c1684618e24ad34f8d4f992d5e8e53ce_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c1684618e24ad34f8d4f992d5e8e53ce_JaffaCakes118
Size

286KB
MD5

c1684618e24ad34f8d4f992d5e8e53ce
SHA1

293b994f7f8ce1302d8b846a112de3194922133b
SHA256

a48590a8e18cfa12cbd58384904eed39eec64159da9096850804afaf8fe53ed3
SHA512

afb88ae971dabd526f395e013d892834fff94d12e0dd3940cfa28a6f238d2ade3171d18811a73dd2683b121a6cf5716900d35aababcca650f7beba4994152e0e
SSDEEP

6144:QKLLHu3hV0ulaX8LnWRB5O8m/UdyIG7f+ziaY1D84Jh/x5BSr5t+:9MV0ul8wnUzQUdfcGuaYZBh/xiP+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1684618e24ad34f8d4f992d5e8e53ce_JaffaCakes118

Files

c1684618e24ad34f8d4f992d5e8e53ce_JaffaCakes118
.exe windows:5 windows x86 arch:x86

066cdd83bb8cd0f2d139ed5d28115353

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractIconW
ShellExecuteExW
SHGetFileInfoW
ShellExecuteW
SHGetMalloc
SHGetPathFromIDListW
SHChangeNotify
SHBrowseForFolderW

user32

CharNextW
LoadStringW
MessageBoxA
GetKeyboardType
DefWindowProcW
SendMessageA
GetDC
IsWindowEnabled
GetWindowPlacement
GetScrollPos
GetParent
IsZoomed
TranslateMDISysAccel
GetWindowThreadProcessId
DrawMenuBar
KillTimer
DestroyIcon
IsDialogMessageW
SetScrollRange
GetMessageW
FillRect
GetKeyboardLayout
SetWindowLongW
WindowFromPoint
GetPropW
ClientToScreen
DestroyWindow
WaitForInputIdle
DrawEdge
OffsetRect
DrawIcon
EnumThreadWindows
SendMessageW
GetKeyNameTextW
SendMessageTimeoutW
EndPaint
WaitMessage
ReleaseDC
ShowScrollBar
GetKeyState
MsgWaitForMultipleObjects
LoadKeyboardLayoutW
GetMenuItemID
GetWindowLongW
SetWindowPlacement
SetWindowPos
GetCursor
CreatePopupMenu
MessageBeep
SetClassLongW
GetClassLongW
CallWindowProcW
GetMenuStringW
FindWindowW
RemoveMenu
EnableWindow
GetWindowDC
SetWindowsHookExW
GetWindowTextW
PeekMessageW
UpdateWindow
GetSysColorBrush
EnableMenuItem
IsRectEmpty
GetScrollRange
ShowOwnedPopups
IsChild
EnumWindows
GetSysColor
IsWindow
CharLowerW
CharLowerBuffW
PeekMessageA
SetCursor
SetCapture
RemovePropW
GetActiveWindow
MapWindowPoints
ReleaseCapture
DefFrameProcW
InsertMenuW
GetMenuState
BeginPaint
MapVirtualKeyW
PostQuitMessage
SetParent
InflateRect
GetCursorPos
ScrollWindow
EnableScrollBar
RegisterClassW
CallNextHookEx
GetMenuItemInfoW
SetActiveWindow
SendNotifyMessageW
CharToOemBuffA
SetRectEmpty
GetSystemMetrics
GetDCEx
UnregisterClassW
MessageBoxW
DrawTextExW
DefMDIChildProcW
AppendMenuW
InsertMenuItemW
IsIconic
CharUpperBuffW
IntersectRect
GetClassInfoW
TrackPopupMenu
OemToCharBuffA
CreateMenu
PtInRect
GetScrollInfo
PostMessageW
AdjustWindowRectEx
LoadIconW
CreateWindowExW
FrameRect
GetKeyboardLayoutNameW
GetIconInfo
DeleteMenu
GetSystemMenu
DestroyCursor
GetKeyboardLayoutList
RegisterWindowMessageW
IsWindowVisible
SetMenu
ExitWindowsEx
LoadBitmapW
IsDialogMessageA
MsgWaitForMultipleObjectsEx
GetDesktopWindow
SetTimer
GetKeyboardState
SetRect
SetForegroundWindow
UnhookWindowsHookEx
RegisterClipboardFormatW
IsWindowUnicode
ReplyMessage
SetMenuItemInfoW
GetFocus
GetWindowRect
GetWindow
ActivateKeyboardLayout
DispatchMessageA
DispatchMessageW
FindWindowExW
ScrollWindowEx
DrawFocusRect
GetMenu
GetSubMenu
SetScrollInfo
SetWindowTextW
GetMenuItemCount
InvalidateRect
CheckMenuItem
GetLastActivePopup
SetPropW
GetClientRect
SetScrollPos
ShowWindow
DrawFrameControl
EnumChildWindows
SetFocus
GetTopWindow
TranslateMessage
DrawIconEx
CreateIcon
SystemParametersInfoW
GetCapture
DestroyMenu
LoadCursorW
GetMessagePos
BringWindowToTop
DrawTextW
ScreenToClient
RedrawWindow
GetForegroundWindow

