558f474aced4b4b51074a9d0d21d8549_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

558f474aced4b4b51074a9d0d21d8549_JaffaCakes118
Size

457KB
MD5

558f474aced4b4b51074a9d0d21d8549
SHA1

9e823e96ddd505f8d59e3eed86674c79821aeede
SHA256

b5c643601829dc4999107efba554ec92c1a1f082ebe3db1494d271af848048f7
SHA512

aba7d5cfe530d38fce53b8cc04b18278582828e4c88165261f30f5f9b7c0eefadecb66c43118a61c5195b60264baf4093f82663a573462171cd345a9bfcc8950
SSDEEP

6144:2RYSLc6gRTquH2H8oJZkinaI5UsORbqgpLtkZbjme4P4xUwvgX07X5zEN8M3IoKF:98gRm8iZkiF5iXmmDtwv2mXVM4N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
558f474aced4b4b51074a9d0d21d8549_JaffaCakes118

Files

558f474aced4b4b51074a9d0d21d8549_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30231cd65bd7c3b77670d975054e6aa2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rtutils

TraceDumpExW
TraceDumpExA

user32

SetRectEmpty
IsMenu
InflateRect
CreateIconIndirect
EmptyClipboard
GetWindowRect
UpdateWindow
DrawTextW
LoadAcceleratorsW
GetClassWord
SetClipboardViewer
ScreenToClient
SetWindowsHookExW
IsWindow
IsChild
CreateWindowExW
GetIconInfo
CloseClipboard
MessageBoxIndirectW
DdeQueryStringW
DrawFocusRect
DeferWindowPos
UnhookWindowsHookEx
GetDoubleClickTime
SendMessageA
KillTimer
GetSysColor
GetMonitorInfoW
SetForegroundWindow
ChangeClipboardChain
RegisterClassExW
CreatePopupMenu
SetScrollInfo
SendMessageTimeoutA
GetClientRect
WindowFromPoint
CallMsgFilterW
DestroyMenu
LockSetForegroundWindow
LoadMenuW
GetSysColorBrush
CharLowerBuffW
GetMessagePos
InsertMenuItemW
FindWindowA
FillRect
MoveWindow
GetDC
SetWindowTextW
ShowCaret
GetWindowRgnBox
EnumDesktopWindows
GetMenuItemInfoA
CharPrevW
TranslateMessage
RegisterClipboardFormatA
CallNextHookEx
GetForegroundWindow
SetRect
LoadIconW
IsIconic
PostQuitMessage
EnumChildWindows
GetProcessWindowStation
GetNextDlgTabItem
GetMenuState
GetAsyncKeyState
SystemParametersInfoW
DdeUninitialize
SetDlgItemTextW
DeleteMenu
DdeNameService
SetMenu
NotifyWinEvent
GetPropA
GetWindowInfo
WaitForInputIdle
DdeCreateDataHandle
MapDialogRect
GetShellWindow
InvalidateRect
SetClipboardData
DdeCreateStringHandleW
RemovePropW
GetKeyboardLayout
GetPropW
PostMessageA
GetMessageTime
FindWindowExW
EnableMenuItem
VkKeyScanExW
GetWindowPlacement
DispatchMessageA
GetWindowThreadProcessId
GetWindowTextLengthW
SendMessageW
SetActiveWindow
SetPropW
GetComboBoxInfo
LoadStringW
DestroyIcon
IsRectEmpty
CopyImage
RemoveMenu
LoadCursorA
EnableWindow
EndPaint
UpdateLayeredWindow
DrawEdge
GetAncestor
SetScrollPos
EnumThreadWindows
CopyRect
SetCursorPos
SendDlgItemMessageW
RegisterWindowMessageA
IsWindowEnabled
SendNotifyMessageW
AppendMenuW
IsHungAppWindow
GetDialogBaseUnits
CharLowerW
BeginDeferWindowPos
IsDlgButtonChecked
MonitorFromWindow
InsertMenuW
RemovePropA
GetDesktopWindow
EndMenu
GetClipboardData
ShowOwnedPopups
EnumWindows
DestroyWindow
DialogBoxIndirectParamW
PeekMessageW
CreateDialogParamW
AdjustWindowRect
DdeFreeDataHandle
GetWindowDC
LoadStringA
GetMenuStringW
MessageBoxIndirectA
GetClassLongW
GetMessageW
TrackMouseEvent
ClientToScreen
EnumDisplaySettingsW
MessageBoxExW
RedrawWindow
MapWindowPoints
CharUpperW
MessageBoxExA
SetPropA
DdeClientTransaction
RegisterClassW
CopyIcon
GetKeyNameTextW
SetDlgItemInt
GetWindowLongA
GetScrollInfo
EndDialog
SetMenuItemInfoW
SetTimer
SystemParametersInfoA
GetSystemMetrics
DestroyAcceleratorTable
CheckMenuRadioItem
GetDlgCtrlID
UnionRect
SetCapture
DialogBoxParamW
DrawTextExW
GetWindowLongW
GetDlgItem
DrawIconEx
CreateMenu
GetClassInfoExW
PostThreadMessageA
PeekMessageA
WinHelpW
SetMenuItemBitmaps
RegisterWindowMessageW
AnimateWindow
GetSystemMenu
DispatchMessageW
SetCursor
OffsetRect
GetMenuDefaultItem
GetMenuItemID
BeginPaint
SetParent
GetMenuItemInfoW
IntersectRect
ShowWindow
GetLastActivePopup
SetWindowRgn
ChildWindowFromPoint
ReleaseCapture
OpenClipboard
GetCapture
GetCursorPos
DdeInitializeW
RegisterClipboardFormatW
IsCharAlphaNumericW
MapVirtualKeyW
PostMessageW
CheckRadioButton
MonitorFromRect
GetClipboardFormatNameW
MessageBeep
SetWindowLongA
SetWindowLongW
LoadCursorW
CharPrevA
ShowScrollBar
AttachThreadInput
SetWindowPos
EndDeferWindowPos
IsWindowUnicode
MsgWaitForMultipleObjects
DialogBoxIndirectParamA
GetMenuItemCount
EqualRect
GetLastInputInfo
IsWindowVisible
GetClassNameW
GetSubMenu
AdjustWindowRectEx
DdeConnect
PtInRect
LoadImageW
GetWindowTextW
PostThreadMessageW
SetMenuDefaultItem
GetWindow
CheckDlgButton
DrawFrameControl
SetWindowPlacement
DdeFreeStringHandle
GetClassInfoW
DialogBoxParamA
DdeGetData
WaitMessage
SetFocus
MsgWaitForMultipleObjectsEx
CharNextA
TrackPopupMenu
FindWindowW
GetFocus
MonitorFromPoint
GetMessageA
wsprintfW
ReleaseDC
GetParent
CharNextW
AllowSetForegroundWindow
GetKeyState
TranslateAcceleratorW
GetTopWindow
LoadBitmapW
TrackPopupMenuEx
CallWindowProcW
DefWindowProcW
GetCursor
SendMessageTimeoutW
CheckMenuItem
MessageBoxW
DefWindowProcA
HideCaret
GetDlgItemTextW
IsDialogMessageW
UnregisterClassW
GetActiveWindow
DdeDisconnect

