a5d6073e112edb907a4f9c1144fe075d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a5d6073e112edb907a4f9c1144fe075d_JaffaCakes118
Size

2.4MB
MD5

a5d6073e112edb907a4f9c1144fe075d
SHA1

5adb7fe9d124ba43f4f849dbd537110d9fa7f3b4
SHA256

79ee4fa6ee5e74761d8756dfc28779fca8e699db4f541db452b72854a80cdaa5
SHA512

f51396ea79dc628859adb8f21a47c84eb62c23881f9eade6c02a559d53a1119bdfc3168e6812ebfb2e0b937cd84428dd295e019eebab89211aa7c842d43ebf1d
SSDEEP

49152:1uGJ9fe1fuYzbT9wuShHUTrH+VyhtG9QJ8kem+suUfRDd1LsRTYTXKZXtxlJX1Dh:QzBL9e0X+VyhtG9QJ8kjOUfR4dYT69VJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5d6073e112edb907a4f9c1144fe075d_JaffaCakes118

Files

a5d6073e112edb907a4f9c1144fe075d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b6e678efd5900a84fe243311bfd4ebbe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
MessageBeep
ReleaseCapture
SetCapture
GetSystemMenu
LoadMenuW
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
IsIconic
OffsetRect
IsRectEmpty
DestroyMenu
GetMenuItemInfoW
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
RedrawWindow
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcW
GetMenu
IntersectRect
InflateRect
SetWindowPos
ShowWindow
MoveWindow
SetWindowLongW
IsWindow
IsDialogMessageW
SendDlgItemMessageW
CreateAcceleratorTableW
CheckDlgButton
GetScrollPos
SetScrollPos
SetFocus
DrawFocusRect
KillTimer
SetTimer
InvalidateRect
UpdateWindow
GetDesktopWindow
GetMenuStringW
GetMenuState
SetRect
SetCursorPos
RealChildWindowFromPoint
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
SetWindowTextW
GetClassInfoW
DefWindowProcW
MapWindowPoints
GetClientRect
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoW
GetMonitorInfoW
SetRectEmpty
CopyRect
DeleteMenu
ShowOwnedPopups
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
SetWindowsHookExW
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetWindowTextLengthW
GetWindowTextW
LoadCursorW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnhookWindowsHookEx
GetWindowThreadProcessId
SendMessageW
BringWindowToTop
LockWindowUpdate
DispatchMessageW
CopyImage
TranslateAcceleratorW
InsertMenuItemW
LoadImageW
ReuseDDElParam
UnpackDDElParam
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsMenu
CopyAcceleratorTableW
ToUnicodeEx
MapVirtualKeyW
GetKeyboardLayout
GetKeyboardState
DestroyIcon
LoadAcceleratorsW
GetSystemMetrics
CharUpperW
PostQuitMessage
PostMessageW
MessageBoxW
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongW
GetParent
CreateMenu
PostThreadMessageW
WaitMessage
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetMenuDefaultItem
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
RegisterClipboardFormatW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
GetIconInfo
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
SubtractRect
InvertRect
HideCaret
GetNextDlgGroupItem
MapDialogRect
DrawIcon
DestroyCursor
GetWindowRgn
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
GetMessageW
TranslateMessage
GetDlgItem

netapi32

NetUseAdd

winhttp

WinHttpSendRequest
WinHttpReceiveResponse
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpCloseHandle
WinHttpConnect
WinHttpOpen
WinHttpOpenRequest

