545cdd57e5e119b57cef1a1554ca50ae_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

545cdd57e5e119b57cef1a1554ca50ae_JaffaCakes118
Size

1.2MB
MD5

545cdd57e5e119b57cef1a1554ca50ae
SHA1

dd8586a22b9f6e0e69f82f8c021b139b01362605
SHA256

aed5c80888687d4a56970e91eea9f0ca5c47207bc0d0e6fb008f685e9dd3cb6d
SHA512

cec45745d108e3b4f868ab0666ffba8d7f5885df3cd3def607713c0b0ac82b4c02ab209dd7876b2e3d22c48ee0399b7b0ecad76ba828a8b398f3fda4d1b8cb02
SSDEEP

24576:13WgpCKBhCNFTUKk6l8mPoIyf79Kx9w/qW1Xs+ME:13WgbuzPofMx8j9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
545cdd57e5e119b57cef1a1554ca50ae_JaffaCakes118

Files

545cdd57e5e119b57cef1a1554ca50ae_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c0f980d5b17336a75c8d4ec195bdc194

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
FindResourceExW
CreateMutexA
GetProcessPriorityBoost
SetConsoleMode
GetLocaleInfoW
GetPrivateProfileSectionNamesA
GetHandleInformation
DeleteTimerQueueEx
GetProfileStringA
GetConsoleAliasesW
Module32FirstW
FoldStringW
GetFileAttributesW
DefineDosDeviceA
lstrcpyW
CreateNamedPipeA
SetWaitableTimer
GetStringTypeExA
IsBadReadPtr
GlobalHandle
GetLongPathNameA
LoadLibraryExA
DuplicateHandle
DeleteTimerQueueTimer
GetProfileIntA
FindResourceW
PostQueuedCompletionStatus
SetEnvironmentVariableA
GetProfileStringW
GetPrivateProfileStringW
GetConsoleAliasExesLengthW
GetTimeFormatA
GetFileInformationByHandle
FlushConsoleInputBuffer
CreateFileMappingA
OpenMutexW
SetThreadAffinityMask
SetProcessPriorityBoost
DosDateTimeToFileTime
AddAtomW
FlushFileBuffers
CancelWaitableTimer
GetCurrentDirectoryA
GetPrivateProfileSectionNamesW
GetSystemDefaultUILanguage
SetFileAttributesA
VerifyVersionInfoW
GetConsoleAliasExesA
GetProcessTimes
LocalReAlloc
GetCurrentConsoleFont
GetThreadPriority
VerSetConditionMask
GlobalDeleteAtom
GetCurrentProcess
SetFileTime
GetNamedPipeHandleStateW
SetComputerNameExW
CreateJobObjectW
SetComputerNameExA
SetCalendarInfoA
FormatMessageW
FindNextFileA
GetCalendarInfoA
GetAtomNameA
FreeUserPhysicalPages
GetSystemDefaultLangID
GetPrivateProfileIntA
FindVolumeClose
GetUserDefaultLangID
SetSystemTimeAdjustment
GetConsoleOutputCP
TryEnterCriticalSection
ResetWriteWatch
FindNextChangeNotification
SetConsoleOutputCP
OpenProcess
FormatMessageA
DisconnectNamedPipe
ReplaceFileA
GetBinaryTypeW
DefineDosDeviceW
OpenJobObjectA
GetUserDefaultUILanguage
CreateJobObjectA
GetLogicalDriveStringsA
GetVolumeInformationW
GetDriveTypeW
Module32First
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetConsoleAliasExesLengthA
GetTimeFormatW
CreateMailslotA
CreateHardLinkW
GetStringTypeExW
SetEnvironmentVariableW
SetNamedPipeHandleState
SetConsoleDisplayMode
MapUserPhysicalPagesScatter
Toolhelp32ReadProcessMemory
VirtualAlloc
MultiByteToWideChar
GetVersion
GetShortPathNameA
AddAtomA
CreateFileMappingW
ReadDirectoryChangesW
CreateSemaphoreA
GetSystemWindowsDirectoryA
CopyFileW
GetNumberFormatA
GetProcessWorkingSetSize
CancelIo
GetStringTypeW
HeapReAlloc
HeapAlloc
HeapSize
GetOEMCP
GetCPInfo
Sleep
HeapFree
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
IsProcessorFeaturePresent
InterlockedDecrement
GetLastError
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
EncodePointer
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
GetModuleFileNameW
GetStdHandle
WriteFile
DecodePointer
SetThreadPriorityBoost
GetNamedPipeHandleStateA
GetCompressedFileSizeA
GetEnvironmentVariableW
FindAtomA
GetFileSizeEx
GetPrivateProfileSectionW
OpenWaitableTimerA
OpenEventA
GetConsoleCP
GetThreadLocale
GetFullPathNameW
GetBinaryTypeA
DnsHostnameToComputerNameA
GetFileAttributesA
SetTapeParameters
GetTempPathW
GetCurrentThread
MapViewOfFile
CompareFileTime
GetComputerNameW
GlobalUnlock
CopyFileExA
Module32NextW
TlsGetValue
GetConsoleAliasExesW
FlushViewOfFile
AssignProcessToJobObject
FindResourceA
GetACP
SetInformationJobObject
IsValidCodePage
GetStartupInfoW
GetLocaleInfoA
FindFirstFileExA
GetVolumePathNameA
GetCPInfoExA
CreateMailslotW
GetProfileIntW
GetConsoleMode
lstrcatW
SetCurrentDirectoryW
SetLocaleInfoW
SetFileAttributesW
PrepareTape
GetVolumePathNameW
GetProfileSectionW
GetDiskFreeSpaceA
SetThreadIdealProcessor
ResetEvent
FindFirstFileA
CopyFileA
GetCurrencyFormatW
CreateMutexW
OpenFileMappingW
ConvertThreadToFiber
GetQueuedCompletionStatus
FindFirstVolumeW
IsValidLocale
GetPrivateProfileStructA
GetDiskFreeSpaceW
GetFileAttributesExA
GetModuleHandleA
GetDateFormatW
WriteConsoleW
GetSystemWindowsDirectoryW
GetModuleFileNameA
VirtualProtect
RtlUnwind
CreateHardLinkA
LCMapStringW
GlobalMemoryStatus
GetExitCodeProcess
GetDateFormatA
SearchPathW
SetCalendarInfoW
GlobalLock
GetFileAttributesExW
ExitProcess
GetModuleHandleW
GetProcAddress
SetUnhandledExceptionFilter
HeapSetInformation
GetCommandLineA

