521882d3ea8df2fbe60f42776573917a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

521882d3ea8df2fbe60f42776573917a_JaffaCakes118
Size

131KB
MD5

521882d3ea8df2fbe60f42776573917a
SHA1

2b4c82753111fb06e9e2e8fd364ee23400118b38
SHA256

d982dcd833791b43b678adbd06a6c7463c806a75d420d5bbd5c733a59cfc1773
SHA512

ecfcdde70a7207885736c12974ec2e70c50a4155365f10ccde6683cf3148122e8a7018ee4f7bde2fddd8608063da73accc40352dd721722d084d5ba3303e18a8
SSDEEP

3072:c3U+cKy77A9buryB9ldFmmr2nDy1h/kFWLgr8Op9C61q:OU+vy709bx9lCmWO1NkFWLPs94

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
521882d3ea8df2fbe60f42776573917a_JaffaCakes118

Files

521882d3ea8df2fbe60f42776573917a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8dc25208a7ec1a4e7f02de0127798316

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleCreateEx
OleLockRunning
CLSIDFromString
CoAddRefServerProcess
CoTaskMemAlloc
OleCreateFromData
WriteClassStg
OleCreateFromFile
OleCreateLink
StgOpenStorageEx

user32

EndMenu
PeekMessageA
DrawTextW
DefWindowProcA
GetDesktopWindow
ExitWindowsEx
GetLastActivePopup
ChildWindowFromPointEx
DdeKeepStringHandle
WINNLSEnableIME
CharPrevExA
DdeFreeStringHandle
GetWindowWord
SetRectEmpty
GetClipboardViewer
SetWindowRgn
EndDialog
GetClipboardData
SetScrollRange
MapWindowPoints
SetCaretPos
RealChildWindowFromPoint
GrayStringA
IsMenu
GetScrollBarInfo
GetClassInfoExW
DestroyMenu
CallMsgFilterW
PostThreadMessageW
RegisterClassExA
RegisterClassExW
GetNextDlgTabItem
GetKeyNameTextA
EnableScrollBar
SetScrollInfo
SetUserObjectInformationW
EndDeferWindowPos
SetThreadDesktop
RegisterClipboardFormatA
SendMessageTimeoutA
SetMenuDefaultItem
GetDialogBaseUnits
PostQuitMessage
CreateCaret
LoadAcceleratorsW
DdeConnect
ShowScrollBar
GetPropW
DefDlgProcW
CharLowerBuffW
CopyAcceleratorTableA
CascadeWindows
EnumPropsW
DdeImpersonateClient
LoadCursorFromFileW
SetMenuInfo
LoadStringA
DlgDirListW
GetWindowTextLengthA
SetMessageQueue
ChangeMenuA
SetWindowPos
DefWindowProcW
GetWindowDC
IsWindow
GetSysColorBrush
GetDCEx
IsWindowVisible
GetUserObjectInformationW
GetClipboardOwner
GetComboBoxInfo
GetClassInfoExA
SetWindowPlacement
CallWindowProcW
FindWindowW
SetShellWindow
GetScrollRange
InsertMenuItemW
InSendMessage
DdeAbandonTransaction
ShowWindow
DrawIcon
IsWindowUnicode
SetLastErrorEx
SetCursorPos
DdeFreeDataHandle
OemToCharBuffW
GetWindowLongW
MapVirtualKeyExA
DestroyCaret
TrackPopupMenuEx
TranslateMessage
SetScrollPos
CharPrevA
CallMsgFilterA
GetMonitorInfoA
SetProcessWindowStation
DdeCmpStringHandles
DestroyAcceleratorTable
DdeDisconnect
CheckMenuItem
DeferWindowPos
VkKeyScanExA
PostThreadMessageA
RemoveMenu
EnableMenuItem
DefFrameProcW
GetWindowModuleFileNameA
ReuseDDElParam
GetInputDesktop
TabbedTextOutA
DdeGetLastError
HiliteMenuItem
UnregisterHotKey
DestroyCursor
FlashWindowEx
GetMessagePos
MessageBoxW
RegisterDeviceNotificationA
EnumDisplayDevicesA
CharToOemA
SetWindowTextW
TranslateAccelerator
CreateDialogParamW
ScrollWindowEx
CountClipboardFormats
WindowFromDC
EnumWindowStationsA
TabbedTextOutW
DrawFocusRect
OpenInputDesktop
DlgDirListComboBoxW
CharToOemBuffW
OpenDesktopA
SetMenuItemInfoA
SetUserObjectInformationA
GetKeyboardLayoutNameW
SetClassWord
WindowFromPoint
RegisterWindowMessageW
DdeSetUserHandle
MapVirtualKeyW
DrawAnimatedRects
TranslateAcceleratorA
CharNextA
GetCursorPos
GetWindowTextW
CallWindowProcA
DlgDirListComboBoxA
CharToOemBuffA
CharLowerW
GetMessageExtraInfo
CharUpperW
InsertMenuW
DialogBoxIndirectParamA
GetWindowRect
CharPrevW
TrackPopupMenu
GetClipCursor
PostMessageA
MapVirtualKeyExW
GetPropA
GetKeyNameTextW
LockWindowUpdate
EnumDisplaySettingsW
LoadAcceleratorsA
WINNLSGetIMEHotkey
SetPropW
VkKeyScanA
LoadKeyboardLayoutA
GetProcessDefaultLayout
IsCharAlphaW
GetIconInfo
KillTimer
UnloadKeyboardLayout
SetWindowTextA
GetSystemMetrics
DefFrameProcA
DialogBoxParamW
IsDialogMessage
SetCapture
DlgDirSelectComboBoxExA
ShowOwnedPopups
IsDialogMessageW
PostMessageW
CloseWindowStation
OpenIcon
WinHelpW
GetKeyboardLayout
CreateDialogParamA
GetWindowTextA
TrackMouseEvent
SetFocus
GetWindowContextHelpId
SetMenu
GetDlgItem
RealGetWindowClass

