JaffaCakes118_c14663c8e6ee41a910820d50874592d7

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_c14663c8e6ee41a910820d50874592d7
Size

335KB
MD5

c14663c8e6ee41a910820d50874592d7
SHA1

40aaccd0cb69959d80778a39a6fb313669f7edab
SHA256

9cbaf5573802ba23785100d7edc8f4c26e21e9875bf5b600ca37f328dabc01ac
SHA512

f50338f269879dd5135e541cafb675f0f9c6b86e947bcf8cfa9aa3d83f4128c8030c9f84e9c89990cde75b40e35761e4ed60041fadcb8aae4a35a6c946431f40
SSDEEP

6144:gZmX05JUa3CrhbuZnm0FVX4nmdnISAnw++xR1WcYc9WeMLIk0g:gEXrYCrhbH0FVX4nmhFWKkcZxZkR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_c14663c8e6ee41a910820d50874592d7

Files

JaffaCakes118_c14663c8e6ee41a910820d50874592d7
.exe windows:5 windows x86 arch:x86

4ee97f20a00f9fc71a32da92dcc077ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ConvertStringSidToSidW
CheckTokenMembership
GetSecurityDescriptorControl
ConvertSidToStringSidW
GetAclInformation
SetFileSecurityW
AllocateAndInitializeSid
StartServiceW
RegCreateKeyExW
RegQueryValueExA
InitializeAcl
MakeAbsoluteSD
InitializeSid
GetLengthSid
AdjustTokenPrivileges
RegNotifyChangeKeyValue
GetSecurityDescriptorOwner
GetSidSubAuthority
RegOpenKeyExW
CopySid
GetSecurityDescriptorGroup
GetAce
RegOpenKeyW
SetSecurityDescriptorDacl
RegQueryValueExW
CloseServiceHandle
MakeSelfRelativeSD
IsValidSid
GetSecurityDescriptorSacl
FreeSid
OpenServiceW
LookupAccountNameW
OpenSCManagerW
AddAce
OpenProcessToken
RegCloseKey
QueryServiceStatus
RegOpenKeyExA
GetFileSecurityW
GetSidLengthRequired
LookupPrivilegeValueW
EqualSid
GetUserNameW
LookupAccountSidW
GetTokenInformation
GetSecurityDescriptorDacl
RegSetValueExW
InitializeSecurityDescriptor
GetSecurityDescriptorLength

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_GetIcon
ImageList_Draw
PropertySheetW
CreateStatusWindowW
ImageList_Destroy
ImageList_GetImageCount
DestroyPropertySheetPage
ImageList_GetImageInfo
CreatePropertySheetPageW
ord8
InitCommonControlsEx
ImageList_LoadImageW
ImageList_DrawIndirect
ImageList_ReplaceIcon
_TrackMouseEvent

activeds

ord9
ord3
ord7

kernel32

HeapFree
FindClose
WaitForMultipleObjects
VirtualAlloc
ReadFile
GetSystemTimeAsFileTime
lstrcpynA
GetLogicalDriveStringsW
SetLastError
GetSystemInfo
GetWindowsDirectoryW
ResumeThread
FindResourceExW
CreateFileW
lstrcatW
FlushInstructionCache
HeapAlloc
LocalFree
DeleteFileW
GetComputerNameW
FindResourceW
SetCurrentDirectoryW
VirtualFree
HeapDestroy
MulDiv
GetFullPathNameW
GetNumberFormatW
GetThreadLocale
lstrcpyW
SetThreadPriority
lstrlenW
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
GlobalLock
GetACP
GetProcessHeap
GlobalUnlock
GetCurrentThreadId
ResetEvent
WaitForSingleObject
EnterCriticalSection
GetDateFormatW
GetFileInformationByHandle
LockResource
CreateThread
UnhandledExceptionFilter
GetCurrentDirectoryW
lstrcmpW
lstrcpynW
SizeofResource
IsProcessorFeaturePresent
GetFileType
GetExitCodeThread
DeleteCriticalSection
lstrcmpiW
GetFileSize
LoadResource
DuplicateHandle
GetModuleHandleW
SetUnhandledExceptionFilter
GetUserDefaultLCID
GlobalFree
HeapSize
GlobalAlloc
GetTimeFormatW
OpenEventW
FileTimeToSystemTime
SetWaitableTimer
GetCommandLineW
SetFilePointer
ExpandEnvironmentStringsA
lstrlenA
LocalAlloc
CreateEventW
GetTempPathW
FatalAppExitW
GetSystemTime
CreateWaitableTimerW
FindFirstFileW
GetUserDefaultLangID
FreeLibrary
LeaveCriticalSection
FormatMessageW
RaiseException
HeapReAlloc
TerminateThread
LoadLibraryExW
GetLongPathNameW
WideCharToMultiByte
WriteFile
CloseHandle
IsDebuggerPresent
IsValidCodePage
VirtualAllocEx

