57de86fea26df1bbf0a2311318ef9688_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

57de86fea26df1bbf0a2311318ef9688_JaffaCakes118
Size

3.7MB
MD5

57de86fea26df1bbf0a2311318ef9688
SHA1

27221316b2b919401a3027610ade1025b0dba703
SHA256

5e98901654f1da82cbe17081e74f72085d0a136b061fa76d6a4d0bc289dce8db
SHA512

12eeb2d309df47821e93498b20e83585f71bbba3bf540055dc12767186ab1e3823973806bf63e40a05520ba74f2e34d82a879740565c3055442b7cf0ebe59aa4
SSDEEP

49152:ycEeyG//rasoeodqlOdN8n+uwyme4oAOiWEvujAW61QXoTvI1k:pEc7oeoMliyb7MEAzQ4T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
57de86fea26df1bbf0a2311318ef9688_JaffaCakes118

Files

57de86fea26df1bbf0a2311318ef9688_JaffaCakes118
.exe windows:6 windows x86 arch:x86

096ca7016c8ae5575e7438f52a1ecf39

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Agree\Store\Pitch\catchFriend.pdb

Imports

kernel32

FindFirstFileExA
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
ExitProcess
SetStdHandle
QueryPerformanceFrequency
WriteConsoleW
GetFileType
GetStdHandle
GetCommandLineW
GetCommandLineA
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualAlloc
GetModuleHandleExW
GetSystemInfo
HeapValidate
RtlUnwind
LCMapStringW
GetStringTypeW
OutputDebugStringW
VirtualQuery
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
SearchPathA
GetTickCount
ResetEvent
GetTempPathA
GetUserDefaultLCID
GetTempFileNameA
VerifyVersionInfoA
VerSetConditionMask
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
GetWindowsDirectoryA
GetCurrentDirectoryA
lstrcpyA
lstrcmpiA
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
CreateFileA
FindResourceExW
GetACP
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
WaitForSingleObject
CloseHandle
FileTimeToSystemTime
GetProfileIntA
GetVersionExA
ResumeThread
SetThreadPriority
CompareStringA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
lstrcmpA
CopyFileA
FormatMessageA
MulDiv
GlobalSize
GetCurrentProcessId
LocalFree
LocalReAlloc
LocalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetAtomNameA
GlobalGetAtomNameA
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
OutputDebugStringA
FindNextFileA
GetHandleInformation
CreateEventA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
LoadLibraryA
GetSystemDirectoryA
SetEvent
GetLastError
Sleep
MultiByteToWideChar
GetVersion
HeapSize
GetVolumeInformationA
GetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
SetLastError
HeapFree
VirtualProtect
CreateFileW
GetModuleFileNameA

user32

GetDlgCtrlID
SetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
TrackPopupMenu
SetActiveWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetWindowTextLengthA
GetClientRect
GetWindowRect
AdjustWindowRectEx
MapWindowPoints
EqualRect
PtInRect
SetWindowLongA
GetClassLongA
GetClassNameA
GetTopWindow
GetWindow
SetWindowsHookExA
CallNextHookEx
LoadIconA
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpA
MonitorFromWindow
GetMonitorInfoA
PostThreadMessageA
ShowOwnedPopups
IsWindowVisible
IsIconic
BringWindowToTop
IsZoomed
GetNextDlgGroupItem
GetNextDlgTabItem
OpenClipboard
GetActiveWindow
SetCapture
SetTimer
KillTimer
DrawMenuBar
GetSystemMenu
UpdateWindow
GetForegroundWindow
SetForegroundWindow
GetUpdateRect
SetWindowRgn
GetWindowRgn
InvalidateRect
ValidateRect
RedrawWindow
LockWindowUpdate
ShowScrollBar
EnableScrollBar
HideCaret
WindowFromPoint
GetDesktopWindow
SetParent
LoadCursorA
LoadCursorW
ScreenToClient
NotifyWinEvent
ShowWindow
MoveWindow
GetDlgItem
CheckDlgButton
SendDlgItemMessageA
SetWindowTextA
IsDialogMessageA
CreateDialogIndirectParamA
EndDialog
GetCursorPos
SetRect
OffsetRect
GetSystemMetrics
SetRectEmpty
GetMessageA
ReleaseCapture
SetCursor
InflateRect
GetAsyncKeyState
LoadAcceleratorsA
TranslateAcceleratorA
DestroyMenu
IntersectRect
DestroyIcon
LoadImageA
UnpackDDElParam
ReuseDDElParam
GetKeyNameTextA
MapVirtualKeyA
SystemParametersInfoA
TranslateMessage
RealChildWindowFromPoint
CopyImage
GetClipboardFormatNameA
IsRectEmpty
UnionRect
CharUpperA
TrackMouseEvent
LoadImageW
LoadAcceleratorsW
DrawIconEx
GetIconInfo
MessageBeep
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
CloseClipboard
SetClipboardData
EmptyClipboard
SetCursorPos
CopyIcon
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
GetDoubleClickTime
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
DestroyCursor
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
LoadBitmapW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
InvertRect
PeekMessageA
PostQuitMessage
SendMessageA
PostMessageA
IsWindow
TabbedTextOutA
MapDialogRect
UnhookWindowsHookEx
EnableWindow
IsWindowEnabled
MessageBoxA
GetWindowLongA
GetParent
GetWindowThreadProcessId
GetLastActivePopup
IsMenu
GetMessagePos
DispatchMessageA
RegisterWindowMessageA
GetMenuCheckMarkDimensions
GetFocus
CopyRect
GetSysColor
FrameRect
FillRect
DrawFocusRect
GetSysColorBrush
DrawStateA
GrayStringA
DrawTextExA
GetMenuStringA
DrawIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetMenuItemInfoA
GetMenuItemInfoA
InsertMenuItemA
SetMenuItemBitmaps
DeleteMenu
ModifyMenuA
EnableMenuItem
CheckMenuItem
CreatePopupMenu
CreateMenu
LoadMenuW
LoadMenuA
DrawFrameControl
DrawEdge
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
DrawTextA

