71d05ec9c052355074adc3619be65efa_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

71d05ec9c052355074adc3619be65efa_JaffaCakes118
Size

880KB
MD5

71d05ec9c052355074adc3619be65efa
SHA1

122156a54974b6ec51d842ecb27215a33c6e7b0b
SHA256

955deded1ffd27b1f34ce1ae30d42dd76864a0866a5996eafc09de467e323c1d
SHA512

9946c58a50d626670e6bda9b2f787b6d25188ba80c413a491fb34a0cd93a427188be96520dc61d9d367df947728a97f3cb9aa6af5c4848941f1ab4299625b4ac
SSDEEP

24576:VqZ2xdjbETuhLnf4qtgxBcHsT3u0Gydw5EQ:0OBb60LwyYk5V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/zbot/mirc.exe

Files

71d05ec9c052355074adc3619be65efa_JaffaCakes118
.rar
zbot/aliases.ini
.ps1
zbot/gamechans.txt
zbot/gc.txt
zbot/globmess.txt
zbot/globmess2.txt
zbot/hash/badnick.mercy
zbot/hash/blacklist.mercy
zbot/hash/config.mercy
zbot/hash/greeting.mercy
zbot/hash/nokick.mercy
zbot/hash/sexchan.mercy
zbot/hash/sw.mercy
zbot/ipne.txt
zbot/mirc.exe
.exe windows:4 windows x86 arch:x86

48e173f2d74bc2001922a67b1b9f5bca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeEndPeriod
timeSetEvent
timeKillEvent
mciGetErrorStringA
timeGetDevCaps
mixerClose
mixerSetControlDetails
mciGetDeviceIDA
mciSendStringA
timeBeginPeriod
sndPlaySoundA
mixerGetLineControlsA
mixerGetLineInfoA
mixerOpen
mixerGetControlDetailsA

wsock32

WSASetLastError
sendto
getsockname
bind
recvfrom
socket
listen
inet_addr
WSAAsyncGetHostByAddr
WSAAsyncGetHostByName
WSACancelAsyncRequest
ntohl
gethostname
recv
send
htons
connect
WSAGetLastError
accept
WSAAsyncSelect
shutdown
closesocket
ioctlsocket
htonl
WSACleanup
setsockopt
WSAStartup
ntohs

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

mpr

WNetCloseEnum
WNetOpenEnumA
WNetEnumResourceA

comctl32

ImageList_Draw
ImageList_AddMasked
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
ImageList_GetIconSize

kernel32

GetSystemDefaultLangID
GetLocaleInfoA
GetSystemDefaultLCID
GetWindowsDirectoryA
SetEndOfFile
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
lstrcatW
lstrlenW
lstrcpyW
GetVersionExA
QueryPerformanceCounter
QueryPerformanceFrequency
CreateFileA
EnumResourceNamesA
EnumResourceTypesA
LoadLibraryExA
QueryDosDeviceA
GetFileType
GetFileAttributesA
WinExec
WriteFile
MulDiv
FindClose
FindNextFileA
FindFirstFileA
GetModuleFileNameA
_lwrite
_lclose
_hwrite
GlobalSize
OpenFile
_hread
_llseek
_lopen
GetCurrentThreadId
SetFilePointer
GetLastError
ReadFile
CreateEventA
GetDiskFreeSpaceA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDriveStringsA
SetFileAttributesA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetLocalTime
CreateMutexA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
SetErrorMode
CreateProcessA
FindCloseChangeNotification
FindNextChangeNotification
WaitForMultipleObjects
FindFirstChangeNotificationA
GetEnvironmentVariableA
GetShortPathNameA
CompareFileTime
GetFileTime
ReleaseMutex
GetTimeZoneInformation
LocalAlloc
LocalReAlloc
LocalFree
GetTempPathA
SizeofResource
CreateFileMappingA
CreateThread
TlsGetValue
TlsSetValue
ExitThread
RtlUnwind
HeapFree
HeapAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
SetConsoleCtrlHandler
DeleteFileA
MoveFileA
GetACP
GetOEMCP
WaitForSingleObject
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentThread
SetThreadPriority
SetEvent
Sleep
WideCharToMultiByte
CloseHandle
MultiByteToWideChar
GetCPInfo
ExitProcess
GetModuleHandleA
TerminateProcess
GetTickCount
FindResourceA
LoadResource
LockResource
GetSystemTimeAsFileTime
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
GetTimeFormatA
GetDateFormatA
GetStartupInfoA
GetCommandLineA
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
TlsFree
SetLastError
TlsAlloc
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
InitializeCriticalSection
GetFullPathNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA
SetEnvironmentVariableW
VirtualProtect
GetSystemInfo
VirtualQuery
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
RaiseException
GetCurrentProcessId
HeapSize
CompareStringA
CompareStringW
GetFileInformationByHandle
PeekNamedPipe
RemoveDirectoryA
HeapReAlloc
FlushFileBuffers
CreateDirectoryA