advapi32

RegUnLoadKeyW
SetSecurityInfo
SetEntriesInAuditListA
CryptSetKeyParam
RegisterServiceCtrlHandlerW
PrivilegedServiceAuditAlarmA
CopySid
InitializeAcl
RegDeleteKeyW
RegDeleteValueA
SetFileSecurityA
RegReplaceKeyA

kernel32

LoadLibraryA
EnumResourceLanguagesW
GetStringTypeExW
FindFirstFileW
VirtualFree
SetMailslotInfo
WritePrivateProfileStructA
GetNumberOfConsoleInputEvents
MapViewOfFileEx
CopyFileA
GetEnvironmentVariableW
SetSystemTimeAdjustment
CancelDeviceWakeupRequest
GetHandleInformation
GetFileAttributesExA
GetTempPathA
FileTimeToLocalFileTime
GetConsoleTitleA
ConvertDefaultLocale
WriteConsoleInputA
GetWriteWatch
EnumDateFormatsExW
GetPrivateProfileIntW
CreateMailslotW
Process32Next
CreateNamedPipeA
SetConsoleCursorInfo
CompareStringA
EnumSystemLocalesA
LocalShrink
EnumDateFormatsA
GetVersionExA
GetConsoleScreenBufferInfo
FindFirstFileExW
RemoveDirectoryW
HeapWalk
GetLocaleInfoA
lstrlenW
GetConsoleTitleW
GetDriveTypeW
LocalFree
CreateNamedPipeW
GetQueuedCompletionStatus
OpenFileMappingA
SetConsoleCtrlHandler
UnlockFile
lstrcmpW
GetPrivateProfileSectionA
GlobalCompact
GetSystemInfo
GetThreadPriority
GetUserDefaultLCID
SignalObjectAndWait
GlobalDeleteAtom
ReadDirectoryChangesW
GetProcAddress
EnumSystemCodePagesA
GetDriveTypeA
GetACP
lstrcpyW
GetThreadSelectorEntry
WaitForMultipleObjectsEx
GlobalHandle
OpenMutexA
SetThreadLocale
FileTimeToSystemTime
GlobalAddAtomW
GetProcessShutdownParameters
LoadLibraryExA
GetEnvironmentStringsW
IsBadStringPtrA
FindNextChangeNotification
OpenWaitableTimerA
VirtualLock
GetLogicalDriveStringsA
CreateMutexW
WritePrivateProfileStringW
SetEnvironmentVariableA
FlushFileBuffers
ReadConsoleOutputCharacterA
GetTickCount
GetCPInfo
GlobalUnlock
OpenSemaphoreW
OpenEventA
BackupWrite
WaitForMultipleObjects
CreateMailslotA
FoldStringA
SetThreadIdealProcessor
SizeofResource
LocalSize
UnlockFileEx
GetProfileStringA
ReadConsoleOutputCharacterW
FreeEnvironmentStringsA
SleepEx
GetModuleFileNameA
GetConsoleCursorInfo
MoveFileExA
FileTimeToDosDateTime
FindAtomA
OpenFile
FatalAppExitW
SetErrorMode
GetStartupInfoW
OpenFileMappingW
FreeConsole
EnumDateFormatsW
SetSystemPowerState
GetSystemTimeAdjustment
GetCompressedFileSizeA
CopyFileW
FormatMessageA
LocalFlags
RtlFillMemory
LockFile
MultiByteToWideChar
GetConsoleOutputCP
PulseEvent
GetPrivateProfileSectionNamesA
FindResourceExW
FindResourceExA
QueryPerformanceCounter
LocalCompact
CreateSemaphoreW
FoldStringW
LoadModule
GetCurrentProcessId
LocalAlloc
FlushInstructionCache
CopyFileExA
ResumeThread
GetConsoleCP
GetWindowsDirectoryA
CopyFileExW
VirtualUnlock
lstrcpyn
GetSystemDirectoryW
GetLargestConsoleWindowSize
LCMapStringW
EnumResourceLanguagesA
VirtualAlloc
VirtualProtect
GetProfileIntA

shlwapi

PathCanonicalizeA
SHOpenRegStreamW
StrRetToStrA

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8dc25208a7ec1a4e7f02de0127798316

Headers

DLL Characteristics

File Characteristics

Imports

ole32

user32

advapi32

kernel32

shlwapi

Sections

.text Size: 91KB - Virtual size: 91KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 512B - Virtual size: 12KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 91KB - Virtual size: 91KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 512B - Virtual size: 12KB

.rsrc
Size: 2KB - Virtual size: 1KB