f9c91f4517d23c8f9073d0e40f4bfc63_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f9c91f4517d23c8f9073d0e40f4bfc63_JaffaCakes118
Size

3.1MB
MD5

f9c91f4517d23c8f9073d0e40f4bfc63
SHA1

6de697f37640ba1eb762b316b4a74b933f14463c
SHA256

aeeebb001b374ab2437953a1b09c774de646095889d92ff62e1792ac8c01760a
SHA512

841f91670e23d09d437bafb70cab62a8109c9f5dd2f2dde61109f1e0b95ac650c15bb74135f2df9ffbb9d73fedea1b2fa6f6519e93f4b0c463d5c91f88f8bd99
SSDEEP

24576:BL1n2kHhqN8LMY/g9oC8Ruppo2dG9k+57wxXFYv2U2zgsxqg9a9tlDc0sIyRq7qx:BBVddxt9km0pOTlVyhbTTEAw0m0FRU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9c91f4517d23c8f9073d0e40f4bfc63_JaffaCakes118

Files

f9c91f4517d23c8f9073d0e40f4bfc63_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b87db64120f7b458166714a1b8b7184

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutUnprepareHeader
waveOutReset
waveInClose
waveInUnprepareHeader
waveInReset
waveInStop
waveOutWrite
waveInStart
waveInAddBuffer
waveInPrepareHeader
waveInOpen
waveInGetNumDevs
waveOutPrepareHeader
waveOutOpen
waveOutGetNumDevs
PlaySoundA
sndPlaySoundA
waveOutClose

kernel32

CompareStringA
CompareStringW
SetEnvironmentVariableA
IsBadCodePtr
IsBadReadPtr
GetDriveTypeA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
SetStdHandle
HeapSize
HeapReAlloc
TerminateProcess
GetACP
GetSystemTime
GetTimeZoneInformation
GetCommandLineA
GetProfileIntA
GetProfileStringA
GetTempPathA
GetPrivateProfileSectionNamesA
GetExitCodeThread
ResetEvent
EnumResourceLanguagesA
EnumResourceTypesA
EnumResourceNamesA
CreateEventA
GetStartupInfoA
CloseHandle
TerminateThread
WaitForSingleObject
SetEvent
ResumeThread
CreateThread
Sleep
GlobalFree
GlobalAlloc
GetTickCount
RaiseException
ExitThread
HeapAlloc
HeapFree
RtlUnwind
GetCurrentDirectoryA
SetErrorMode
SetFileAttributesA
GetFileAttributesA
GetDiskFreeSpaceExA
GetVolumeInformationA
lstrlenA
GetLogicalDriveStringsA
LocalFree
LocalAlloc
lstrcpynA
FindClose
FindNextFileA
FindFirstFileA
GetFileSize
CreateFileA
WriteFile
SetFilePointer
DeleteFileA
ReadFile
RemoveDirectoryA
MoveFileA
GetLastError
CreateDirectoryA
lstrcpyA
GetProcAddress
LoadLibraryA
SetUnhandledExceptionFilter
GetModuleFileNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
InitializeCriticalSection
LeaveCriticalSection
PostQueuedCompletionStatus
EnterCriticalSection
GetSystemInfo
CreateIoCompletionPort
GetQueuedCompletionStatus
SystemTimeToFileTime
LocalFileTimeToFileTime
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
SetThreadPriority
GetCurrentThread
lstrcmpA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
MulDiv
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
FormatMessageA
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
LockResource
GetVersion
GetVersionExA
FreeLibrary
LocalSize
GlobalSize
GetSystemDirectoryA
FindResourceA
SizeofResource
LoadResource
lstrcatA
CopyFileA
GetLocalTime
GetWindowsDirectoryA
BeginUpdateResourceA
UpdateResourceA
EndUpdateResourceA
ExitProcess
GlobalLock
GlobalUnlock
DeleteCriticalSection
CancelIo
InterlockedExchange
InterlockedIncrement
InterlockedDecrement

