6a89b312d2d7a859da7a52ef25560d0c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a89b312d2d7a859da7a52ef25560d0c_JaffaCakes118
Size

11.1MB
MD5

6a89b312d2d7a859da7a52ef25560d0c
SHA1

c85fcb38d37d12c6675e5222180142dff8e2763b
SHA256

040e13781ffaef493cec815a1ae90e8f17b0ac6992381c69fb7d37e3315d8d9a
SHA512

a57e54cf99eeedda327920b51b2ea3acdc5cb974699e64ff3e46084561a7d4ae4bf71be94d1b395964aed6d148fa12d9e1edfbc9c946cf7643907eaf6bd885b4
SSDEEP

98304:PuuU3DTSEywZ+1z6Y0awuL9Q1LvjsNueJjpNznoqmZkC8lAJsv6tWKFdu9CSvXRx:WTDTXGGmrRAJsv6tWKFdu9CStT1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a89b312d2d7a859da7a52ef25560d0c_JaffaCakes118

Files

6a89b312d2d7a859da7a52ef25560d0c_JaffaCakes118
.exe windows:6 windows x86 arch:x86

4f97b05f0f8bb371043f4fb0ff4782f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

bind
WSACleanup
connect
getsockopt
WSAGetLastError
closesocket
WSAResetEvent
WSACreateEvent
htonl
htons
recvfrom
select
send
setsockopt
socket
inet_pton
ioctlsocket
recv
WSACloseEvent
WSAAsyncSelect
WSAStartup

iphlpapi

NotifyAddrChange
ConvertInterfaceNameToLuidW
ConvertInterfaceIndexToLuid
ConvertInterfaceLuidToNameW
GetAdaptersAddresses

advapi32

RegQueryInfoKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
SystemFunction036
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
InitializeAcl
GetTokenInformation
GetLengthSid
FreeSid
AllocateAndInitializeSid
AddAccessAllowedAce
OpenProcessToken
GetNamedSecurityInfoW
RegCreateKeyExW
BuildTrusteeWithSidW
RegGetValueW
AccessCheck
CopySid
DuplicateToken
MapGenericMask
LookupAccountSidW
RegSetValueExW
RegQueryValueExW
GetEffectiveRightsFromAclW
RegCloseKey
RegDeleteValueW
RegOpenKeyExW

avcodec-58

av_new_packet
av_packet_unref
avcodec_alloc_context3
avcodec_find_decoder
avcodec_open2
avcodec_receive_frame
avcodec_send_packet

avutil-56

av_frame_alloc
av_frame_free
av_free
av_opt_set_int

swscale-5

sws_freeContext
sws_getContext
sws_scale

imm32

ImmGetVirtualKey
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetOpenStatus
ImmGetCompositionStringW
ImmAssociateContextEx
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmGetDefaultIMEWnd

oleaut32

SafeArrayCreateVector
SafeArrayPutElement
SysAllocString

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory

uxtheme

GetCurrentThemeName
IsAppThemed
SetWindowTheme
OpenThemeData
GetThemePartSize
GetThemeColor
GetThemeInt
GetThemeEnumValue
IsThemeActive
GetThemePropertyOrigin
GetThemeTransitionDuration
CloseThemeData
ord47
GetThemeBackgroundRegion
IsThemeBackgroundPartiallyTransparent
GetThemeBool
GetThemeMargins

dwmapi

DwmIsCompositionEnabled
DwmEnableBlurBehindWindow

ole32

RegisterDragDrop
RevokeDragDrop
OleInitialize
OleUninitialize
CoUninitialize
CoInitializeEx
CoInitialize
OleSetClipboard
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CoCreateInstance
DoDragDrop
CoTaskMemFree
ReleaseStgMedium
CoGetMalloc
CoCreateGuid
StringFromGUID2
CoLockObjectExternal