shell32

DragQueryFileW
ShellExecuteExW
SHGetMalloc
SHGetSpecialFolderPathW
SHGetDesktopFolder
SHAppBarMessage
DragAcceptFiles
SHGetSpecialFolderLocation
ShellExecuteW
SHGetFolderPathW
SHGetPathFromIDListW
SHGetFileInfoW
SHBrowseForFolderW

comdlg32

GetOpenFileNameW
FindTextW
GetSaveFileNameW

secur32

TranslateNameW
GetUserNameExW

user32

TrackPopupMenu
DispatchMessageW
DrawStateW
IsCharAlphaW
GetMessageW
DrawFrameControl
GetDC
GetWindowPlacement
LoadImageW
RegisterClassExW
SetCursor
GetSystemMetrics
IntersectRect
GetClientRect
ReleaseCapture
SetCursorPos
KillTimer
CharUpperBuffW
GetClassInfoExW
MessageBoxW
InvalidateRect
EnableMenuItem
FindWindowW
SetMenu
DestroyWindow
SetTimer
RedrawWindow
UpdateWindow
MsgWaitForMultipleObjects
SetMenuDefaultItem
GetClipboardData
GetMenuItemCount
GetMessagePos
IsCharLowerW
FrameRect
ClientToScreen
IsWindowEnabled
wsprintfW
GetDlgItem
LoadAcceleratorsW
CreateDialogParamW
LoadBitmapW
SetFocus
GetWindowDC
GetScrollPos
DeleteMenu
GetWindowLongW
GetClassNameW
DestroyIcon
CloseClipboard
MonitorFromPoint
DeferWindowPos
GetCursor
SetScrollPos
TrackPopupMenuEx
SetCapture
AttachThreadInput
GetDlgCtrlID
SetWindowTextW
UnhookWindowsHookEx
GetTopWindow
BeginDeferWindowPos
GetActiveWindow
GetSystemMenu
LoadStringA
GetWindowThreadProcessId
WindowFromDC
CallNextHookEx
RemoveMenu
LoadIconW
DrawFocusRect
GetWindow
GetSysColorBrush
GetWindowRect
PeekMessageW
IsRectEmpty
PostQuitMessage
LoadMenuW
InflateRect
GetWindowTextLengthW
PostMessageW
SetForegroundWindow
GetGUIThreadInfo
MapWindowPoints
FillRect
CharNextW
SetMenuItemInfoW
GetCapture
TranslateAcceleratorW
IsChild
SetWindowPos
GetParent
LoadCursorW
CopyRect
SetScrollInfo
EndPaint
MessageBeep
AnimateWindow
DrawAnimatedRects
RegisterWindowMessageW
GetTabbedTextExtentW
SetDlgItemTextW
SetWindowPlacement
IsCharAlphaNumericW
GetSysColor
GetSubMenu
GetForegroundWindow
EqualRect
GetMonitorInfoW
GetCursorPos
LoadStringW
IsIconic
AppendMenuW
ScreenToClient
EnableWindow
IsWindow
GetFocus
CharUpperW
DrawEdge
ReleaseDC
MapDialogRect
SetWindowsHookExW
GetKeyState
ShowWindow
GetScrollInfo
PtInRect
IsMenu
GetMenu
IsClipboardFormatAvailable
GetDesktopWindow
SetClipboardData
DrawIconEx
ScrollWindowEx
DialogBoxParamW
WindowFromPoint
EndDeferWindowPos
SendMessageW
GetWindowTextW
SystemParametersInfoW
UnregisterClassA
MoveWindow
DestroyMenu
BeginPaint
LockWindowUpdate
GetNextDlgTabItem
DrawTextW
CharLowerW
IsWindowVisible
OpenClipboard
IsDialogMessageW
CreateWindowExW
ModifyMenuW
TranslateMessage
CreatePopupMenu
EndDialog
TabbedTextOutW
EmptyClipboard
SetWindowLongW
ExitWindowsEx
OffsetRect
CallWindowProcW
DefWindowProcW
SetRectEmpty
GetMenuItemInfoW

