250d9c982da09b18621a0bc899e668f4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

250d9c982da09b18621a0bc899e668f4_JaffaCakes118
Size

2.7MB
MD5

250d9c982da09b18621a0bc899e668f4
SHA1

ed265f1565f4d635f2c6b97d597fe7ef8c1d3320
SHA256

2c1c0e4d40fb707bd47dadb0a99f9b853453e6928980349052be54dfe93664d0
SHA512

2bec644057a54d7a768bcef46cc28095e9c9922398af38ba3954adddf7e9fbd535a211683878488fec37911326f6f2537b58f6b42caf0978e6c27d15898f537a
SSDEEP

49152:Fl+i1kyUc4ysurWHVl0S2Ovodd75grU09Jj/kkmjuTuhtyIO9UKEikfi0MzYg1Yi:j+i1p4yLWHLn2Ovo/75gJjj/kkChtJOI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
250d9c982da09b18621a0bc899e668f4_JaffaCakes118

Files

250d9c982da09b18621a0bc899e668f4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

705c2eb697d95187b190fe1afa63b2ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\smp7.5\Release\BhtDownLoad.pdb

Imports

kernel32

GetOEMCP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetTimeZoneInformation
LCMapStringW
GetTimeFormatW
GetDateFormatW
GetACP
WriteConsoleW
GetCPInfo
GetStdHandle
GetFileType
SetStdHandle
HeapQueryInformation
VirtualQuery
VirtualAlloc
GetSystemInfo
QueryPerformanceFrequency
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
RtlUnwind
OutputDebugStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
InterlockedDecrement
InterlockedIncrement
lstrlenW
GetSystemTime
GetLocalTime
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
GetProfileIntW
SearchPathW
FindResourceExW
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetTempFileNameW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
VerifyVersionInfoW
VerSetConditionMask
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
VirtualProtect
GetStringTypeExW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
CreateFileW
GetThreadLocale
lstrcmpiW
SystemTimeToTzSpecificLocalTime
FindNextFileW
FindFirstFileW
FindClose
GlobalFindAtomW
LoadLibraryA
EncodePointer
GlobalAddAtomW
ResumeThread
SetThreadPriority
CreateEventW
SetEvent
CloseHandle
GetModuleHandleA
OutputDebugStringA
lstrcpyW
FreeResource
GetTickCount
GetCurrentProcessId
CompareStringA
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetVersionExW
GetCurrentThreadId
GetCurrentThread
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
MultiByteToWideChar
WideCharToMultiByte
SetLastError
FormatMessageW
MulDiv
LocalFree
GlobalSize
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalLock
GetModuleHandleW
CopyFileW
RemoveDirectoryW
SetFileAttributesW
GetDriveTypeW
GetLongPathNameW
GetTempPathW
GetSystemDirectoryW
GetWindowsDirectoryW
FreeLibrary
GetProcAddress
LoadLibraryW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleFileNameW
GetCurrentDirectoryW
GetProcessHeap
DeleteCriticalSection
DecodePointer
SizeofResource
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree
CreateDirectoryW
Sleep
WaitForSingleObject
GetFileAttributesW
DeleteFileW
GetShortPathNameW
SetCurrentDirectoryW
FindResourceW
LoadResource
LockResource
ExitProcess

user32

GetMenuItemInfoW
DestroyMenu
WindowFromPoint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
DrawStateW
MapVirtualKeyW
GetKeyNameTextW
SetRectEmpty
SendDlgItemMessageA
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
CreatePopupMenu
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExW
ValidateRect
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
TranslateAcceleratorW
GetDesktopWindow
SetActiveWindow
InsertMenuItemW
DestroyIcon
LoadImageW
UnpackDDElParam
EnableWindow
ReuseDDElParam
SendMessageW
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
GetMonitorInfoW
MonitorFromPoint
CopyRect
RegisterWindowMessageW
MapDialogRect
SetWindowContextHelpId
SetWindowPos
RegisterClipboardFormatW
GetLastActivePopup
UpdateLayeredWindow
LoadAcceleratorsW
GetAsyncKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
EnableScrollBar
UnionRect
IsRectEmpty
DestroyAcceleratorTable
SetWindowRgn
SetClassLongW
SetParent
GetWindowThreadProcessId
GetWindowLongW
MessageBoxW
NotifyWinEvent
BringWindowToTop
GetUpdateRect
LockWindowUpdate
CharUpperW
WaitMessage
CopyImage
GetCapture
UnregisterClassW
GetClipboardData
InsertMenuW
DeleteMenu
GetSysColor
GetParent
InvalidateRect
LoadIconW
ChangeClipboardChain
SetClipboardViewer
GetFocus
GetKeyState
GetWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawMenuBar
DrawIcon
IsWindowVisible
PtInRect
LoadMenuW
GetSubMenu
GetMenuItemCount
GetMenuItemID
EnableMenuItem
GetWindowRect
OffsetRect
IntersectRect
UpdateWindow
IsClipboardFormatAvailable
OpenClipboard
EmptyClipboard
CloseClipboard
GetCursorPos
CheckMenuItem
MessageBeep
GetKeyboardLayout
IsWindow
LoadCursorW
LoadBitmapW
SetCursor
ClientToScreen
GetSysColorBrush
GetDC
ReleaseDC
wsprintfW
SetRect
IsZoomed
InflateRect
FillRect
ScreenToClient
GetMenuStringW
GetMenuState
AppendMenuW
RemoveMenu
UnhookWindowsHookEx
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClipboardData
TrackMouseEvent
PostMessageW
RedrawWindow
SystemParametersInfoW
PostQuitMessage
IsWindowEnabled
GetSystemMenu
ModifyMenuW
PostThreadMessageW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
CopyAcceleratorTableW
EnumChildWindows
RealChildWindowFromPoint
CharNextW
InvalidateRgn
GetNextDlgGroupItem
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
GetIconInfo
GetMenuDefaultItem
SetMenuDefaultItem
SetCursorPos
DestroyCursor
GetWindowRgn
CreateMenu
GetComboBoxInfo
InvertRect
HideCaret
GetDoubleClickTime
MapVirtualKeyExW
IsCharLowerW
CharUpperBuffW
CopyIcon
SubtractRect
FrameRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
SetMenuItemBitmaps