ddraw

DirectDrawCreate

ntdll

RtlAddAccessAllowedObjectAce
NtQuerySemaphore
RtlAdjustPrivilege
NtSetSystemInformation

uxtheme

CloseThemeData
GetThemeMargins
GetThemePartSize
DrawThemeBackground
GetThemeBackgroundExtent
SetWindowTheme
GetThemeBackgroundContentRect
OpenThemeData
GetThemeFont
IsThemeActive
IsAppThemed
GetThemeMetric
DrawThemeParentBackground
GetThemeAppProperties
GetThemeColor

psapi

GetProcessImageFileNameW

shell32

ShellExecuteA
SHGetDesktopFolder
DragQueryFileW
ExtractAssociatedIconExW
SHCreateShellItem
SHGetSpecialFolderPathW
SHChangeNotify
SHSetLocalizedName
ShellExecuteW
ShellExecuteExW
SHBrowseForFolderW
SHGetDataFromIDListW
SHGetFolderPathAndSubDirW
SHGetFileInfoW
ShellAboutW
SHBindToParent
SHGetSpecialFolderLocation
ExtractIconW
SHPathPrepareForWriteW
SHGetFolderPathW
SHGetPathFromIDListW
SHFileOperationW
SHGetFolderLocation
SHGetPathFromIDListA
SHGetInstanceExplorer
Shell_NotifyIconW
SHAppBarMessage
ExtractIconExW
Shell_NotifyIconA