netapi32

NetApiBufferFree
NetShareEnum

userenv

GetUserProfileDirectoryW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

VirtualFree
GetExitCodeThread
TryEnterCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetTickCount
RaiseException
EncodePointer
DecodePointer
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
CreateTimerQueue
SignalObjectAndWait
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
UnregisterWait
GetModuleFileNameW
WaitForSingleObject
CreateProcessA
QueryPerformanceCounter
QueryPerformanceFrequency
CloseHandle
GetLastError
SetEvent
ReleaseMutex
CreateMutexW
CreateEventW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
lstrcmpW
GetCurrentThreadId
GetModuleHandleW
GetProcAddress
LocalFree
FormatMessageW
WTSGetActiveConsoleSessionId
SetErrorMode
ExpandEnvironmentStringsW
CreateProcessW
CheckRemoteDebuggerPresent
OpenProcess
GetThreadTimes
GlobalUnlock
GlobalLock
GetLocaleInfoW
LoadLibraryA
LoadLibraryW
GlobalSize
GetCurrentProcessId
GetUserDefaultLangID
CreateFileW
ReadFile
WriteFile
WideCharToMultiByte
GetLongPathNameW
GetVolumeInformationW
GetDriveTypeW
GetConsoleWindow
ExitProcess
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
DisconnectNamedPipe
WaitNamedPipeW
ConnectNamedPipe
CreateNamedPipeW
GetOverlappedResult
ResetEvent
GetCurrentProcess
CompareStringEx
GetCommandLineW
GetSystemTime
GetLocalTime
OutputDebugStringW
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
GetSystemDirectoryW
DuplicateHandle
Sleep
WaitForMultipleObjects
SwitchToThread
CreateThread
GetCurrentThread
SetThreadPriority
GetThreadPriority
TerminateThread
ResumeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemInfo
GetDateFormatW
GetTimeFormatW
GetCurrencyFormatW
GetUserDefaultLCID
GetUserPreferredUILanguages
GetFileAttributesExW
GetTickCount64
CompareStringW
LCMapStringW
ReadFileEx
PeekNamedPipe
CancelIoEx
SleepEx
WriteFileEx
UnregisterWaitEx
RegisterWaitForSingleObject
GetStartupInfoW
GetCurrentDirectoryW
CreateDirectoryW
DeleteFileW
FindClose
FindFirstFileW
GetFileAttributesW
GetFileInformationByHandle
GetFullPathNameW
GetLogicalDrives
RemoveDirectoryW
SetFileTime
GetTempPathW
GetVolumePathNamesForVolumeNameW
DeviceIoControl
CopyFileW
MoveFileW
MoveFileExW
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
GetFileInformationByHandleEx
FlushFileBuffers
GetFileType
SetEndOfFile
SetFilePointerEx
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
MultiByteToWideChar
FindFirstFileExW
FindNextFileW
FreeLibrary
GetModuleHandleExW
GetExitCodeProcess
GetTimeZoneInformation
GetGeoInfoW
GetUserGeoID
FreeLibraryAndExitThread
GetModuleHandleA
LoadLibraryExW
GetVersionExW
VirtualProtect
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
VirtualAlloc
RtlUnwind
ExitThread
GetCommandLineA
SetFileAttributesW
SetStdHandle
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetStdHandle
HeapFree
HeapAlloc
IsValidLocale
EnumSystemLocalesW
HeapReAlloc
GetFileSizeEx
IsValidCodePage
GetACP
GetOEMCP
SetEnvironmentVariableW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
WriteConsoleW
HeapSize
GlobalAlloc

shell32

SHGetKnownFolderIDList
SHGetPathFromIDListW
SHGetMalloc
SHCreateItemFromParsingName
SHCreateItemFromIDList
Shell_NotifyIconW
ord727
SHGetStockIconInfo
SHGetFileInfoW
Shell_NotifyIconGetRect
CommandLineToArgvW
SHGetKnownFolderPath
SHBrowseForFolderW
ShellExecuteW

gdi32

SetTextColor
SetBkMode
SetTextAlign
GetCharABCWidthsI
SetGraphicsMode
SetWorldTransform
CombineRgn
CreateCompatibleDC
CreateRectRgn
DeleteDC
DeleteObject
GetRegionData
SelectClipRgn
SelectObject
CreateDIBSection
GdiFlush
GetTextExtentPoint32W
BitBlt
OffsetRgn
GetDeviceCaps
CreateCompatibleBitmap
CreateDCW
CreateBitmap
ChoosePixelFormat
ExtTextOutW
GetDIBits
GetOutlineTextMetricsW
GetGlyphOutlineW
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetTextFaceW
GetTextMetricsW
RemoveFontMemResourceEx
AddFontMemResourceEx
RemoveFontResourceExW
AddFontResourceExW
SetPixelFormat
DescribePixelFormat
GetPixelFormat
SwapBuffers
GetBitmapBits
GetObjectW
CreateFontIndirectW
EnumFontFamiliesExW
GetFontData
GetStockObject