user32

SetWindowContextHelpId
ValidateRect
ShowOwnedPopups
PostQuitMessage
IsZoomed
IsRectEmpty
FindWindowA
CharUpperA
LoadStringA
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
wvsprintfA
GetMenuCheckMarkDimensions
ModifyMenuA
SetMenuItemBitmaps
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
SetFocus
TranslateAcceleratorA
SetMenu
ReuseDDElParam
UnpackDDElParam
DispatchMessageA
TranslateMessage
GetMessageA
LoadIconA
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
BringWindowToTop
GetClassNameA
GetDialogBaseUnits
GetSysColorBrush
InsertMenuA
GetMenuStringA
CopyAcceleratorTableA
GetNextDlgGroupItem
GetDCEx
WinHelpA
RegisterClassA
GetMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
MapDialogRect
UnhookWindowsHookEx
GetPropA
SendMessageA
EnableWindow
RegisterWindowMessageA
SetRect
DestroyMenu
DestroyCursor
DestroyIcon
GetWindowLongA
GetNextDlgTabItem
GetParent
SetCursor
InvalidateRect
GetActiveWindow
WindowFromPoint
ClientToScreen
LockWindowUpdate
TrackPopupMenuEx
GetSubMenu
GetWindowRect
DrawFocusRect
InflateRect
CopyRect
GetClientRect
OffsetRect
DrawStateA
FillRect
GetSysColor
UnregisterClassA
DrawMenuBar
TranslateMDISysAccel
DefFrameProcA
ExcludeUpdateRgn
RegisterClipboardFormatA
SetParent
InvertRect
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
SetMenuDefaultItem
TrackPopupMenu
GetMenuItemID
IsWindow
GetClipboardData
DrawTextA
GetMenuState
ShowScrollBar
DrawIconEx
IntersectRect
AppendMenuA
CheckMenuRadioItem
SetClassLongA
SetForegroundWindow
GetDesktopWindow
LoadBitmapA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetPropA
LoadAcceleratorsA
DefDlgProcA
GetTabbedTextExtentA
GetClipboardFormatNameA
GetAsyncKeyState
SendMessageTimeoutA
IsWindowUnicode
GetWindowLongW
SetWindowLongW
GetDoubleClickTime
SetCursorPos
UnionRect
GetMenuDefaultItem
GetMenuStringW
LookupIconIdFromDirectoryEx
SetWindowRgn
GetKeyboardLayoutList
GetKeyboardState
ToAsciiEx
GetKeyboardLayout
MapVirtualKeyExA
GetKeyNameTextA
IsCharLowerA
IsClipboardFormatAvailable
GetWindowRgn
HideCaret
ShowCaret
IsMenu
GetMenuItemInfoA
CreateIconFromResourceEx
CreatePopupMenu
WaitMessage
GetSystemMenu
CheckMenuItem
MessageBeep
GetSystemMetrics
DrawEdge
RedrawWindow
CharNextA
DeleteMenu
GetMenuItemCount
EnableMenuItem
GetCursorPos
GetFocus
MessageBoxA
wsprintfA
GetDlgCtrlID
SetWindowPos
IsWindowVisible
UpdateWindow
ScreenToClient
GetWindow
PostThreadMessageA
PostMessageA
MapVirtualKeyA
ReleaseDC
CreateIconIndirect
GetDC
GetIconInfo
LoadImageA
LoadMenuA
FrameRect
LoadCursorA
DefWindowProcA
GetClassInfoA
GetCursor
DrawFrameControl
SetRectEmpty
SetTimer
SetCapture
ReleaseCapture
GetKeyState
KillTimer
PtInRect
CopyIcon