user32

PostMessageW
CallWindowProcW
UnregisterClassW
IntersectRect
PeekMessageA
LoadStringW
EqualRect
ValidateRect
wsprintfW
SetDlgItemTextW
SetWindowTextA
GetFocus
ClientToScreen
TrackPopupMenu
CharToOemA
UpdateWindow
RegisterClassW
DestroyIcon
GetWindowThreadProcessId
CallWindowProcA
EnumDisplayMonitors
SetMenuDefaultItem
SetDlgItemInt
GetAltTabInfoA
ScreenToClient
GetMessageW
SetParent
CreateWindowExA
DispatchMessageW
SetWindowPlacement
CreateDialogParamW
DestroyAcceleratorTable
GetClassInfoA
IsIconic
GetSystemMetrics
WindowFromDC
wsprintfA
CheckDlgButton
GetMessagePos
SendMessageTimeoutW
GetProcessWindowStation
DrawIcon
RemoveMenu

comctl32

InitializeFlatSB
ImageList_DragLeave
ImageList_GetImageInfo
ImageList_SetOverlayImage
FlatSB_GetScrollPos
ImageList_GetIconSize
CreatePropertySheetPageW
ImageList_Replace
PropertySheetW
ImageList_LoadImageA
ImageList_Add
ImageList_GetIcon
ImageList_Read
ImageList_DragMove
FlatSB_SetScrollInfo
ImageList_SetBkColor
ImageList_Remove
InitCommonControlsEx
CreateToolbarEx
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_EndDrag
ImageList_SetImageCount
ImageList_Create
CreateStatusWindowW
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_BeginDrag
ImageList_Write
ord17
CreatePropertySheetPageA
ImageList_AddMasked
ImageList_SetIconSize
ImageList_SetDragCursorImage
PropertySheetA
_TrackMouseEvent
ImageList_GetBkColor
ImageList_DrawEx
FlatSB_SetScrollProp
ImageList_LoadImageW
ImageList_DrawIndirect
FlatSB_SetScrollPos
ImageList_Copy
DestroyPropertySheetPage
ImageList_DragEnter
FlatSB_GetScrollInfo
ImageList_GetImageCount
ImageList_Draw