gdi32

CreateSolidBrush
CopyMetaFileW
CreateBitmap
SetBkColor
SetTextColor
CreateRectRgnIndirect
DeleteObject
CreateHatchBrush
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
MoveToEx
TextOutW
SetViewportExtEx
AbortDoc
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateCompatibleBitmap
CreateDIBSection
CombineRgn
GetMapMode
SetRectRgn
CreateEllipticRgn
Ellipse
LPtoDP
CreateDIBitmap
GetTextCharsetInfo
GetTextMetricsW
GetDIBits
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
CreateRoundRectRgn
GetRgnBox
OffsetRgn
GetTextColor
GetBkColor
CreatePolygonRgn
Polygon
Polyline
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
RoundRect
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
EndDoc
EndPage
StartPage
DPtoLP
StartDocW
SetAbortProc
CreateDCW
Rectangle
CreatePen
ExtTextOutW
BitBlt
CreateCompatibleDC
GetDeviceCaps
GetTextExtentPoint32W
PatBlt
CreateFontIndirectW
GetStockObject
GetObjectW
SetViewportOrgEx
EnumFontFamiliesW
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DeleteFormW
AddFormW
DeviceCapabilitiesW
EnumPrintersW
ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueExW
RegQueryValueW
RegEnumKeyW
SystemFunction036
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegEnumValueW
RegEnumKeyExW
RegOpenKeyExW

shell32

ShellExecuteExW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHAppBarMessage
SHAddToRecentDocs
SHBrowseForFolderW
SHGetMalloc
ShellExecuteW

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon

shlwapi

PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathFindFileNameW
PathFindExtensionW

uxtheme

DrawThemeBackground
GetWindowTheme
GetCurrentThemeName
GetThemeSysColor
GetThemePartSize
IsAppThemed
DrawThemeParentBackground
DrawThemeText
OpenThemeData
CloseThemeData
GetThemeColor
IsThemeBackgroundPartiallyTransparent

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
OleLockRunning
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoGetClassObject
CreateStreamOnHGlobal
CoDisconnectObject
CoInitializeEx
OleRun
CLSIDFromProgID
CLSIDFromString
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleGetClipboard

oleaut32

SysStringLen
VariantChangeType
VariantInit
SysAllocStringLen
SysAllocString
SysAllocStringByteLen
SysFreeString
VariantClear
VarUdateFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
VarBstrFromDate
LoadTypeLi
OleCreateFontIndirect
OleLoadPicture
GetErrorInfo
SafeArrayDestroy

oledlg

OleUIBusyW

urlmon

URLDownloadToFileW

gdiplus

GdipGetImagePaletteSize
GdipDrawImageRectI
GdipSetInterpolationMode
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC

wininet

InternetGetConnectedState

imm32

ImmSimulateHotKey
ImmGetContext
ImmReleaseContext
ImmGetOpenStatus
ImmIsIME

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

winmm

PlaySoundW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 470KB - Virtual size: 470KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

705c2eb697d95187b190fe1afa63b2ab

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

urlmon

gdiplus

wininet

imm32

oleacc

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 470KB - Virtual size: 470KB

.data Size: 25KB - Virtual size: 50KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 358KB - Virtual size: 358KB

.reloc Size: 142KB - Virtual size: 142KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 470KB - Virtual size: 470KB

.data
Size: 25KB - Virtual size: 50KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 358KB - Virtual size: 358KB

.reloc
Size: 142KB - Virtual size: 142KB