GetMenuState
PtInRect
BeginPaint
ReleaseDC
GetActiveWindow
IsCharAlphaNumericW
AdjustWindowRect
LoadStringA
CharPrevA
DrawIconEx
SetScrollInfo
SendMessageA
MsgWaitForMultipleObjectsEx
IsWindowUnicode
GetWindowTextW
SetWindowTextW
EmptyClipboard
DdeInitializeW
GetPropW
GetForegroundWindow
IsDialogMessageW
SetWindowRgn
DdeCreateDataHandle
TrackPopupMenu
EqualRect
FindWindowA
EnumWindows
WaitMessage
MessageBoxIndirectW
EndPaint
CharLowerBuffW
WinHelpW
GetSystemMenu
CopyImage
UnhookWindowsHookEx
DialogBoxIndirectParamW
DdeQueryStringW
SetCursorPos
DestroyIcon
EnumDesktopWindows
RemovePropW
GetDialogBaseUnits
ShowOwnedPopups
GetClassInfoExW
PeekMessageA
GetMessageTime
SendMessageTimeoutA
DdeCreateStringHandleW
GetWindow
GetKeyboardLayout
GetWindowPlacement
SetScrollPos
SetWindowsHookExW
CheckRadioButton
PostThreadMessageA
SetWindowLongW
CharNextW
GetWindowRgnBox
IsIconic
DeleteMenu
SetCapture
PostMessageW
DialogBoxParamW
InsertMenuW
GetClassWord
SetMenuItemInfoW
CharUpperW
SetMenu
SetWindowLongA
InvalidateRect
DdeDisconnect
GetKeyNameTextW
GetIconInfo
DdeFreeDataHandle
LoadBitmapW
GetMessageW
LoadCursorW
CloseClipboard
PostMessageA
SetDlgItemTextW
GetDoubleClickTime
IsRectEmpty
LoadIconW
DefWindowProcA
GetComboBoxInfo
GetClipboardData
CreatePopupMenu
DdeNameService
GetWindowThreadProcessId
GetWindowLongA
SetRectEmpty
GetWindowTextLengthW
GetSystemMetrics
GetFocus
AnimateWindow
DrawFocusRect
GetPropA
DrawEdge
SendNotifyMessageW
GetMenuItemID
ChildWindowFromPoint
CreateWindowExW
SendMessageW
ShowWindow
MoveWindow
GetWindowLongW
ClientToScreen
GetDlgCtrlID
ScreenToClient
RegisterWindowMessageA
RedrawWindow
IntersectRect
DdeConnect
UnionRect
CheckMenuItem
RemovePropA
WaitForInputIdle
GetWindowDC
UnregisterClassW
CreateIconIndirect
SetPropW
EndDeferWindowPos
SetDlgItemInt
SetFocus
BeginDeferWindowPos
DispatchMessageW
GetMenuDefaultItem
GetCursor
GetWindowInfo
CharNextA
WindowFromPoint
NotifyWinEvent
CharPrevW
CreateMenu
KillTimer
LoadImageW
IsDlgButtonChecked
CopyRect
EnumDisplaySettingsW
RemoveMenu
MessageBoxW
AppendMenuW
VkKeyScanExW
GetKeyState
SystemParametersInfoA
IsHungAppWindow
DefWindowProcW
OpenClipboard
MonitorFromWindow
GetSysColor
LoadMenuW
LoadCursorA
PeekMessageW

psapi

GetProcessImageFileNameW

kernel32

VirtualAlloc

ntdll

NtSetSystemEnvironmentValueEx
RtlAdjustPrivilege
NtQuerySemaphore
RtlAddAccessAllowedObjectAce

ddraw

DirectDrawCreate

advapi32

GetTraceEnableLevel
GetTokenInformation
RegEnumValueA
RegEnumValueW
OpenProcessToken
RegOpenKeyExW
RegOpenKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExA
TraceMessage
RegEnumKeyW
TraceEvent
DuplicateTokenEx
RegQueryInfoKeyW
GetUserNameW
RegQueryValueExA
ImpersonateSelf
SetTokenInformation
ConvertStringSidToSidW
CryptDestroyHash
RegSetValueExW
IsTextUnicode
GetLengthSid
SetThreadToken
RegCreateKeyA
CryptReleaseContext
RegisterTraceGuidsW
RegOpenKeyExA
OpenThreadToken
CryptCreateHash
RegCreateKeyExA
RegOpenCurrentUser
CryptAcquireContextW
RegEnumKeyExW
UnregisterTraceGuids
RegQueryValueExW
RegDeleteKeyA
GetTraceEnableFlags
RegCreateKeyExW
RegDeleteValueA
RegQueryValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetTraceLoggerHandle
CreateProcessAsUserW
CryptGetHashParam
ConvertSidToStringSidW
CryptHashData
RegDeleteKeyW

rtutils

TraceDumpExW
TraceDumpExA

Sections

.text
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 416KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c42a0318e878729a9963c1bb51f621bd

Headers

File Characteristics

Imports

shell32

uxtheme

gdi32

user32

psapi

kernel32

ntdll

ddraw

advapi32

rtutils

Sections

.text Size: 1024B - Virtual size: 1012B

.idata Size: 12KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 2.4MB

.rsrc Size: 416KB - Virtual size: 416KB

.rdata Size: 21KB - Virtual size: 21KB

.text
Size: 1024B - Virtual size: 1012B

.idata
Size: 12KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 2.4MB

.rsrc
Size: 416KB - Virtual size: 416KB

.rdata
Size: 21KB - Virtual size: 21KB