51651f6c1f07ffbe6a28bf2c530dffc2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

51651f6c1f07ffbe6a28bf2c530dffc2_JaffaCakes118
Size

2.0MB
MD5

51651f6c1f07ffbe6a28bf2c530dffc2
SHA1

d587439d21aab8a3c372b966b5165037040860b4
SHA256

595207ee121a0c42279f7ad7c9b6a4f9ad8a4026e6356bf97221414ef643706b
SHA512

2bb835c735c5bc54a7b47ca9e470c209cdc99ea7a5263063cc644b448b49661d23be90400d8d0d0cdfaab246d480571cc0ff00ba8c6a93bcde04e3f8d11d8b3f
SSDEEP

49152:gXG5uhNocpAmPZ28uDJTk1KN9RuH+hLniyTIv8:g25u4cG02OwHuHfyTI0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51651f6c1f07ffbe6a28bf2c530dffc2_JaffaCakes118

Files

51651f6c1f07ffbe6a28bf2c530dffc2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

858d345f5f262c998b6640dbf5eb6184

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\buildserver-core\bs1\work-downloader-2-1\core-repository\branches\downloader-2-1\downloader\release\BlizzardDownloader.pdb

Imports

iphlpapi

GetTcpTable
GetAdaptersInfo

wininet

HttpSendRequestA
InternetReadFile
HttpQueryInfoA
InternetReadFileExA
InternetGetConnectedState
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetSetOptionA
InternetCrackUrlA
InternetSetStatusCallback
InternetSetCookieA
InternetSetStatusCallbackA
InternetCloseHandle

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

ord17

rpcrt4

UuidCreate

ws2_32

sendto
bind
socket
getsockname
getsockopt
inet_addr
WSACleanup
listen
gethostname
ntohs
connect
closesocket
recv
send
WSAGetLastError
select
__WSAFDIsSet
htons
gethostbyname
WSASetLastError
WSAStartup
inet_ntoa
htonl
setsockopt
ntohl
ioctlsocket
accept
getpeername

kernel32

GetTempFileNameA
GetUserDefaultLangID
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
LoadLibraryA
CloseHandle
SetFileAttributesA
GetDiskFreeSpaceExA
GetVersionExA
GetComputerNameA
GetLastError
CreateEventA
GetCurrentProcessId
GetSystemInfo
InterlockedExchange
OpenMutexA
WriteFile
SetEvent
CompareStringA
CompareStringW
DeleteFileA
CopyFileA
GetCurrentDirectoryA
CreateThread
WaitForSingleObject
CreateFileA
CreateMutexA
GetModuleHandleA
FreeLibrary
MulDiv
GetFileSize
GlobalFree
GlobalAlloc
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceA
GetCurrentThreadId
GetConsoleCP
GetFileType
SetHandleCount
HeapCreate
HeapDestroy
HeapSize
GetModuleFileNameA
GetCPInfo
LCMapStringW
LCMapStringA
ExitThread
GetFullPathNameA
GetStartupInfoA
GetProcessHeap
GetCommandLineA
HeapAlloc
HeapReAlloc
ExitProcess
SetConsoleCtrlHandler
HeapFree
UnhandledExceptionFilter
TerminateProcess
RaiseException
RtlUnwind
VirtualFree
VirtualAlloc
SetLastError
SetFileTime
SetEndOfFile
RemoveDirectoryA
CreateDirectoryA
GetShortPathNameA
FlushFileBuffers
FindFirstFileA
FindNextFileA
FindClose
SetCurrentDirectoryA
TlsSetValue
DuplicateHandle
VirtualQuery
CreateProcessA
SetThreadAffinityMask
GetSystemTimeAsFileTime
MoveFileA
GetFileAttributesA
GetFileAttributesExA
InterlockedIncrement
InterlockedDecrement
SetFilePointer
ReadFile
GetDiskFreeSpaceA
QueryPerformanceFrequency
TlsAlloc
GetTempPathA
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCurrentThread
GetTickCount
QueryPerformanceCounter
SignalObjectAndWait
TlsFree
TlsGetValue
GetProcessAffinityMask
GetThreadPriority
SetThreadPriority
Sleep
GlobalMemoryStatus
GetConsoleMode
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetDriveTypeA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetExitCodeProcess
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
DeleteCriticalSection
LeaveCriticalSection
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetThreadLocale
GetStdHandle
EnterCriticalSection
InitializeCriticalSection
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