advapi32

GetUserNameW
RegFlushKey
RegOpenKeyExW
GetTokenInformation
LookupPrivilegeValueW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
FreeSid
OpenThreadToken
OpenProcessToken
EqualSid
RegCloseKey
RegDeleteKeyW
RegEnumValueW
RegQueryValueExW
RegDeleteValueW
RegCreateKeyExW
AllocateAndInitializeSid
AdjustTokenPrivileges

kernel32

WideCharToMultiByte
GetShortPathNameW
MulDiv
GetOverlappedResult
ResumeThread
VirtualQueryEx
DeleteCriticalSection
WriteProfileStringW
GetFileSize
GetSystemDirectoryW
GetExitCodeThread
WritePrivateProfileStringW
DeleteFileW
GetSystemTimeAsFileTime
lstrcpyW
GetWindowsDirectoryW
GlobalDeleteAtom
WriteFile
SignalObjectAndWait
CreateProcessW
MoveFileW
GetStdHandle
GetCurrentThreadId
VirtualAlloc
LockResource
FindNextFileW
CreateMutexW
SetFileAttributesW
GetDateFormatW
LeaveCriticalSection
GetComputerNameW
FindFirstFileW
GetModuleHandleW
GetDiskFreeSpaceW
IsDBCSLeadByte
CreateNamedPipeW
VirtualFree
EnumCalendarInfoW
LoadResource
GetThreadLocale
TransactNamedPipe
GlobalAddAtomW
GetUserDefaultLangID
GetLogicalDrives
CreateDirectoryW
OpenProcess
RemoveDirectoryW
OpenMutexW
LocalFileTimeToFileTime
CreateThread
GlobalFindAtomW
CloseHandle
FormatMessageW
SetLastError
SetErrorMode
GetCommandLineW
EnterCriticalSection
LocalFree
WaitForSingleObject
CreateFileW
GetFullPathNameW
SizeofResource
SwitchToThread
GetDriveTypeW
GetPrivateProfileStringW
SetNamedPipeHandleState
CreateEventW
WaitForMultipleObjectsEx
FreeResource
ReleaseMutex
GetLocalTime
CompareStringW
SetFileTime
CompareFileTime
VirtualQuery
GetProfileStringW
LoadLibraryExA
FlushFileBuffers
GetSystemInfo
ResetEvent
FindClose
SetFilePointer
SetThreadLocale
SetEndOfFile
CopyFileW
lstrcmpW
ReadFile
MoveFileExW
FindResourceW
DeviceIoControl
SetCurrentDirectoryW
FileTimeToSystemTime
FreeLibrary
TlsGetValue
LocalAlloc
TlsSetValue
RaiseException
lstrlenW
GetACP
GetCurrentDirectoryW
lstrcpynW
RtlUnwind
UnhandledExceptionFilter
LoadLibraryExW
ExitThread
VirtualAllocEx

