fbe72fe39ff6944a0b4dd122b9b6c309_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fbe72fe39ff6944a0b4dd122b9b6c309_JaffaCakes118
Size

740KB
MD5

fbe72fe39ff6944a0b4dd122b9b6c309
SHA1

6520f0ec29bd96d19ad9360e63f1f2b4fd8f5287
SHA256

1380c49d757413a1e86e2b5b8b4a892c2ac89a614d338d24f2b9a3e9b94736dc
SHA512

95bcc15b7833cd1800d105c27784dd2595f96b95cb54181503b73b85c9a1e8646e9fb1f860cf4bac388647e4a00b88c020fe85b1d7d8c9232f14336d8f278666
SSDEEP

12288:5ztrBFho+zFlCPPiVRQQl8qciF3ypRWpza5Lm:vDCiQQl8qk+c5Lm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbe72fe39ff6944a0b4dd122b9b6c309_JaffaCakes118

Files

fbe72fe39ff6944a0b4dd122b9b6c309_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5693e7e4dc1afcd81769184a814cade

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
lstrcmpiA
SetFileAttributesA
SetErrorMode
OpenEventA
GetSystemInfo
GlobalMemoryStatus
LoadLibraryW
FreeLibrary
WaitForMultipleObjects
TerminateProcess
DisconnectNamedPipe
GetTickCount
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
GetProcessHeap
HeapAlloc
HeapFree
GetLocalTime
GetSystemDirectoryA
CreateToolhelp32Snapshot
Process32First
Process32Next
GetCurrentProcess
SetLastError
GetModuleFileNameA
WriteFile
SetFilePointer
ReadFile
CreateFileA
GetFileSize
RemoveDirectoryA
LocalAlloc
FindFirstFileA
LocalReAlloc
FindNextFileA
LocalFree
FindClose
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
CreateProcessA
GetFileAttributesA
CreateDirectoryA
GetLastError
DeleteFileA
GetVersionExA
GetPrivateProfileStringA
lstrcmpA
WideCharToMultiByte
MultiByteToWideChar
GetWindowsDirectoryA
lstrcatA
GetPrivateProfileSectionNamesA
lstrlenA
lstrcpyA
CancelIo
InterlockedExchange
ResetEvent
Sleep
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
GetProcAddress
DeleteCriticalSection
InitializeCriticalSection
CreateThread
ResumeThread
CreateEventA
SetEvent
WaitForSingleObject
GetProfileStringA
GetLocaleInfoW
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
SetConsoleCtrlHandler
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetExitCodeProcess
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
TerminateThread
CloseHandle
HeapDestroy
GetEnvironmentVariableA
SetUnhandledExceptionFilter
FatalAppExitA
GetSystemTime
GetTimeZoneInformation
GetACP
HeapSize
HeapReAlloc
GetCommandLineA
GetStartupInfoA
GetCurrentThread
GlobalDeleteAtom
GlobalAlloc
SetThreadPriority
SuspendThread
LoadResource
FindResourceA
LockResource
GetModuleHandleA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
InterlockedIncrement
InterlockedDecrement
MulDiv
lstrcpynA
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
TlsGetValue
GlobalFlags
GetPrivateProfileIntA
WritePrivateProfileStringA
GetCurrentDirectoryA
GetProcessVersion
SizeofResource
GetThreadLocale
GetCPInfo
GetOEMCP
DuplicateHandle
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
MoveFileA
GetFullPathNameA
GetStringTypeExA
GetShortPathNameA
lstrlenW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
FormatMessageA
CopyFileA
RtlUnwind
RaiseException
ExitProcess
ExitThread

user32

CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetDlgItem
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
EndDialog
SetWindowContextHelpId
GetWindow
SetWindowPos
MapDialogRect
GetWindowRect
GetWindowPlacement
IntersectRect
OffsetRect
RegisterWindowMessageA
SetWindowLongA
SetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
GetDlgCtrlID
GetWindowTextLengthA
SetWindowPlacement
TrackPopupMenu
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
IsChild
GetTopWindow
GetWindowLongA
GetScrollPos
SetScrollRange
GetScrollRange
SetCursor
SetScrollInfo
GetScrollInfo
ScrollWindow
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
LoadIconA
CheckDlgButton
EnableMenuItem
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
CharToOemA
OemToCharA
LoadStringA
DestroyMenu
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
ReleaseCapture
WaitMessage
GetClassNameA
PtInRect
InsertMenuA
DeleteMenu
GetMenuStringA
GetSysColorBrush
GetDialogBaseUnits
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
InvalidateRect
BringWindowToTop
CharUpperA
InflateRect
RegisterClipboardFormatA
RemoveMenu
UnregisterClassA
PostThreadMessageA
DestroyIcon
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
GetActiveWindow
CallNextHookEx
ValidateRect
DispatchMessageA
TranslateMessage
GetMessageA
wsprintfA
CharNextA
MessageBoxA
GetWindowTextA
EnumWindows
GetForegroundWindow
GetAsyncKeyState
GetNextDlgTabItem
GetFocus
PeekMessageA
SetWindowsHookExA
GetParent
ShowOwnedPopups
PostQuitMessage
GetLastActivePopup
CheckRadioButton
IsWindowEnabled
ShowScrollBar
SetScrollPos
wvsprintfA
IsWindow
CloseWindow
CreateWindowExA
PostMessageA
OpenDesktopA
GetThreadDesktop
GetUserObjectInformationA
OpenInputDesktop
SetThreadDesktop
CloseDesktop
IsWindowVisible
GetWindowThreadProcessId
ExitWindowsEx
GetProcessWindowStation
OpenWindowStationA
SetProcessWindowStation
GetCursorInfo
GetCursorPos
SetRect
GetDesktopWindow
GetDC
ReleaseDC
SystemParametersInfoA
DestroyCursor
LoadCursorA
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetCursorPos
WindowFromPoint
SetCapture
mouse_event
MapVirtualKeyA
GetClientRect
IsIconic
DrawIcon
GetSystemMetrics
SendMessageA
GetSystemMenu
AppendMenuA
EnableWindow
GetKeyState