kernel32

VirtualAlloc

gdi32

GetBkMode
SetBrushOrgEx
TextOutW
CreateCompatibleBitmap
PlayEnhMetaFile
OffsetRgn
GetClipBox
CreateRectRgnIndirect
CreateMetaFileW
SetStretchBltMode
SelectObject
CreatePatternBrush
GetPixel
GetBkColor
CreateDCA
GetStockObject
StretchDIBits
SaveDC
GetDCOrgEx
GetTextMetricsW
CreateHalftonePalette
SetTextAlign
SetViewportOrgEx
ExtCreateRegion
SetMapMode
GetDeviceCaps
CreateDIBSection
SetPaletteEntries
CreateFontIndirectW
GetObjectW
DeleteDC
GetTextExtentPointW
CreateDCW
SetViewportExtEx
TextOutA
OffsetWindowOrgEx
GetTextExtentPoint32A
GetTextCharset
PatBlt
GetRgnBox
GetSystemPaletteEntries
CreateCompatibleDC
ExtTextOutW
GetDIBits
MoveToEx
CreatePalette
SelectPalette
SetLayout
LPtoDP
CreateEnhMetaFileA
BitBlt
CreateRectRgn
GetRegionData
CloseEnhMetaFile
IntersectClipRect
GetTextExtentExPointI
GetTextExtentPoint32W
GetObjectA
CloseMetaFile
SetTextColor
RealizePalette
LineTo
CreatePolygonRgn
DeleteEnhMetaFile
RectVisible
GetPaletteEntries
CreatePen
CreateSolidBrush
DeleteObject
CreateDIBPatternBrushPt
SetBkColor
GetTextAlign
GetTextColor
SetWindowExtEx
GetGlyphIndicesW
CreateBitmap
SetRectRgn
SetWindowOrgEx
RestoreDC
Rectangle
CreateFontIndirectA
CombineRgn
CreateFontW
GetBrushOrgEx
GetLayout
SetBkMode
EqualRgn
SetDCPenColor
StretchBlt

advapi32

CryptAcquireContextW
CryptHashData
IsTextUnicode
RegEnumKeyW
RegSetValueExW
ConvertStringSidToSidW
GetTokenInformation
GetTraceLoggerHandle
ConvertStringSecurityDescriptorToSecurityDescriptorW
TraceEvent
RegEnumValueA
RegCreateKeyA
RegOpenKeyExW
OpenThreadToken
GetUserNameW
ImpersonateSelf
UnregisterTraceGuids
RegDeleteKeyW
DuplicateTokenEx
CreateProcessAsUserW
RegDeleteValueW
RegEnumValueW
GetTraceEnableLevel
RegQueryValueExW
CryptReleaseContext
CryptGetHashParam
RegQueryValueW
RegQueryInfoKeyW
RegisterTraceGuidsW
RegCreateKeyExW
RegCloseKey
OpenProcessToken
SetTokenInformation
CryptDestroyHash
SetThreadToken
CryptCreateHash
RegDeleteKeyA
GetTraceEnableFlags
GetLengthSid
RegOpenCurrentUser
TraceMessage
RegEnumKeyExW
RegDeleteValueA
RegCreateKeyExA
ConvertSidToStringSidW
RegQueryValueExA
RegOpenKeyW
RegSetValueExA
RegOpenKeyExA

Sections

.text
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 399KB - Virtual size: 399KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30231cd65bd7c3b77670d975054e6aa2

Headers

File Characteristics

Imports

rtutils

user32

ddraw

ntdll

uxtheme

psapi

shell32

kernel32

gdi32

advapi32

Sections

.text Size: 1024B - Virtual size: 1000B

.idata Size: 12KB - Virtual size: 12KB

.rsrc Size: 399KB - Virtual size: 399KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 30KB - Virtual size: 2.4MB

.text
Size: 1024B - Virtual size: 1000B

.idata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 399KB - Virtual size: 399KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 30KB - Virtual size: 2.4MB