advapi32

RegCreateKeyExA
GetKernelObjectSecurity
AddAuditAccessAce
RegQueryValueExA
RegSetKeySecurity
RegQueryMultipleValuesW
GetCurrentHwProfileW
RegNotifyChangeKeyValue
AreAllAccessesGranted
AddAccessDeniedAce
InitializeAcl
RegSetValueA
RegCreateKeyExW
GetSidLengthRequired
AddAccessAllowedAce
GetSidIdentifierAuthority
GetSidSubAuthorityCount
SetTokenInformation
RegQueryMultipleValuesA
InitializeSecurityDescriptor
GetSidSubAuthority
GetTokenInformation
GetCurrentHwProfileA
AreAnyAccessesGranted
RegSetValueExW
RegSetValueExA
SetKernelObjectSecurity
RegSetValueW

ole32

OleFlushClipboard
GetConvertStg
StgOpenStorageEx
CLIPFORMAT_UserUnmarshal
CoInitialize
HMENU_UserMarshal
OleConvertIStorageToOLESTREAM
WriteClassStg
CreateOleAdviseHolder
CoFreeUnusedLibraries
MonikerRelativePathTo
GetHGlobalFromStream
CoSetProxyBlanket
OleGetIconOfClass
CoRegisterMessageFilter
RevokeDragDrop
CoInitializeEx
OleCreateDefaultHandler
BindMoniker
CreateFileMoniker
OleRegEnumVerbs
OleQueryCreateFromData
HWND_UserFree
StgCreateStorageEx
CoMarshalHresult
OleSetContainedObject
HGLOBAL_UserSize
CoCancelCall
SetConvertStg
CoUnmarshalInterface
CreateILockBytesOnHGlobal
CoMarshalInterThreadInterfaceInStream
HPALETTE_UserSize
OleLoadFromStream
CoGetInterfaceAndReleaseStream
CoGetCurrentLogicalThreadId
StgCreatePropStg
OleUninitialize
CoRevertToSelf
CoWaitForMultipleHandles
OleSaveToStream
CoCreateFreeThreadedMarshaler
CreateBindCtx
CoGetCallContext
CoDosDateTimeToFileTime
PropVariantCopy
HBITMAP_UserUnmarshal
MonikerCommonPrefixWith
CoCreateInstanceEx
OleRun

oleaut32

SafeArrayGetUBound
SafeArrayPtrOfIndex
VariantInit
VariantChangeType
SysFreeString
VariantCopy
VariantClear
VariantCopyInd
GetActiveObject
VariantChangeTypeEx
SafeArrayGetLBound
SysReAllocStringLen
SysAllocStringByteLen
CreateErrorInfo
SafeArrayCreate
SysStringLen
SysAllocStringLen
GetErrorInfo

Sections

.text
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RSS3
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RSS5
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RSS4
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0f980d5b17336a75c8d4ec195bdc194

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

ole32

oleaut32

Sections

.text Size: 171KB - Virtual size: 171KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 14KB - Virtual size: 60KB

RSS3 Size: 23KB - Virtual size: 23KB

DATA Size: 233KB - Virtual size: 233KB

RSS5 Size: 365KB - Virtual size: 365KB

RSS4 Size: 317KB - Virtual size: 316KB

.rsrc Size: 41KB - Virtual size: 41KB

.text
Size: 171KB - Virtual size: 171KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 14KB - Virtual size: 60KB

RSS3
Size: 23KB - Virtual size: 23KB

DATA
Size: 233KB - Virtual size: 233KB

RSS5
Size: 365KB - Virtual size: 365KB

RSS4
Size: 317KB - Virtual size: 316KB

.rsrc
Size: 41KB - Virtual size: 41KB