304c4bad10a50adb0e0aed14ad04aad2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

304c4bad10a50adb0e0aed14ad04aad2_JaffaCakes118
Size

13.1MB
MD5

304c4bad10a50adb0e0aed14ad04aad2
SHA1

4a28d9692014e8d7b0b47a866cc8c1f659f59814
SHA256

0f3079c63a4f54bdee00888d6e6b9f0c6faef4cb73d41cae746ecca0fbf9d067
SHA512

f8ebd19352c90103d8bacbfe0a2f213cbb291a7500bfe61e4c2b22c9e53f369900c000892d46249af754eef51fd4a683a6b1f01abc32000ddfcfefd1ff7fd72a
SSDEEP

196608:laDFvaDFbUgZ1MIZd2fPcpmm6IH25xPCwSMGhuzc41lTYrB1+h6gW0tQ0J9xvTWE:xFZ1/dYPcp59W5uMqQTgdghlJ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
304c4bad10a50adb0e0aed14ad04aad2_JaffaCakes118

Files

304c4bad10a50adb0e0aed14ad04aad2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b7a5e6b0a344fd8cba2c2dce6a29824f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationA
GetShortPathNameA
SetErrorMode
FileTimeToLocalFileTime
SetFileAttributesA
GetFileSizeEx
GetFileTime
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
GetSystemTimeAsFileTime
GetDriveTypeA
VirtualProtect
VirtualAlloc
VirtualQuery
HeapReAlloc
ExitProcess
ExitThread
HeapSize
GetACP
IsValidCodePage
LCMapStringA
GetStringTypeExA
GetConsoleCP
GetConsoleMode
HeapCreate
HeapDestroy
VirtualFree
FatalAppExitA
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
SetStdHandle
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
FlushFileBuffers
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
CompareStringW
MoveFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetThreadLocale
GetAtomNameA
GetOEMCP
GetCPInfo
InterlockedIncrement
GetModuleHandleW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetCurrentProcessId
GetModuleFileNameA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
GetTimeFormatA
lstrcmpiA
lstrcmpW
InterlockedDecrement
GetModuleFileNameW
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
lstrlenW
MulDiv
lstrlenA
SetLastError
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
UnmapViewOfFile
GetLocalTime
CreateFileMappingA
MapViewOfFile
GetFileInformationByHandle
GetFileSize
FileTimeToSystemTime
GetExitCodeThread
TerminateThread
GetComputerNameA
WaitForSingleObject
GetExitCodeProcess
Sleep
GetEnvironmentVariableA
SetEnvironmentVariableA
SetDllDirectoryA
OutputDebugStringA
HeapAlloc
CreateThread
GetProcessHeap
HeapFree
GetVersionExA
GetSystemInfo
GetModuleHandleA
GetProcAddress
SetCurrentDirectoryA
GetFullPathNameA
FindNextFileA
CreateProcessA
GetLastError
GetTempFileNameA
SearchPathA
FindFirstFileA
FindClose
GetCurrentProcess
GetTickCount
WriteFile
SetFileTime
GetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
SystemTimeToFileTime
ReadFile
CloseHandle
CreateFileA
SetFilePointer
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
WinExec
DeleteFileA
GetTempPathA
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
LCMapStringW
SizeofResource

user32

DestroyMenu
GetMenuItemInfoA
UnregisterClassA
GetSysColorBrush
GetDialogBaseUnits
WindowFromPoint
MapVirtualKeyA
GetKeyNameTextA
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
GetWindowThreadProcessId
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
PostMessageA
GetClassInfoExA
GetClassInfoA
RegisterClassA
DeleteMenu
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
LoadMenuA
CallWindowProcA
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetFocus
SetWindowPos
ScrollWindowEx
SetFocus
MoveWindow
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GetWindow
EndPaint
BeginPaint
FillRect
UnhookWindowsHookEx
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
UnregisterDeviceNotification
RegisterDeviceNotificationA
RegisterClassExA
DefWindowProcA
WaitMessage
DestroyIcon
CharUpperA
CopyAcceleratorTableA
IsRectEmpty
LockWindowUpdate
GetDCEx
PostThreadMessageA
UnionRect
SetParent
GetSystemMenu
RegisterClipboardFormatA
UnpackDDElParam
AdjustWindowRectEx
ReuseDDElParam
PostQuitMessage
ShowWindow
CharUpperBuffA
CharLowerBuffA
CharNextA
GetDesktopWindow
wsprintfA
RegisterWindowMessageA
SetWindowLongA
CopyIcon
GetMenuBarInfo
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorA
SetRectEmpty
GetNextDlgGroupItem
InvalidateRgn
SetWindowPlacement
SetRect
DestroyCursor
MessageBeep
GetMessagePos
GetParent
KillTimer
SetTimer
ScreenToClient
InflateRect
GrayStringA
DrawTextExA
TabbedTextOutA
RedrawWindow
EqualRect
ClientToScreen
GetCapture
SetCapture
CreateWindowExA
GetCursorPos
GetSysColor
DrawTextA
LoadCursorA
SetCursor
GetWindowLongA
ReleaseCapture
PtInRect
GetWindowDC
MessageBoxA
GetSystemMetrics
EnableWindow
GetKeyState
IsWindow
LoadIconA
InvalidateRect
UpdateWindow
ReleaseDC
GetDC
GetClientRect
GetWindowRect
IsIconic
SendMessageA
DrawIcon
LoadBitmapA
OffsetRect

