480870977092a1fc33af10abf78cf92f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

480870977092a1fc33af10abf78cf92f_JaffaCakes118
Size

1.6MB
MD5

480870977092a1fc33af10abf78cf92f
SHA1

89cf384d6f2adbf1fea09b15da5de25e6120adb6
SHA256

389b69e33451ff5d396aaa6a92a399515bd0104690e82160d64a04ebf8f301fa
SHA512

30b23784f8728c2afdbccb179848a222b4c7742c5f15c77fac821d960f89fc63f00342ac83c97a8e2772997c6fe5461b015acd55162b8ea7b14f3cb7ede03ad7
SSDEEP

49152:c3kz8cfZwGnK4ZUHq9HK7nYgz5VCqXeOTTwKV4:Ykz8cfZwGn/ZUHqGnL5VCqXeOZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
480870977092a1fc33af10abf78cf92f_JaffaCakes118

Files

480870977092a1fc33af10abf78cf92f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

951d949c2ea429a8266bb176e2f69d8c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\qtranslate\Bin\QTranslate.pdb

Imports

kernel32

CreateDirectoryW
FindFirstFileW
FindNextFileW
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
GetCurrentProcess
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
IsDebuggerPresent
OutputDebugStringW
GetTimeZoneInformation
GetFileAttributesExW
GetFullPathNameA
GetFullPathNameW
GetCurrentDirectoryW
SetCurrentDirectoryW
ReadConsoleW
FreeLibraryAndExitThread
ExitThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
CloseHandle
OpenProcess
FindResourceW
FindResourceExW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
QueryPerformanceFrequency
FindFirstFileA
ExpandEnvironmentStringsA
VerifyVersionInfoW
HeapReAlloc
FormatMessageA
InitializeCriticalSection
SleepEx
GetTempPathW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
OutputDebugStringA
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
FindClose
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetStringTypeW
GetFileType
GetCurrentThread
GetACP
GetStdHandle
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedFlushSList
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
GetSystemDefaultUILanguage
SetFilePointer
InterlockedIncrement
DeleteFileW
GetFileSize
WriteFile
ReadFile
CreateFileW
GetModuleHandleW
GetCommandLineW
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalSize
LocalFree
GetTempFileNameW
FormatMessageW
LCMapStringW
GetThreadPriority
SetThreadPriority
TerminateThread
ResumeThread
SuspendThread
CreateThread
ResetEvent
WaitForSingleObject
SetEvent
CreateEventW
FreeLibrary
GetProcAddress
LoadLibraryW
DecodePointer
CreateMutexW
WideCharToMultiByte
lstrcmpiW
GetModuleFileNameW
CompareStringW
MultiByteToWideChar
SetLastError
GetLocaleInfoW
Sleep
QueueUserWorkItem
GetSystemTime
MulDiv
GetCurrentThreadId
GetVersionExW
GetTickCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetLastError
WriteConsoleW
SetEndOfFile
QueryDosDeviceW
HeapSize
HeapDestroy
GetFileAttributesW
RaiseException
VerSetConditionMask
InitializeCriticalSectionAndSpinCount

user32

ReleaseDC
TranslateMessage
GetWindowDC
IsWindow
EndPaint
BeginPaint
GetMessageA
GetMessageW
IsWindowUnicode
PeekMessageW
MsgWaitForMultipleObjectsEx
OpenClipboard
CloseClipboard
DefWindowProcW
LoadImageW
FindWindowW
WindowFromPoint
EnumChildWindows
MonitorFromRect
GetComboBoxInfo
GetClassLongW
SetWindowRgn
GetAncestor
GetClassNameW
GetDesktopWindow
GetClientRect
DispatchMessageW
DispatchMessageA
GetWindowInfo
IsZoomed
CopyImage
EnumWindows
IsRectEmpty
SetActiveWindow
SetRectEmpty
GetMenuState
SendInput
TranslateAcceleratorW
LoadAcceleratorsW
GetAsyncKeyState
SetWindowPlacement
CreateDialogParamW
IsMenu
SetLayeredWindowAttributes
DialogBoxParamW
EndDialog
CheckDlgButton
IsDlgButtonChecked
GetClassInfoExW
RegisterClassExW
RedrawWindow
EqualRect
IntersectRect
PostQuitMessage
MessageBoxW
GetRawInputData
SystemParametersInfoW
RegisterWindowMessageW
GetLastInputInfo
GetGUIThreadInfo
GetKeyboardLayout
GetForegroundWindow
GetCapture
GetIconInfo
DrawIconEx
FrameRect
EnumClipboardFormats
CountClipboardFormats
SetWindowLongW
UnhookWinEvent
GetDlgCtrlID
SetTimer
SetWinEventHook
SetClipboardData
GetClipboardSequenceNumber
GetMessagePos
DestroyIcon
OffsetRect
SetRect
DrawFocusRect
GetFocus
GetActiveWindow
LoadIconW
SendDlgItemMessageW
SetDlgItemInt
GetKeyState
GetDoubleClickTime
GetClipboardData
EmptyClipboard
GetWindowLongW
GetDlgItem
SetDlgItemTextW
SetWindowPos
MapWindowPoints
GetParent
GetWindowRect
GetMonitorInfoW
InvalidateRect
MonitorFromWindow
GetWindow
ScreenToClient
SetWindowTextW
IsChild
IsDialogMessageW
DestroyWindow
GetWindowThreadProcessId
GetSysColor
PostMessageW
MapVirtualKeyW
GetKeyNameTextW
CreateWindowExW
SendMessageW
CheckMenuItem
CheckMenuRadioItem
GetMenuItemInfoW
CreatePopupMenu
LoadMenuW
GetSubMenu
DestroyMenu
SetMenuItemInfoW
KillTimer
GetDlgItemInt
EnableWindow
InsertMenuItemW
ClientToScreen
AppendMenuW
RemoveMenu
EnableMenuItem
GetMenuItemCount
SetForegroundWindow
TrackPopupMenu
GetCursorPos
GetKeyboardLayoutList
VkKeyScanExW
ToUnicodeEx
GetSystemMetrics
RegisterRawInputDevices
RegisterHotKey
UnregisterHotKey
GetCursor
LoadCursorW
SetCursor
DrawTextW
CopyRect
MoveWindow
InflateRect
SetFocus
IsIconic
ShowWindow
GetWindowPlacement
MonitorFromPoint
PtInRect
ReleaseCapture
SetCapture
IsWindowEnabled
UnregisterClassW
CallWindowProcW
IsWindowVisible
GetWindowTextLengthW
GetWindowTextW
GetDC