oleaut32

VariantCopyInd
VariantInit
SafeArrayGetElement
SafeArrayCreate
VariantCopy
VariantClear
VariantChangeType
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SysAllocStringLen
SysReAllocStringLen
SysFreeString
RegisterTypeLib
LoadTypeLib
GetErrorInfo
GetActiveObject

ole32

CoDisconnectObject
CoCreateInstance
CoUninitialize
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
StringFromCLSID
CoInitialize
CLSIDFromString
IsEqualGUID
OleInitialize
CoTaskMemFree

msimg32

AlphaBlend

comctl32

ImageList_Write
InitializeFlatSB
_TrackMouseEvent
ImageList_DragEnter
ImageList_GetIconSize
ImageList_Add
ImageList_DragMove
ImageList_SetBkColor
ImageList_DragLeave
ImageList_GetBkColor
FlatSB_GetScrollPos
FlatSB_SetScrollInfo
ImageList_GetImageCount
ImageList_BeginDrag
ImageList_Create
ImageList_GetDragImage
ImageList_Destroy
ImageList_Read
FlatSB_SetScrollPos
FlatSB_GetScrollInfo
ImageList_EndDrag
ImageList_Draw
ImageList_DragShowNolock
ImageList_Remove
ImageList_DrawEx
ImageList_SetImageCount
FlatSB_SetScrollProp
InitCommonControls
ImageList_SetIconSize

mpr

WNetCloseEnum
WNetOpenEnumW
WNetGetConnectionW
WNetGetUniversalNameW
WNetEnumResourceW

gdi32

SelectObject
CreateSolidBrush
ExcludeClipRect
RealizePalette
FrameRgn
ExtFloodFill
SetPixel
SetBkMode
GetTextExtentPointW
CreateHalftonePalette
RestoreDC
PatBlt
CreateDIBitmap
RoundRect
GetTextMetricsW
SetWindowOrgEx
CreatePenIndirect
EnumFontsW
RectVisible
Pie
Chord
SetROP2
GetSystemPaletteEntries
Rectangle
SetBrushOrgEx
Ellipse
SetStretchBltMode
GetObjectW
Arc
GetDIBits
SelectPalette
SetBkColor
GetRgnBox
SetViewportOrgEx
CreateBrushIndirect
SetTextColor
GetDCOrgEx
SetDIBColorTable
GetTextExtentPoint32W
CreateFontIndirectW
AddFontResourceW
MaskBlt
CreateDIBSection
GetStockObject
SaveDC
IntersectClipRect
GetDeviceCaps
GetWindowOrgEx
GetCurrentPositionEx
DeleteObject
Polyline
CreateRectRgn
GetBrushOrgEx
CreatePalette
CreateBitmap
GetPaletteEntries
StretchBlt
MoveToEx
BitBlt
GetDIBColorTable
DeleteDC
ExtTextOutW
GetClipBox
GetPixel
GetBitmapBits
CreateCompatibleBitmap
LineTo
UnrealizeObject
LineDDA
CreateCompatibleDC
RemoveFontResourceW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

esent

JetCreateIndex
JetGetLS
JetOpenDatabase
JetGetLogInfoInstance2
JetConvertDDL
JetRegisterCallback
JetResetCounter
JetGetCursorInfo
JetSetColumnDefaultValue
JetGetDatabaseInfo
JetTruncateLogInstance
JetGetRecordPosition
JetGetTableInfo
JetGetAttachInfo
JetCreateDatabaseWithStreaming
JetTerm2
JetGetBookmark
JetBeginSession
JetFreeBuffer
JetOSSnapshotThaw

wtsapi32

WTSUnRegisterSessionNotification
WTSEnumerateSessionsA
WTSWaitSystemEvent
WTSEnumerateProcessesW

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 244KB - Virtual size: 962KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

066cdd83bb8cd0f2d139ed5d28115353

Headers

File Characteristics

Imports

shell32

user32

advapi32

kernel32

oleaut32

ole32

msimg32

comctl32

mpr

gdi32

comdlg32

version

esent

wtsapi32

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 244KB - Virtual size: 962KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 244KB - Virtual size: 962KB

.rsrc
Size: 5KB - Virtual size: 5KB