8e0fefc9213fb7a5f237b13423085d18_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8e0fefc9213fb7a5f237b13423085d18_JaffaCakes118
Size

318KB
MD5

8e0fefc9213fb7a5f237b13423085d18
SHA1

7d490a029cf02f1ab4691df914b4774a3cbadb69
SHA256

6e5c306a62cb4513e379f9d0d9f99e2633674f2a16cca2f7958bfa1bf910e981
SHA512

13aa20cef7ef8e9610822598795530692b276e1e7c0c9b5bea3fa2505db826a91db5728940ef965b3fe20ca5a5cfb3669fbcc644206c225256cdfd0f4934c8cb
SSDEEP

6144:WqoXH+clFoAE4yHcl+IBnJY3UFQv795zBgOO+X/F6Z1ZmTQLJVOJt:WqoXHdFo54y8lRs3UaT9VG3+Pg4T2JVO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/таблица сроков подключения, список IP адресов.scr

Files

8e0fefc9213fb7a5f237b13423085d18_JaffaCakes118
.zip
таблица сроков подключения, список IP адресов.zip
.zip
таблица сроков подключения, список IP адресов.scr
.exe windows:4 windows x86 arch:x86

4ea24c9f2aa2d982c416cd3ad7823d0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\always\\Release\Rectangle.pdb

Imports

kernel32

GetStartupInfoA
RtlUnwind
HeapSize
HeapDestroy
HeapCreate
VirtualFree
Sleep
GetStdHandle
GetACP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetSystemTimeAsFileTime
IsDebuggerPresent
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetProcessHeap
GetExitCodeProcess
CreateProcessA
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ExitProcess
HeapReAlloc
HeapFree
VirtualQuery
GetSystemInfo
GetConsoleMode
GetCommandLineA
VirtualProtect
HeapAlloc
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringA
FileTimeToSystemTime
GetThreadLocale
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalFlags
FormatMessageA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
GetModuleFileNameA
InterlockedDecrement
MulDiv
lstrcmpA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
SetLastError
FreeLibrary
GetVersionExA
LoadLibraryW
GetModuleFileNameW
OpenProcess
CreateThread
GetProcAddress
GetTickCount
VirtualAlloc
CreateEventA
GetCurrentProcess
GetConsoleTitleA
LoadLibraryA
LocalFree
CreateProcessW
CloseHandle
GetCurrentProcessId
QueryPerformanceFrequency
LocalAlloc
WaitForSingleObject
QueryPerformanceCounter
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleHandleA
lstrlenA
CompareStringA
RaiseException
LoadResource
MultiByteToWideChar
LockResource
FindResourceA
CompareStringW
GetVersion
InterlockedExchange
SizeofResource
LeaveCriticalSection
WideCharToMultiByte
DeleteCriticalSection
GetLastError
EnterCriticalSection
GetStringTypeA
InitializeCriticalSection

user32

GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
DispatchMessageA
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
TrackPopupMenu
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
MessageBoxA
GetClassInfoExA
RegisterClassA
EqualRect
GetDlgCtrlID
IntersectRect
GetWindowPlacement
AdjustWindowRectEx
SetWindowPos
GetWindowLongA
TranslateAcceleratorA
TranslateMDISysAccel
BringWindowToTop
GetActiveWindow
DrawMenuBar
CreateWindowExA
GetMenuItemCount
GetMenuItemID
DefMDIChildProcA
GetMenu
DefFrameProcA
SetFocus
GetSubMenu
IsWindow
DrawFocusRect
wsprintfA
EnumWindowStationsW
GetForegroundWindow
DialogBoxIndirectParamA
GetFocus
MapWindowPoints
SetMenuItemBitmaps
SetWindowWord
BeginDeferWindowPos
GetPropA
SetMenu
GetWindowThreadProcessId
ReuseDDElParam
InsertMenuA
SetWindowTextA
GetDlgItem
GetDCEx
DeferWindowPos
MoveWindow
DestroyIcon
GetWindow
LoadMenuA
EndDeferWindowPos
GetDesktopWindow
AppendMenuA
IsClipboardFormatAvailable
SetClipboardData
GetSystemMenu
GetClipboardData
DrawIcon
OpenClipboard
EmptyClipboard
CloseClipboard
CreatePopupMenu
SendMessageA
GetParent
GetClassInfoA
SetActiveWindow
EnableWindow
CopyRect
GetSystemMetrics
LoadBitmapA
DrawTextExA
RemovePropA
SetPropA
GetClassNameA
IsIconic
CallWindowProcA
PtInRect
DrawIconEx
CharUpperA
SetCapture
GetSysColor
PostMessageA
DefWindowProcA
DrawFrameControl
FillRect
InvalidateRect
RedrawWindow
GetClientRect
GetCursorPos
InflateRect
SetRectEmpty
CopyImage
SystemParametersInfoA
ScreenToClient
ReleaseCapture
GetClassLongA
CallNextHookEx
SetWindowsHookExA
PostThreadMessageA
GetWindowRect
OffsetRect
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
CharNextA
UnregisterClassA
EnumDisplaySettingsExA
GetSysColorBrush
LoadCursorA
ClientToScreen
SetWindowLongA
GetCapture
SetRect
LoadIconA
SetScrollPos
UnpackDDElParam
IsRectEmpty
IsZoomed
LoadAcceleratorsA
InsertMenuItemA
DestroyMenu
GetMenuItemInfoA
GetNextDlgTabItem
CreateDialogIndirectParamA
EndDialog
ShowOwnedPopups
SetCursor
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
GetMessageA
TranslateMessage
ValidateRect
WindowFromPoint
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringA
IsChild
DrawTextA
TabbedTextOutA
IsWindowEnabled
ShowWindow
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
LoadImageA
WinHelpA