gdi32

SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
GetStockObject
RestoreDC
SaveDC
StartDocA
GetObjectA
SetBkColor
SetTextColor
SetViewportOrgEx
GetDCOrgEx
CreateBitmap
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
DeleteDC
CreateCompatibleDC
GetClipBox
OffsetViewportOrgEx
CreateDIBitmap
GetTextExtentPointA
CreateDCA
CopyMetaFileA
CreateRectRgnIndirect
CombineRgn
SetRectRgn
PatBlt
GetMapMode
LPtoDP
DPtoLP
GetBkColor
GetTextColor
CreateFontIndirectA
GetTextMetricsA
GetTextExtentPoint32A
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateDIBPatternBrushPt
CreatePatternBrush
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePen
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
CreateRectRgn
GetClipRgn
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
GetCurrentPositionEx
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
DeleteObject
GetDIBits
CreateCompatibleBitmap
BitBlt
SelectObject
CreateDIBSection

msvfw32

ICSeqCompressFrame
ICSendMessage
ICOpen
ICClose
ICCompressorFree
ICSeqCompressFrameEnd
ICSeqCompressFrameStart

advapi32

OpenEventLogA
RegEnumKeyA
LsaClose
LsaRetrievePrivateData
LsaOpenPolicy
IsValidSid
LookupAccountNameA
LsaFreeMemory
RegCloseKey
RegQueryValueA
RegOpenKeyExA
CloseServiceHandle
DeleteService
ControlService
QueryServiceStatus
OpenServiceA
OpenSCManagerA
RegSetValueExA
RegCreateKeyA
RegQueryValueExA
GetTokenInformation
LookupAccountSidA
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
FreeSid
RegDeleteValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegSetValueA
ClearEventLogA
CloseEventLog
SetEntriesInAclA
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA
SetNamedSecurityInfoA
RegOpenKeyA

shell32

SHGetSpecialFolderPathA
SHGetFileInfoA
DragAcceptFiles
DragFinish
DragQueryFileA
ExtractIconA

shlwapi

SHDeleteKeyA

winmm

waveOutReset
waveInClose
waveInUnprepareHeader
waveInReset
waveInStop
waveOutUnprepareHeader
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveInGetNumDevs
waveInOpen
waveOutWrite
waveOutClose
waveInStart
waveInAddBuffer
waveInPrepareHeader

ws2_32

WSAGetLastError
ioctlsocket
gethostname
recvfrom
sendto
listen
accept
getpeername
bind
getsockname
ntohs
inet_addr
__WSAFDIsSet
send
closesocket
socket
gethostbyname
htons
connect
setsockopt
WSAIoctl
WSACleanup
inet_ntoa
select
recv
WSAStartup

comctl32

ord17

oledlg

ord8

olepro32

ord253

wininet

InternetGetConnectedState

psapi

GetModuleFileNameExA

wtsapi32

WTSQuerySessionInformationA
WTSFreeMemory

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

ole32

OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
OleFlushClipboard
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoDisconnectObject
OleRun
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
OleDuplicateData
CreateStreamOnHGlobal
ReleaseStgMedium

oleaut32

SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysStringByteLen
SysAllocStringByteLen
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysReAllocStringLen
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString
LoadTypeLi
SysStringLen
SafeArrayDestroyDescriptor

Exports

Exports

Feer

Sections

.text
Size: 520KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

AAA
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5693e7e4dc1afcd81769184a814cade

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvfw32

advapi32

shell32

shlwapi

winmm

ws2_32

comctl32

oledlg

olepro32

wininet

psapi

wtsapi32

winspool.drv

comdlg32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 520KB - Virtual size: 516KB

AAA Size: 12KB - Virtual size: 9KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 44KB - Virtual size: 63KB

.idata Size: 20KB - Virtual size: 19KB

.rsrc Size: 40KB - Virtual size: 39KB

.reloc Size: 32KB - Virtual size: 30KB

.text
Size: 520KB - Virtual size: 516KB

AAA
Size: 12KB - Virtual size: 9KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 44KB - Virtual size: 63KB

.idata
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 40KB - Virtual size: 39KB

.reloc
Size: 32KB - Virtual size: 30KB