user32

DdeUnaccessData
DdeAccessData
DdeQueryStringA
DdeCreateDataHandle
DdeClientTransaction
DdeConnect
DdeCreateStringHandleA
DdeInitializeA
CallWindowProcA
DrawEdge
GetMessageA
SetKeyboardState
GetKeyboardState
ToAscii
ScrollDC
GetWindowThreadProcessId
ClipCursor
GetSystemMetrics
FlashWindow
SystemParametersInfoA
RedrawWindow
ShowScrollBar
WindowFromDC
CharLowerBuffA
CharLowerA
GetWindowDC
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
VkKeyScanA
GetKeyboardLayout
CopyAcceleratorTableA
MapVirtualKeyA
CallNextHookEx
GetCapture
CharUpperBuffA
DrawIcon
DefMDIChildProcA
GetScrollInfo
GetMenuState
IsMenu
RemoveMenu
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuItemID
TrackPopupMenu
GetMenuCheckMarkDimensions
RegisterWindowMessageA
SetWindowsHookExA
LoadAcceleratorsA
DispatchMessageA
TranslateMessage
TranslateMDISysAccel
TranslateAcceleratorA
IsDialogMessageA
GetForegroundWindow
LoadMenuA
PostQuitMessage
DefFrameProcA
RegisterClassExA
UnhookWindowsHookEx
ValidateRect
InvertRect
IntersectRect
DefWindowProcA
DrawFrameControl
RegisterClassA
CopyImage
CreateIconIndirect
FindWindowExA
FindWindowA
IsRectEmpty
OffsetRect
SetScrollInfo
DdeFreeDataHandle
BringWindowToTop
SetScrollRange
SetScrollPos
GetWindow
GetClassNameA
ClientToScreen
GetFocus
WinHelpA
LoadImageA
GetAsyncKeyState
GetWindowLongA
IsClipboardFormatAvailable
EmptyClipboard
SetClipboardData
OpenClipboard
EnumClipboardFormats
GetClipboardFormatNameA
CreateWindowExA
GetClipboardData
DestroyWindow
CloseClipboard
GetWindowTextLengthA
GetWindowTextA
LoadStringA
MessageBeep
GetTopWindow
IsZoomed
GetActiveWindow
IsWindow
IsCharAlphaA
IsCharAlphaNumericA
GetDesktopWindow
IsIconic
GetDialogBaseUnits
SetDlgItemInt
GetDlgItemInt
GetSystemMenu
CheckMenuItem
LoadCursorA
SetCursor
CreatePopupMenu
DestroyMenu
GetMenu
GetSubMenu
GetMenuItemCount
DeleteMenu
AppendMenuA
DrawMenuBar
FrameRect
FillRect
SetWindowTextA
GetClientRect
GetParent
DrawFocusRect
GetSysColor
CheckDlgButton
GetKeyState
IsDlgButtonChecked
PeekMessageA
MsgWaitForMultipleObjects
BeginPaint
EndPaint
LoadBitmapA
UpdateWindow
EndDialog
SetRect
IsWindowVisible
SetFocus
PtInRect
LoadIconA
EnableWindow
ShowWindow
MoveWindow
DdeNameService
DdeUninitialize
DdeDisconnect
DdeFreeStringHandle
DialogBoxParamA
IsChild
InsertMenuA
ModifyMenuA
GetNextDlgTabItem
EnableMenuItem
ChildWindowFromPointEx
GetScrollPos
GetScrollRange
CreateMenu
EqualRect
SetMenu
SendMessageA
SetWindowPos
InvalidateRect
SetTimer
KillTimer
IsWindowEnabled
wsprintfA
GetIconInfo
DrawIconEx
GetDlgCtrlID
DrawTextA
SetCapture
ReleaseCapture
DestroyIcon
GetWindowPlacement
SetWindowPlacement
SetForegroundWindow
GetMenuStringA
CreateDialogParamA
SetActiveWindow
CopyRect
SendDlgItemMessageA
GetDC
GetDlgItem
GetWindowRect
MapWindowPoints
PostMessageA
ReleaseDC
ChildWindowFromPoint
WindowFromPoint
GetCursorPos
ScreenToClient
SetWindowLongA

gdi32

MoveToEx
CreatePen
SelectClipRgn
CombineRgn
CreateRectRgn
GetNearestColor
GetDeviceCaps
GetTextExtentPointA
CreateFontIndirectA
GetDIBits
CreateDIBitmap
PtInRegion
CreatePolygonRgn
ExtFloodFill
CreatePatternBrush
Rectangle
LineTo
Ellipse
DeleteDC
SetROP2
SetBkMode
ExtTextOutW
GetBkColor
GetTextColor
GetCurrentObject
EnumFontFamiliesExA
GetTextCharset
StretchDIBits
GetTextExtentPointW
IntersectClipRect
Polyline
SetPixel
ExcludeClipRect
GetObjectType
CreateCompatibleBitmap
StretchBlt
SetStretchBltMode
SetBrushOrgEx
CreateCompatibleDC
GetObjectA
RoundRect
BitBlt
CreateBitmap
CreateRectRgnIndirect
RectInRegion
CreateFontA
CreateSolidBrush
CreateHatchBrush
GetTextMetricsA
SetTextColor
SetBkColor
ExtTextOutA
DeleteObject
SelectObject
GetStockObject
GetPixel
SetPixelV

comdlg32

ChooseFontA
CommDlgExtendedError
ChooseColorA

advapi32

RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegCreateKeyA
RegSetValueA
RegCloseKey
RegOpenKeyExA

shell32

SHGetSpecialFolderLocation
Shell_NotifyIconA
SHBrowseForFolderA
SHFileOperationA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetMalloc
DragQueryPoint
DragQueryFileA
DragFinish
FindExecutableA
ShellExecuteA
ExtractIconExA
ExtractIconA
DragAcceptFiles

ole32

ProgIDFromCLSID
CoCreateInstance
CLSIDFromProgID
CoGetInterfaceAndReleaseStream
OleUninitialize
OleInitialize

oleaut32

SetErrorInfo
LoadRegTypeLi
VariantCopy
DispGetParam
VarR8FromCy
VarR8FromDate
VarCyFromR8
VarDateFromR8
VariantChangeType
SysAllocString
VariantClear
VariantInit
SysFreeString

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
zbot/mirc.ini
zbot/nojoin.txt
zbot/nomode.txt
zbot/onjoins.txt
zbot/randomchan.txt
zbot/remote.ini
zbot/script.conf
.js
zbot/script1.conf
zbot/script2.conf
.js
zbot/script4.conf
.js
zbot/serverchans.txt
zbot/socks.txt

Sharing

General

Malware Config

Signatures

Files

48e173f2d74bc2001922a67b1b9f5bca

Headers

File Characteristics

Imports

winmm

wsock32

version

mpr

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 104KB - Virtual size: 100KB

.data Size: 20KB - Virtual size: 307KB

.rsrc Size: 256KB - Virtual size: 253KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 104KB - Virtual size: 100KB

.data
Size: 20KB - Virtual size: 307KB

.rsrc
Size: 256KB - Virtual size: 253KB