503a2f9558fc18c75df27af4f462f320_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

503a2f9558fc18c75df27af4f462f320_JaffaCakes118
Size

482KB
MD5

503a2f9558fc18c75df27af4f462f320
SHA1

fa5c51762198e9e2c19e2596ad071352d535cfd3
SHA256

86021b2bce948ca1c22d1a575001f2591e624d977f60ff2ded9b1befd83d78ff
SHA512

b7672c5276944e329bef63d9c96b635c1f45007aeaebd20d5728351712b827a643fd5f5e4459ed75f3c05ae1c5839dae0c6a51fc75d7e31166bcc37459e7212c
SSDEEP

6144:K8/kjlZoZuvxbOa5fLxC1u90lUsLV3AkhnD+veRMMijHKCzFWvYsbnWwsQ:KVjlZGMY1u91m3AkhnueueCzuz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
503a2f9558fc18c75df27af4f462f320_JaffaCakes118

Files

503a2f9558fc18c75df27af4f462f320_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7a2032f9129be74e935cbed9965b3939

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindow
GetLayeredWindowAttributes
GetLastActivePopup
GetGUIThreadInfo
GetClientRect
GetAncestor
DestroyAcceleratorTable
OpenWindowStationA
SubtractRect
GetParent
GetClipCursor
MapVirtualKeyW
EnumDisplaySettingsW
BringWindowToTop
PackDDElParam
GetMenuBarInfo
CascadeWindows
wsprintfA
DestroyIcon
GetProcessDefaultLayout
GetClipboardOwner
IsWindowVisible
UnregisterClassW
DestroyMenu
LoadCursorW
GetSysColorBrush
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowThreadProcessId
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
ShowWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
CheckRadioButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
DispatchMessageW
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
AnyPopup
UpdateWindow
EnableWindow
CheckMenuItem
OpenInputDesktop
CreateDesktopW
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
SendDlgItemMessageA
SetThreadDesktop
SwitchDesktop
CloseDesktop
SendMessageW
PostMessageW
GetSystemMetrics
IsIconic
GetFocus
GetTopWindow
GetWindowLongW
GetClassNameW
SetWindowLongW
SetWindowPos
SetForegroundWindow
EndDialog
GetNextDlgTabItem
IsWindowEnabled
SetFocus
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem

comdlg32

GetFileTitleW

shell32

SHGetFolderPathW
ShellExecuteW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleFlushClipboard
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
CoTaskMemAlloc
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoTaskMemFree
StgCreateDocfileOnILockBytes

advapi32

OpenProcessToken
FreeSid
QueryServiceConfigA
ChangeServiceConfigW
RegSetValueW
RegCloseKey
RegCreateKeyA
OpenBackupEventLogW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegDeleteKeyW
LookupPrivilegeValueW
RegOpenKeyExW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
CheckTokenMembership
RegQueryValueExW
AdjustTokenPrivileges
AllocateAndInitializeSid
RegSetValueExW

gdi32

CreateColorSpaceA
ArcTo
AddFontResourceExW
ChoosePixelFormat
ColorMatchToTarget
AngleArc
CloseEnhMetaFile
ColorCorrectPalette
Arc
AnimatePalette
CheckColorsInGamut
CreateBrushIndirect
AbortPath

opengl32

glLightfv
glLightModelfv
glLightModelf
glHint
glGetString
glGenTextures
glEnd
glEnable
glDisable
glDepthFunc
glCopyTexImage2D
glColor4f
glColor3f
glClearDepth
glClearColor
glClear
glCallList
glBlendFunc
glBegin

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

CreateEventW
SetEvent
GetSystemDefaultLCID
GetEnvironmentVariableW
CreateDirectoryW
RemoveDirectoryW
GetSystemDirectoryW
GetTempPathW
GetSystemDefaultLangID
SetCurrentDirectoryW
CreateThread
WaitForSingleObject
HeapAlloc
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
Sleep
ExitProcess
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
GetExitCodeThread
CreateFileA
SetErrorMode
FlushFileBuffers
SetFilePointer
lstrlenA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GlobalFlags
GetModuleHandleA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
LoadLibraryW
CompareStringW
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetProcAddress
GetVersionExA
CompareStringA
GetVersion
WideCharToMultiByte
SetLastError
GlobalAlloc
FormatMessageW
lstrlenW
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
MultiByteToWideChar
GetCurrentDirectoryW
MoveFileW
GetLastError
LocalFree
OpenProcess
CreateProcessW
GetDriveTypeW
GetWindowsDirectoryW
GetVersionExW
GetCurrentProcess
FileTimeToSystemTime
FileTimeToLocalFileTime
GetThreadLocale
FormatMessageA
ResetEvent
GetLogicalDriveStringsW
DeleteFileA
MoveFileA
CreateProcessA
GetFileAttributesA
CreatePipe
GetExitCodeProcess
GetDriveTypeA
GetCurrentDirectoryA
SetEnvironmentVariableW
SetEnvironmentVariableA
HeapDestroy
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemInfo
VirtualProtect
GetProcessHeap
GetFileTime
GetVolumeInformationW
DuplicateHandle
UnlockFile
LockFile
GetTimeFormatA
GetDateFormatA
InterlockedIncrement
InterlockedDecrement
GetTimeZoneInformation
WriteConsoleW
FindFirstFileW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetCurrentProcessId
LocalAlloc
GetCommandLineW
GetTickCount
GetModuleFileNameW
FreeLibrary
LoadLibraryExW
GetPrivateProfileIntW
CloseHandle
WriteFile
ReadFile
GetFileSize
CreateFileW
SetFileAttributesW
FindResourceW
LoadResource
WritePrivateProfileStringW
GetPrivateProfileStringW
FindClose
FindNextFileW
VirtualAlloc
SetCommTimeouts
MapViewOfFile
GetCalendarInfoW
ReleaseMutex
GlobalDeleteAtom
FatalExit
GetCPInfo
SizeofResource
LockResource
DeleteFileW

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 121KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a2032f9129be74e935cbed9965b3939

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

shell32

oledlg

ole32

advapi32

gdi32

opengl32

version

kernel32

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 121KB - Virtual size: 270KB

.rsrc Size: 242KB - Virtual size: 241KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 121KB - Virtual size: 270KB

.rsrc
Size: 242KB - Virtual size: 241KB