gdi32

SetMapMode
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
DeleteDC
CreatePatternBrush
GetStockObject
GetDeviceCaps
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
RestoreDC
GdiFlush
TextOutA
SetTextColor
CreateDIBSection
CreateRectRgnIndirect
SetBkMode
SetBkColor
CreateICA
ExtSelectClipRgn
ExtFloodFill
GetTextExtentPoint32A
SelectObject
GetBitmapBits
CreateBitmap
CreateCompatibleDC
StretchBlt
DeleteObject
CreateFontIndirectA
CreateSolidBrush
GetPixel
SaveDC
GetObjectA
CreateCompatibleBitmap
CreateRectRgn
SetPixel
CombineRgn
BitBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
ConvertStringSidToSidA
RegQueryValueExA
RegCloseKey
SetSecurityDescriptorOwner
GetTokenInformation
ConvertSidToStringSidA
LookupAccountNameA
GetUserNameA
SetNamedSecurityInfoA
InitializeSecurityDescriptor
OpenProcessToken

shell32

ShellExecuteA
ExtractIconExA
DragFinish
DragQueryFileA
SHBrowseForFolderA

comctl32

ImageList_ReplaceIcon
_TrackMouseEvent

shlwapi

PathCanonicalizeW
PathFindFileNameW
PathFindNextComponentA
PathFindExtensionW
PathCommonPrefixW
PathBuildRootW
PathCombineW
PathFindExtensionA
PathStripToRootA
PathFindFileNameA
PathAppendW
PathIsUNCA

oledlg

ord8

ole32

CoTaskMemAlloc
OleInitialize
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoLockObjectExternal
RevokeDragDrop
CoRevokeClassObject
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
OleIsCurrentClipboard
CoFreeUnusedLibraries
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

VariantCopy
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString

opengl32

glViewport
glMatrixMode
glEnable
glOrtho
glShadeModel
glLoadIdentity

glu32

gluLookAt

psapi

GetModuleFileNameExA

crypt32

CryptExportPublicKeyInfoEx

ws2_32

WSAStartup

netapi32

DsRoleGetPrimaryDomainInformation
NetAuditClear

avicap32

capGetDriverDescriptionA

rpcrt4

UuidCreateSequential

gdiplus

GdipFree
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipDisposeImage
GdipCloneImage
GdipSaveImageToFile

secur32

LsaGetLogonSessionData

uxtheme

GetThemeSysColor
OpenThemeData
DrawThemeBackground
CloseThemeData

ntdsapi

DsGetRdnW

Sections

.text
Size: 360KB - Virtual size: 359KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ea24c9f2aa2d982c416cd3ad7823d0c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

opengl32

glu32

psapi

crypt32

ws2_32

netapi32

avicap32

rpcrt4

gdiplus

secur32

uxtheme

ntdsapi

Sections

.text Size: 360KB - Virtual size: 359KB

.rdata Size: 84KB - Virtual size: 80KB

.data Size: 16KB - Virtual size: 27KB

.rsrc Size: 172KB - Virtual size: 170KB

.text
Size: 360KB - Virtual size: 359KB

.rdata
Size: 84KB - Virtual size: 80KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 172KB - Virtual size: 170KB