f0ac6d4f97c4f9d206322a30f6ef152a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0ac6d4f97c4f9d206322a30f6ef152a_JaffaCakes118
Size

492KB
MD5

f0ac6d4f97c4f9d206322a30f6ef152a
SHA1

512c93fd5e95445fc16b8aee4a9c6ce580d84db4
SHA256

99837e73d37c40efb3b08a50f5f45936cbde640bab116669d086e63435a98c58
SHA512

4e5ecb2680f7775198917dfce48762ac7b0b26ccb8c5e70e9ec9a2c6d42dbeab8625481abea47fd56fb8bd6f0aae0ecd53c4f0372e88dfa79b674a6da25f90e7
SSDEEP

6144:rJfR6uLeSRzinE1mB4t4KSmnz/BycDgxIV/xBNoeBo4lG9iC5R2hbR1:rJwKRziOthSurB3sxQZygGMC5RS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0ac6d4f97c4f9d206322a30f6ef152a_JaffaCakes118

Files

f0ac6d4f97c4f9d206322a30f6ef152a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ff7294da438017d66699bf4a7ed9257f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

shlwapi

PathRemoveFileSpecA

netapi32

Netbios

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

user32

GrayStringA
DrawTextA
TabbedTextOutA
RedrawWindow
GetParent
EnumDisplayDevicesA
CopyRect
GetSysColor
FillRect
LoadImageA
SetRect
GetDC
ReleaseDC
SetWindowPos
SystemParametersInfoA
InvalidateRect
SetCursor
OffsetRect
GetWindowRect
LoadCursorA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
EnableWindow
TrackPopupMenu
GetWindowThreadProcessId
AttachThreadInput
SetTimer
KillTimer
IsIconic
GetSystemMetrics
DrawIcon
ScreenToClient
GetClientRect
PtInRect
SendMessageA
PostMessageA
MessageBoxA
PostQuitMessage
GetCursorPos
SetMenuDefaultItem
GetSubMenu
LoadMenuA
GetDesktopWindow
IsWindowVisible
GetFocus
DestroyIcon
SetCapture
GetCapture
TranslateMessage
DispatchMessageA
LoadIconA
RegisterWindowMessageA
FindWindowA
IsWindow
GetLastActivePopup
BringWindowToTop
LoadBitmapA
SetForegroundWindow
GetMessageTime
GetMessagePos
IntersectRect
GetWindowPlacement
IsRectEmpty
DrawFrameControl
GetForegroundWindow
ClientToScreen
IsWindowUnicode
PostThreadMessageA
RegisterClipboardFormatA
MessageBeep
CopyAcceleratorTableA
LoadStringA
CharUpperA
CharNextA
AdjustWindowRectEx
GetTopWindow
IsChild
WinHelpA
wsprintfA
SetRectEmpty
SetWindowRgn
RegisterClassExA
GetSysColorBrush
ReleaseCapture
SetWindowsHookExA
UnhookWindowsHookEx
EqualRect
InflateRect
UnionRect
DestroyMenu
DestroyCursor
GetWindowLongA
GetNextDlgTabItem
GetActiveWindow
WindowFromPoint
TrackPopupMenuEx
DrawFocusRect
FrameRect
DrawStateA
DefWindowProcA
EndPaint
BeginPaint
UpdateWindow
ShowWindow
CreateWindowExA
GetMessageA
UnregisterClassA
DestroyWindow
SetWindowLongA
GetClassNameA
MapWindowPoints
DrawEdge
GetNextDlgGroupItem
TrackMouseEvent
SetWindowTextA
GetClassInfoA
RegisterClassA
SetFocus
MoveWindow
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapDialogRect
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
GetWindowDC
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetKeyState
ValidateRect
PeekMessageA
IsWindowEnabled
GetMenuItemID
GetMenuItemCount
CallNextHookEx
GetMenu