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
LoadTypeLi
VariantCopy
VarBstrFromDate
SysAllocString
VariantInit
SysAllocStringLen
VariantChangeType
SysFreeString
SysAllocStringByteLen

gdi32

SetDIBColorTable
CreateDIBSection
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetSystemPaletteEntries
EnumFontFamiliesExA
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
MoveToEx
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
LineTo
IntersectClipRect
GetClipBox
ExcludeClipRect
DeleteObject
DeleteDC
GetTextFaceA
Polyline
Polygon
LPtoDP
DPtoLP
CreatePolygonRgn
TextOutA
GetObjectA
GetTextMetricsA
SetRectRgn
StretchBlt
SetPixelV
SetPixel
SetPaletteEntries
SelectObject
RoundRect
RealizePalette
Rectangle
RectVisible
PtVisible
PtInRegion
PatBlt
OffsetRgn
GetWindowOrgEx
GetWindowExtEx
GetViewportOrgEx
GetViewportExtEx
GetTextExtentPoint32A
GetTextColor
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectType
GetNearestPaletteIndex
GetBoundsRect
GetBkColor
FrameRgn
FillRgn
ExtFloodFill
Escape
Ellipse
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgnIndirect
CreateRectRgn
CreatePatternBrush
CreatePen
CreatePalette
ExtTextOutA
CopyMetaFileA
CreateDCA
GetDeviceCaps
BitBlt
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateEllipticRgn
CreateFontIndirectA
CreateHatchBrush

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
SHGetPathFromIDListA
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderLocation

ole32

CoLockObjectExternal
OleGetClipboard
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleLockRunning
CreateStreamOnHGlobal
CoInitialize
CoDisconnectObject
CoCreateInstance
CoInitializeEx
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoTaskMemAlloc
StringFromCLSID

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

shlwapi

StrFormatKBSizeA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA
PathFindFileNameA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyExA
SystemFunction036

winmm

PlaySoundA

uxtheme

OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeParentBackground
IsAppThemed

msimg32

AlphaBlend
TransparentBlt

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 446KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 15.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

096ca7016c8ae5575e7438f52a1ecf39

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

oleaut32

gdi32

winspool.drv

oleacc

shell32

ole32

gdiplus

shlwapi

advapi32

winmm

uxtheme

msimg32

imm32

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 446KB - Virtual size: 445KB

.data Size: 25KB - Virtual size: 15.1MB

.tls Size: 512B - Virtual size: 9B

.gfids Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 169KB - Virtual size: 169KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 446KB - Virtual size: 445KB

.data
Size: 25KB - Virtual size: 15.1MB

.tls
Size: 512B - Virtual size: 9B

.gfids
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 169KB - Virtual size: 169KB