oleaut32

SysAllocStringByteLen
GetRecordInfoFromGuids
VariantClear
VariantCopyInd
SystemTimeToVariantTime
SafeArrayGetUBound
VariantChangeType
SafeArrayGetVartype
SysFreeString
SysAllocString
VariantTimeToSystemTime
SysStringLen
SafeArrayGetDim
VarDateFromStr
SysAllocStringLen
VarBstrCmp
DispCallFunc
SafeArrayGetElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayLock
LoadRegTypeLi
SafeArrayRedim
SafeArrayCreateVectorEx
VarDateFromUdate
SafeArrayCopy
GetErrorInfo
LoadTypeLi
VarBstrFromDate
SafeArrayUnaccessData
SafeArrayGetLBound
VariantCopy
SafeArrayAccessData
VariantInit
SafeArrayUnlock
SysStringByteLen

gdi32

CreatePolygonRgn
RoundRect
SetPixel
BitBlt
SetBrushOrgEx
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreateRectRgnIndirect
CreatePen
Rectangle
PtInRegion
DeleteDC
Polygon
CombineRgn
SetTextAlign
MoveToEx
UnrealizeObject
ExtTextOutW
CreateDIBSection
GetPixel
SelectObject
CreateRectRgn
IntersectClipRect
GetTextMetricsW
GetStockObject
GetBkColor
CreateBitmap
SetROP2
SetBkColor
CreatePatternBrush
GetObjectType
TextOutW
CreateSolidBrush
SetBkMode
GetCurrentObject
LineTo
SelectClipRgn
DeleteObject
GetTextExtentExPointW
GetClipRgn
GetObjectW
GetDeviceCaps
SetViewportOrgEx
GetTextExtentPoint32W
PatBlt
ExtCreatePen
SetTextColor

shlwapi

PathFileExistsW
ColorAdjustLuma
StrChrW
PathCompactPathW
PathIsDirectoryW
PathAppendW
PathRemoveFileSpecW
StrRetToStrW
PathCompactPathExW
PathStripPathW
StrRStrIW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

msimg32

AlphaBlend
GradientFill

userenv

UnloadUserProfile

ole32

CoGetInterfaceAndReleaseStream
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromProgID
StringFromCLSID
StringFromGUID2
CoMarshalInterThreadInterfaceInStream
CoInitialize
OleRun
CoUninitialize
CLSIDFromString
CoTaskMemFree
CoRevokeClassObject
CoInitializeSecurity
CoResumeClassObjects
CoRegisterClassObject
CoInitializeEx

netapi32

NetQueryDisplayInformation
NetApiBufferFree

esent

JetCreateIndex
JetDelete
JetEnableMultiInstance
JetBeginSession
JetIntersectIndexes
JetSetSystemParameter
JetOpenTempTable
JetSetCurrentIndex3
JetOSSnapshotPrepare
JetTerm2
JetInit3
JetMove
JetDefragment

kbdest

KbdLayerDescriptor

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 297KB - Virtual size: 684KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ee97f20a00f9fc71a32da92dcc077ff

Headers

File Characteristics

Imports

advapi32

comctl32

activeds

kernel32

shell32

comdlg32

secur32

user32

oleaut32

gdi32

shlwapi

version

msimg32

userenv

ole32

netapi32

esent

kbdest

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 297KB - Virtual size: 684KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 297KB - Virtual size: 684KB

.rsrc
Size: 3KB - Virtual size: 2KB