gdi32

PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateHatchBrush
GetDCOrgEx
CreateRectRgnIndirect
SelectPalette
CombineRgn
CreateDIBPatternBrushPt
PatBlt
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
GetCharWidthA
StretchDIBits
SetRectRgn
CreatePatternBrush
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
ExtSelectClipRgn
PolyBezierTo
SetArcDirection
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
StartDocA
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipPath
GetClipRgn
SelectClipRgn
GetMapMode
GetObjectA
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
GetDeviceCaps
GetStockObject
CreateSolidBrush
Escape
TextOutA
RectVisible
PtVisible
CreateRectRgn
SetBkMode
ExtTextOutA
CreateBitmap
SetBkColor
CreateFontA
SelectObject
GetTextExtentPoint32A
GetTextMetricsA
DeleteDC
SetTextColor
CreateFontIndirectA
DeleteObject
StretchBlt
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SetColorAdjustment

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

CryptReleaseContext
CryptDestroyHash
CryptDecrypt
CryptGetKeyParam
CryptEncrypt
CryptSetKeyParam
CryptImportKey
RegDeleteValueA
RegSetValueExA
RegCreateKeyA
RegCreateKeyExA
RegEnumKeyA
RegDeleteKeyA
RegSetValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey
CryptAcquireContextA
CryptDestroyKey

shell32

SHGetSpecialFolderPathA
SHFileOperationA
ExtractIconA
SHGetFileInfoA
DragFinish
DragQueryFileA
ShellExecuteA

shlwapi

PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
StrFormatByteSizeA
PathRemoveFileSpecW

oledlg

ord8

ole32

CoTreatAsClass
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
StringFromGUID2
CoDisconnectObject
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
CoRegisterMessageFilter
CoInitializeEx
OleRun
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard

oleaut32

CreateErrorInfo
SetErrorInfo
GetErrorInfo
SysAllocString
OleCreateFontIndirect
VarBstrFromDate
VarCyFromStr
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarDateFromStr
SysReAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SysAllocStringLen
VariantCopy
VariantInit
VariantClear
VariantChangeType
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex

ws2_32

htonl
WSAStartup
ntohl
send
shutdown
WSACleanup
recv
closesocket

wininet

HttpAddRequestHeadersA
HttpSendRequestA
InternetConnectA
InternetAttemptConnect
HttpOpenRequestA
InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
HttpEndRequestA
InternetWriteFile
InternetCrackUrlA
HttpSendRequestExA
InternetCloseHandle

setupapi

SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceInterfaceDetailA

gdiplus

GdiplusShutdown
GdiplusStartup
GdipCloneImage
GdipDrawImageRectRectI
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateHICONFromBitmap
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageFlags
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM

rpcrt4

UuidToStringA
UuidCreate

iphlpapi

GetAdaptersInfo

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 816KB - Virtual size: 815KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12.1MB - Virtual size: 12.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7a5e6b0a344fd8cba2c2dce6a29824f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

ws2_32

wininet

setupapi

gdiplus

rpcrt4

iphlpapi

version

Sections

.text Size: 816KB - Virtual size: 815KB

.rdata Size: 184KB - Virtual size: 183KB

.data Size: 14KB - Virtual size: 226KB

.rsrc Size: 12.1MB - Virtual size: 12.1MB

.text
Size: 816KB - Virtual size: 815KB

.rdata
Size: 184KB - Virtual size: 183KB

.data
Size: 14KB - Virtual size: 226KB

.rsrc
Size: 12.1MB - Virtual size: 12.1MB