user32

CallNextHookEx
CharNextExA
RegisterDeviceNotificationW
UnregisterDeviceNotification
UnhookWindowsHookEx
SetWindowsHookExW
KillTimer
SetTimer
MsgWaitForMultipleObjectsEx
GetQueueStatus
DispatchMessageW
TranslateMessage
DrawIconEx
MessageBoxW
ChangeWindowMessageFilterEx
RealGetWindowClassW
EnumWindows
GetWindowTextW
CloseTouchInputHandle
GetTouchInputInfo
GetAsyncKeyState
GetMessageExtraInfo
TrackMouseEvent
GetClipboardFormatNameW
GetCursorInfo
GetIconInfo
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
EnumDisplayDevicesW
GetSystemMetrics
SystemParametersInfoW
DefWindowProcW
DestroyWindow
GetDC
ReleaseDC
GetSysColor
GetDesktopWindow
GetDoubleClickTime
IsWindow
MessageBeep
GetCaretBlinkTime
UpdateLayeredWindowIndirect
SendMessageW
PostMessageW
AttachThreadInput
CreateWindowExW
IsChild
ShowWindow
UpdateLayeredWindow
SetLayeredWindowAttributes
FlashWindowEx
MoveWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
IsIconic
SetFocus
RegisterTouchWindow
UnregisterTouchWindow
IsTouchWindow
GetCapture
SetCapture
ReleaseCapture
GetSystemMenu
EnableMenuItem
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
GetUpdateRect
SetWindowRgn
InvalidateRect
SetWindowTextW
GetWindowRect
AdjustWindowRectEx
SetCursor
ClientToScreen
ScreenToClient
GetWindowLongW
SetWindowLongW
GetParent
SetParent
GetWindowThreadProcessId
GetWindow
DestroyCursor
DestroyIcon
MonitorFromPoint
GetAncestor
GetKeyboardLayoutList
UnregisterClassW
GetClassInfoW
RegisterClassExW
GetFocus
GetClientRect
GetCursorPos
ChildWindowFromPointEx
GetSysColorBrush
LoadImageW
SetMenu
DrawMenuBar
CreateMenu
CreatePopupMenu
DestroyMenu
InsertMenuW
AppendMenuW
RegisterClassW
RemoveMenu
TrackPopupMenu
GetMenuItemInfoW
SetMenuItemInfoW
MonitorFromWindow
GetMonitorInfoW
EnumDisplayMonitors
LoadIconW
IsHungAppWindow
SetClipboardViewer
ChangeClipboardChain
RegisterClipboardFormatW
GetKeyboardLayout
RegisterWindowMessageW
IsWindowEnabled
CreateCaret
DestroyCaret
ShowCaret
SetCaretPos
FindWindowA
PeekMessageW
IsZoomed
GetKeyState
GetKeyboardState
ToAscii
ToUnicode
MapVirtualKeyW
GetMenu
TrackPopupMenuEx
ModifyMenuW

winmm

timeSetEvent
timeKillEvent

Sections

.text
Size: 7.5MB - Virtual size: 7.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f97b05f0f8bb371043f4fb0ff4782f4

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

iphlpapi

advapi32

avcodec-58

avutil-56

swscale-5

imm32

oleaut32

wtsapi32

uxtheme

dwmapi

ole32

netapi32

userenv

version

kernel32

shell32

gdi32

user32

winmm

Sections

.text Size: 7.5MB - Virtual size: 7.5MB

.rdata Size: 3.2MB - Virtual size: 3.2MB

.data Size: 99KB - Virtual size: 164KB

.qtmetad Size: 1KB - Virtual size: 1KB

.rsrc Size: 75KB - Virtual size: 74KB

.reloc Size: 251KB - Virtual size: 251KB

.text
Size: 7.5MB - Virtual size: 7.5MB

.rdata
Size: 3.2MB - Virtual size: 3.2MB

.data
Size: 99KB - Virtual size: 164KB

.qtmetad
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 75KB - Virtual size: 74KB

.reloc
Size: 251KB - Virtual size: 251KB