TrackPopupMenu
GetMenuItemInfoA
GetMenuStringA
GetMenuItemID
IsMenu
DefWindowProcA
GetWindowDC
OffsetRect
SetRect
InflateRect
LoadMenuA
LoadAcceleratorsA
SetWindowsHookExA
GetMenuItemCount
GetSubMenu
IsIconic
DrawIcon
DestroyMenu
UnhookWindowsHookEx
TranslateAcceleratorA
CallNextHookEx
GetDlgCtrlID
GetClientRect
GetSystemMetrics
GetScrollInfo
SystemParametersInfoA
SetWindowPos
CopyImage
DrawTextA
EnumChildWindows
GetWindowTextLengthA
GetParent
SetPropA
GetWindowLongA
GetCapture
SetCapture
ClientToScreen
PtInRect
ReleaseCapture
LoadCursorA
SetCursor
GetPropA
CallWindowProcA
RemovePropA
GetDesktopWindow
LoadImageA
IsWindowVisible
EnableWindow
CreateDialogParamA
BringWindowToTop
SetFocus
GetMenu
ModifyMenuA
DialogBoxParamA
SetForegroundWindow
FillRect
GetDC
ReleaseDC
SetWindowLongA
CheckDlgButton
IsDlgButtonChecked
EndDialog
MessageBoxA
SetDlgItemTextA
GetClassNameA
LoadIconA
InvalidateRect
GetWindowRect
ScreenToClient
MoveWindow
ShowWindow
FindWindowA
EnumWindows
SetWindowTextA
GetWindowThreadProcessId
PostMessageA
IsWindow
GetDlgItem
SendMessageA
KillTimer
SetTimer
GetWindowTextA
wsprintfA
GetFocus
DrawFocusRect
BeginPaint
EndPaint
DestroyIcon
IsZoomed
DestroyWindow
CreateWindowExA
DrawIconEx
IsWindowEnabled
SetWindowRgn
TrackMouseEvent
MsgWaitForMultipleObjects

gdi32

SaveDC
RestoreDC
CreatePolygonRgn
GetTextColor
GetTextExtentPoint32A
BitBlt
GetPixel
CreateRectRgn
CreateEllipticRgn
CreateRectRgnIndirect
SelectClipRgn
ExcludeClipRect
Rectangle
CreatePen
LineTo
GetDeviceCaps
GetObjectA
CreateFontIndirectA
GetStockObject
SetBkMode
SetBkColor
SetTextColor
CreateSolidBrush
SelectObject
DeleteObject
SetPixel
CreateCompatibleDC
CreateCompatibleBitmap
StretchBlt
DeleteDC
MoveToEx

comdlg32

GetSaveFileNameA

advapi32

RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExA
RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
GetUserNameA

shell32

Shell_NotifyIconA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
SHGetMalloc
SHBrowseForFolderA

ole32

CreateStreamOnHGlobal
CoCreateInstance
CoInitialize
CoUninitialize
OleCreate
OleInitialize
OleSetContainedObject

oleaut32

VariantInit
VariantClear
SysFreeString
OleLoadPicture
SysStringLen
SysAllocString

msimg32

TransparentBlt

Sections

.text
Size: 648KB - Virtual size: 644KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

858d345f5f262c998b6640dbf5eb6184

Headers

File Characteristics

PDB Paths

Imports

iphlpapi

wininet

version

comctl32

rpcrt4

ws2_32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

msimg32

Sections

.text Size: 648KB - Virtual size: 644KB

.rdata Size: 256KB - Virtual size: 253KB

.data Size: 28KB - Virtual size: 80KB

.rsrc Size: 132KB - Virtual size: 131KB

.text
Size: 648KB - Virtual size: 644KB

.rdata
Size: 256KB - Virtual size: 253KB

.data
Size: 28KB - Virtual size: 80KB

.rsrc
Size: 132KB - Virtual size: 131KB