winmm

waveOutGetNumDevs
waveOutGetDevCapsA

kernel32

OpenProcess
lstrcmpiA
Process32First
GetSystemDirectoryA
LoadLibraryA
GetModuleFileNameA
FreeLibrary
SetCurrentDirectoryA
FindFirstFileA
MoveFileA
ExitProcess
GetVersionExA
GetSystemTime
GetCurrentThreadId
DeviceIoControl
CreateFileA
SetPriorityClass
MulDiv
SetFileAttributesA
CreateEventA
GlobalFree
GlobalUnlock
GlobalLock
ResumeThread
GlobalAlloc
LockResource
SizeofResource
LoadResource
FindResourceA
WaitForSingleObject
ResetEvent
SetEvent
GetPriorityClass
MultiByteToWideChar
LocalFree
FormatMessageA
ExpandEnvironmentStringsA
GetComputerNameA
GlobalMemoryStatus
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
GetProfileStringA
QueryPerformanceCounter
QueryPerformanceFrequency
HeapFree
HeapAlloc
GetProcessHeap
GetVersion
TerminateThread
GetProcAddress
CreateDirectoryA
GetTickCount
FindClose
FindNextFileA
GetModuleHandleA
GetShortPathNameA
MoveFileExA
LeaveCriticalSection
GetLocalTime
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
WriteFile
ReadFile
GetFileSize
GetCurrentThread
lstrcmpA
GlobalDeleteAtom
InterlockedIncrement
InterlockedDecrement
lstrlenA
WideCharToMultiByte
SetLastError
lstrcpyA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcatA
GetThreadLocale
lstrcpynA
DuplicateHandle
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFullPathNameA
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
WritePrivateProfileStringA
GetProcessVersion
GetCPInfo
GetOEMCP
GetFileAttributesA
GetFileTime
SetErrorMode
RtlUnwind
CreateThread
ExitThread
GetStartupInfoA
GetCommandLineA
RaiseException
GetTimeZoneInformation
GetACP
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetExitCodeProcess
TerminateProcess
Process32Next
DeleteFileA
GetCurrentProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateProcessA
CreateMutexA
GetLastError
ReleaseMutex
Sleep
CreateToolhelp32Snapshot
Module32First
CloseHandle

gdi32

CombineRgn
GetTextExtentPointA
PatBlt
CreatePen
LineTo
MoveToEx
IntersectClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
RestoreDC
SaveDC
SelectClipRgn
GetPixel
CreateBitmap
SetBkColor
SetTextColor
CreateDIBitmap
GetStockObject
StretchBlt
Escape
TextOutA
RectVisible
PtVisible
LPtoDP
GetMapMode
GetWindowExtEx
GetViewportExtEx
DPtoLP
GetCurrentObject
GetBkColor
GetTextColor
GetBkMode
GetTextExtentPoint32A
CreateRectRgn
ExtTextOutA
CreateSolidBrush
CreateCompatibleBitmap
SelectObject
CreateDCA
DeleteDC
GetDeviceCaps
GetObjectA
CreateFontIndirectA
DeleteObject
CreateCompatibleDC
BitBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCloseKey
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyA
RegEnumValueA
RegOpenKeyExA

shell32

SHGetSpecialFolderPathA
SHFileOperationA
ShellExecuteExA
Shell_NotifyIconA
ShellExecuteA

comctl32

ord17
_TrackMouseEvent
ImageList_Destroy

oledlg

ord8

ole32

CoRevokeClassObject
CoRegisterMessageFilter
OleUninitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
CoInitialize
OleFlushClipboard
OleIsCurrentClipboard
CoFreeUnusedLibraries

olepro32

ord253
ord251

oleaut32

SysFreeString
SysStringLen
SysAllocStringByteLen
VariantCopy
SysAllocStringLen
SysAllocString
VariantChangeType
VariantTimeToSystemTime
VariantClear

urlmon

URLDownloadToFileA

wininet

HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
DeleteUrlCacheEntry
InternetGetConnectedState
InternetGetLastResponseInfoA

rpcrt4

UuidCreate
UuidToStringA
RpcStringFreeA

Sections

.text
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff7294da438017d66699bf4a7ed9257f

Headers

File Characteristics

Imports

iphlpapi

shlwapi

netapi32

version

user32

winmm

kernel32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

wininet

rpcrt4

Sections

.text Size: 296KB - Virtual size: 295KB

.rdata Size: 140KB - Virtual size: 136KB

.data Size: 28KB - Virtual size: 47KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 296KB - Virtual size: 295KB

.rdata
Size: 140KB - Virtual size: 136KB

.data
Size: 28KB - Virtual size: 47KB

.rsrc
Size: 24KB - Virtual size: 23KB