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
DeleteObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
GetCurrentPositionEx
RoundRect
PolyBezierTo
GetClipRgn
CreateRectRgn
ExtSelectClipRgn
BitBlt
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
RectVisible
Escape
GetMapMode
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
DPtoLP
LPtoDP
GetTextMetricsA
GetCharWidthA
CreateFontA
CopyMetaFileA
GetTextColor
GetBkColor
CreatePen
GetClipBox
DeleteDC
SetTextColor
SetBkColor
SelectObject
CreateBitmap
SetPixel
GetPixel
GetObjectA
CreatePolygonRgn
FillRgn
PlgBlt
Rectangle
CreateFontIndirectA
PtInRegion
StretchBlt
GetTextExtentPoint32A
CreateDIBSection
StretchDIBits
ExtTextOutA
CreateSolidBrush
TextOutA
SetBkMode
SaveDC
RestoreDC
SetPolyFillMode
SetStretchBltMode
SetTextAlign
Polygon
GetWindowOrgEx
GetDIBits
GetCurrentObject
GetTextAlign
GetBitmapBits
ExtCreateRegion
EnumFontFamiliesExA
GetRgnBox
Polyline
GetViewportOrgEx
ExtFloodFill
Ellipse
SetBrushOrgEx
StrokePath
FillPath
StrokeAndFillPath
EndPath
CloseFigure
BeginPath
GetTextExtentPoint32W
ExtTextOutW
GetTextExtentPointA
CreateDIBitmap
SetMapMode

comdlg32

GetFileTitleA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
SetFileSecurityA
RegCreateKeyA
RegDeleteValueA
RegQueryValueExA
RegCreateKeyExA
RegSetValueA
GetFileSecurityA

shell32

SHGetMalloc
Shell_NotifyIconA
SHGetSpecialFolderLocation
DragQueryFileA
DragFinish
ExtractIconA
ShellExecuteA
ord71
SHGetFileInfoA
ShellExecuteExA
SHGetPathFromIDListA

comctl32

ImageList_LoadImageA
ImageList_Create
ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_Remove
ImageList_Draw
ImageList_GetImageInfo
ImageList_Add
ImageList_DrawEx
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetIcon

oledlg

ord1
ord8

ole32

CoTaskMemFree
CoTaskMemAlloc
OleDuplicateData
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoUninitialize
CoInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleRun
ReleaseStgMedium
CoCreateGuid
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard

olepro32

ord253

oleaut32

SysAllocStringByteLen
VariantChangeType
SysStringByteLen
VarDateFromStr
VarBstrFromDate
SysAllocString
SysFreeString
SysAllocStringLen
VariantTimeToSystemTime
SysStringLen
LoadTypeLi
VariantCopy
VariantClear
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
OleLoadPicturePath
VariantChangeTypeEx

skinh

SkinH_Attach

ws2_32

WSACreateEvent
WSAEventSelect
htons
bind
listen
WSACleanup
WSAStartup
closesocket
getpeername
inet_ntoa
WSASocketA
ioctlsocket
connect
select
gethostname
gethostbyname
WSACloseEvent
WSASend
WSARecv
socket
accept
WSAGetLastError
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSAIoctl
setsockopt

pdh

PdhOpenQueryA
PdhGetFormattedCounterValue
PdhCollectQueryData
PdhAddCounterA
PdhCloseQuery

avifil32

AVIFileExit
AVIStreamSetFormat
AVIFileCreateStreamA
AVIFileOpenA
AVIStreamWrite
AVIFileRelease
AVIFileInit
AVIStreamRelease

msvfw32

DrawDibDraw
ICSeqCompressFrameEnd
ICCompressorFree
ICClose
ICOpen
ICSendMessage
ICSeqCompressFrameStart
ICDecompress
DrawDibOpen
DrawDibClose

shlwapi

SHAutoComplete
PathRemoveFileSpecA

wininet

InternetGetLastResponseInfoA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b87db64120f7b458166714a1b8b7184

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

skinh

ws2_32

pdh

avifil32

msvfw32

shlwapi

wininet

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 280KB - Virtual size: 279KB

.data Size: 92KB - Virtual size: 121KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 280KB - Virtual size: 279KB

.data
Size: 92KB - Virtual size: 121KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB