8da1789c6785463be1fcf478c62d0f15_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8da1789c6785463be1fcf478c62d0f15_JaffaCakes118
Size

2.8MB
MD5

8da1789c6785463be1fcf478c62d0f15
SHA1

2da92aec8314474c26c83cea882a38627f31ddba
SHA256

f4f5711512fbc0d411f80da26ae6a3814fab8abe701db52d71c0a39d0e5bbc01
SHA512

f1f79bc0a195aa4ca9c141fc402724530bc47c8a6c474379e70b29371753bfb3a40f2f8a276f500319eae184be335c34a1394db61fb8e2261f8c355d4cae6e14
SSDEEP

49152:+hFmlHXHdHFzUlgk68lVvJXPe0q18W40OsOr52OHEr1nsLdLaL/JZfa3R/fIdaN:wi392q89U1740vm5X/RaL/jfa3XN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/LVSetup.exe

Files

8da1789c6785463be1fcf478c62d0f15_JaffaCakes118
.rar
LVSetup.exe
.exe windows:5 windows x86 arch:x86

7263d914e7256eec05a92bf163b42991

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetDriveTypeW
GetStringTypeW
GetDateFormatW
GetTimeFormatW
LCMapStringW
OutputDebugStringW
WriteConsoleW
GetCurrentDirectoryW
CreateFileW
SetEnvironmentVariableA
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetTimeZoneInformation
IsValidCodePage
HeapQueryInformation
AreFileApisANSI
GetModuleHandleExW
ExitProcess
ExitThread
CreateThread
GetFileType
SetStdHandle
IsProcessorFeaturePresent
IsDebuggerPresent
VirtualQuery
VirtualAlloc
GetCommandLineA
GetSystemTimeAsFileTime
RtlUnwind
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
lstrcpyA
GetTickCount
GetWindowsDirectoryA
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryA
GetACP
GlobalFlags
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
LeaveCriticalSection
EnterCriticalSection
EncodePointer
GlobalAddAtomA
CompareStringA
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetCurrentThread
ResumeThread
SetThreadPriority
GetCurrentThreadId
WaitForSingleObject
FreeResource
FileTimeToSystemTime
FindNextFileA
FileTimeToLocalFileTime
lstrcmpA
GetCurrentProcessId
GetThreadLocale
GetVolumeInformationA
LoadLibraryW
LoadLibraryA
lstrcmpiA
LoadLibraryExA
GetModuleHandleW
GetModuleFileNameW
GetCurrentProcess
DuplicateHandle
CloseHandle
OutputDebugStringA
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
CreateFileA
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
MoveFileExA
RemoveDirectoryA
GetSystemInfo
AttachConsole
FreeConsole
MultiByteToWideChar
GetVersionExA
GetComputerNameA
GetFileAttributesA
CreateDirectoryA
FindResourceA
GetModuleHandleA
GetModuleFileNameA
lstrcatA
WriteFile
GetStdHandle
Sleep
HeapAlloc
HeapReAlloc
DecodePointer
HeapFree
HeapSize
GetProcessHeap
RaiseException
GetProcAddress
WideCharToMultiByte
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
FindResourceW
SizeofResource
LoadResource
LockResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError

gdi32

CopyMetaFileA
GetTextMetricsA
DPtoLP
CreateDCA
GetTextFaceA
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
GetBoundsRect
FillRgn
SetPaletteEntries
ExtFloodFill
SetPixelV
PtInRegion
FrameRgn
RoundRect
CreateRoundRectRgn
OffsetRgn
EnumFontFamiliesExA
Rectangle
Polyline
Polygon
CreatePolygonRgn
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
CreateCompatibleBitmap
GetDeviceCaps
SetRectRgn
GetMapMode
CombineRgn
GetRgnBox
GetTextColor
GetBkColor
CreateFontIndirectA
PatBlt
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutA
TextOutA
MoveToEx
GetObjectA
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
CreateBitmap
GetTextExtentPoint32A

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegCloseKey
GetUserNameA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteValueA

shell32

ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ord680
SHBrowseForFolderA
SHGetFileInfoA
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHAppBarMessage

shlwapi

StrFormatKBSizeA
PathRemoveFileSpecW
PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA

uxtheme

DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemeColor
GetCurrentThemeName
GetThemePartSize
IsAppThemed
GetThemeSysColor
GetWindowTheme

ole32

RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
RevokeDragDrop
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance

oleaut32

VariantClear
VariantChangeType
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantInit
VariantCopy
VarBstrFromDate
SysAllocStringLen
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocString
OleCreateFontIndirect

oledlg

ord8

winmm

PlaySoundA

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 326KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11.4MB - Virtual size: 11.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7263d914e7256eec05a92bf163b42991

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

winmm

oleacc

gdiplus

imm32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 326KB - Virtual size: 325KB

.data Size: 26KB - Virtual size: 55KB

.rsrc Size: 11.4MB - Virtual size: 11.4MB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 326KB - Virtual size: 325KB

.data
Size: 26KB - Virtual size: 55KB

.rsrc
Size: 11.4MB - Virtual size: 11.4MB