advapi32

RegCloseKey
RegEnumKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
CryptReleaseContext
CryptDestroyHash
CryptAcquireContextW
CryptGenRandom
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptImportKey
CryptEncrypt
CryptDestroyKey

ole32

OleInitialize
CoTaskMemFree
OleRun
CoInitializeEx
CoCreateInstance
CoTaskMemAlloc
OleLockRunning
OleUninitialize
CoUninitialize

shell32

Shell_NotifyIconW
CommandLineToArgvW
ShellExecuteExW
ShellExecuteW
SHGetFolderPathW
SHFileOperationW
ExtractIconW

oleaut32

SetErrorInfo
VariantInit
VariantClear
SysStringLen
GetErrorInfo
CreateErrorInfo
SysFreeString
SysAllocString
SafeArrayCreateVector
SafeArrayDestroy
VariantCopy
VariantChangeType
VariantCopyInd
DispCallFunc
SysAllocStringLen

shlwapi

PathFindExtensionW
PathFindFileNameW
HashData
PathRemoveExtensionW
ColorHLSToRGB
ColorRGBToHLS
PathRemoveFileSpecW
PathFileExistsW
PathAppendW

gdi32

DeleteDC
CreateBitmap
RoundRect
CreateSolidBrush
GetStockObject
SetBkColor
ExtTextOutW
GetPixel
GetDIBits
GetObjectW
GetTextMetricsW
SetViewportOrgEx
GetTextExtentPoint32W
CreateRectRgn
CreateRoundRectRgn
CreatePolygonRgn
ExcludeClipRect
SelectClipRgn
IntersectClipRect
CreateCompatibleDC
SetPixelV
GetTextColor
LineTo
MoveToEx
CreateFontIndirectW
BitBlt
Rectangle
SelectObject
CreatePen
SetROP2
EnumFontFamiliesExW
GetDeviceCaps
SetTextColor
SetBkMode
CreateCompatibleBitmap
DeleteObject

psapi

EnumProcesses
GetProcessImageFileNameW

oleacc

AccessibleObjectFromPoint

winhttp

WinHttpGetProxyForUrl
WinHttpCloseHandle
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCrackUrl
WinHttpOpen

sensapi

IsNetworkAlive

msimg32

GradientFill
AlphaBlend

comctl32

ImageList_ReplaceIcon
ImageList_Destroy
ImageList_SetBkColor
_TrackMouseEvent
ImageList_GetIcon
ImageList_GetIconSize
ord413
ord410
ord412
ord411
ImageList_Create

gdiplus

GdipFree
GdipAlloc
GdipDeleteBrush
GdipCloneBrush
GdipCreateLineBrushFromRect
GdipCreateFromHDC
GdipDeleteGraphics
GdipFillRectangle
GdipCreateSolidFill
GdipDeletePen
GdipDrawRectangle
GdipDisposeImage
GdipCreatePath
GdipDeletePath
GdipResetPath
GdipClosePathFigure
GdipAddPathLine
ord1
GdipDrawPath
GdipFillPath
GdipCloneImage
GdipSaveImageToFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromHBITMAP
GdipCreateHICONFromBitmap
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdiplusShutdown
GdipCreatePen1
GdipSetSmoothingMode
GdipCreatePen2

comdlg32

GetSaveFileNameW
GetOpenFileNameW
ChooseColorW

bass

BASS_Init
BASS_StreamCreateFile
BASS_RecordInit
BASS_RecordFree
BASS_RecordStart
BASS_ErrorGetCode
BASS_ChannelStop
BASS_StreamFree
BASS_RecordGetInput
BASS_Free
BASS_ChannelSetSync
BASS_ChannelPlay
BASS_RecordSetDevice

ws2_32

getpeername
WSAStartup
WSACleanup
WSAGetLastError
recv
send
setsockopt
htons
getsockopt
gethostname
getaddrinfo
freeaddrinfo
ioctlsocket
__WSAFDIsSet
select
connect
WSAIoctl
closesocket
WSASetLastError
bind
getsockname
socket
ntohs

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 253KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

951d949c2ea429a8266bb176e2f69d8c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

gdi32

psapi

oleacc

winhttp

sensapi

msimg32

comctl32

gdiplus

comdlg32

bass

ws2_32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 253KB - Virtual size: 252KB

.data Size: 19KB - Virtual size: 34KB

.rsrc Size: 77KB - Virtual size: 77KB

.reloc Size: 50KB - Virtual size: 49KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 253KB - Virtual size: 252KB

.data
Size: 19KB - Virtual size: 34KB

.rsrc
Size: 77KB - Virtual size: 77KB

.reloc
Size: 50KB - Virtual size: 49KB