kernel32

GetTimeZoneInformation
AllocConsole
WriteConsoleA
ResetEvent
CreateEventA
SetEnvironmentVariableW
SetEnvironmentVariableA
WriteConsoleW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetExitCodeProcess
GetConsoleMode
GetConsoleCP
CreateMutexA
LCMapStringW
GetStringTypeW
GetStartupInfoW
SetHandleCount
GetStdHandle
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
GetFileAttributesExW
GetDriveTypeW
GetTempPathW
GetSystemDirectoryW
GetWindowsDirectoryW
FreeLibrary
LoadLibraryW
GetModuleFileNameW
InterlockedIncrement
LocalFree
InterlockedDecrement
GetLastError
lstrlenA
DeleteFileW
CloseHandle
WriteFile
CreateFileW
GetTempFileNameW
CreateDirectoryW
GetLocalTime
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetNumberFormatW
GetLocaleInfoW
FormatMessageW
SleepEx
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalAlloc
lstrlenW
OpenMutexW
SetEvent
OpenEventW
CreateProcessW
GetCommandLineW
FindClose
FindNextFileW
GetFileAttributesW
FindFirstFileW
GetCurrentThreadId
CreateMutexW
WaitForSingleObject
ReleaseMutex
CreateEventW
WaitForMultipleObjects
PulseEvent
WideCharToMultiByte
SetLastError
TerminateProcess
Sleep
GetProcAddress
SetThreadPriority
GetCurrentThread
CreateProcessA
GetFullPathNameA
DuplicateHandle
GetCurrentProcess
InitializeCriticalSection
GetVersionExW
ResumeThread
SuspendThread
SetCurrentDirectoryW
CreateThread
GetModuleHandleW
GetProcessHeap
OutputDebugStringW
OutputDebugStringA
UnmapViewOfFile
UnlockFileEx
UnlockFile
SystemTimeToFileTime
SetFilePointer
SetEndOfFile
ReadFile
QueryPerformanceCounter
MapViewOfFile
LockFileEx
LockFile
LoadLibraryA
HeapValidate
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GetVersionExA
GetTickCount
GetTempPathA
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetFullPathNameW
GetFileSize
GetFileAttributesA
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetCurrentProcessId
FormatMessageA
FlushFileBuffers
DeleteFileA
CreateFileMappingW
CreateFileMappingA
CreateFileA
AreFileApisANSI
InterlockedCompareExchange
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
CopyFileW
GlobalFree
lstrcmpA
lstrcmpiW
DeactivateActCtx
ActivateActCtx
GetVolumeInformationW
SetErrorMode
InterlockedExchange
LoadLibraryExW
lstrcmpW
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GlobalDeleteAtom
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
CreateActCtxW
ReleaseActCtx
CompareStringW
GlobalGetAtomNameW
GetFileSizeEx
GetFileTime
GetCurrentDirectoryW
lstrcpyW
GlobalFlags
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GlobalAddAtomW
GlobalFindAtomW
FreeResource
GetProfileIntW
SearchPathW
VirtualProtect
GetUserDefaultLCID
FindResourceExW
RtlUnwind
GetTimeFormatW
GetDateFormatW
ExitThread
MoveFileA
GetTimeFormatA
GetDateFormatA
SetStdHandle
GetFileType
CreatePipe
EncodePointer
DecodePointer
HeapSetInformation
RaiseException
ExitProcess
HeapQueryInformation
VirtualAlloc
VirtualQuery
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent

gdi32

SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
SetPixelV
GetTextFaceW
EnumFontFamiliesExW
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
GetSystemPaletteEntries
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Rectangle
GetDeviceCaps
SetPixel
StretchBlt
RealizePalette
SetDIBColorTable
GetRgnBox
OffsetRgn
Polygon
Ellipse
Polyline
CreateEllipticRgn
GetTextColor
GetBkColor
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
GetTextExtentPoint32W
DPtoLP
PatBlt
CombineRgn
SetRectRgn
GetTextCharsetInfo
EnumFontFamiliesW
GetTextMetricsW
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateFontIndirectW
CreateDIBitmap
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectW
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

comdlg32

GetFileTitleW

advapi32

RegisterServiceCtrlHandlerExW
CryptHashData
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
CryptCreateHash
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
CryptDestroyHash
CryptEncrypt
CryptDecrypt
LogonUserExW
StartServiceW
CloseServiceHandle
DeleteService
ControlService
QueryServiceStatusEx
OpenServiceW
OpenSCManagerW
QueryServiceStatus
ReportEventA
RegisterEventSourceA
RegSetValueExA
RegCreateKeyExA
OpenProcessToken
GetTokenInformation
GetLengthSid
CopySid
RegEnumKeyExW
RegEnumKeyW
RegQueryValueW
StartServiceCtrlDispatcherW
CreateServiceW
RegisterEventSourceW
ReportEventW
DeregisterEventSource
SetServiceStatus
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
CryptDeriveKey

shell32

SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDesktopFolder
SHAppBarMessage
DragQueryFileW
DragFinish
ShellExecuteW
SHGetFileInfoW
SHChangeNotify
SHGetFolderPathW
CommandLineToArgvW

ole32

CoTaskMemFree
CoInitializeEx
CoLockObjectExternal
OleRun
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateGuid
CoInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CreateStreamOnHGlobal
DoDragDrop
OleGetClipboard
RegisterDragDrop
CLSIDFromProgID
CoCreateInstance
RevokeDragDrop
CLSIDFromString
CoUninitialize

oleaut32

VariantChangeType
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen
VarBstrFromDate
GetErrorInfo
VariantInit
SysFreeString
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocString

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_GetIconSize

shlwapi

PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW
PathIsUNCW

ws2_32

inet_ntoa
gethostbyname
gethostname
WSAStartup
htonl
__WSAFDIsSet
select
ioctlsocket
send
recv
ntohs
ntohl
closesocket
htons
listen
bind
setsockopt
socket
shutdown
connect
getsockname
accept
WSAGetLastError
inet_addr
WSACleanup

gdiplus

GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

timeGetTime
PlaySoundW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 389KB - Virtual size: 389KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6e678efd5900a84fe243311bfd4ebbe

Headers

DLL Characteristics

File Characteristics

Imports

user32

netapi32

winhttp

kernel32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

ws2_32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 389KB - Virtual size: 389KB

.data Size: 35KB - Virtual size: 69KB

.rsrc Size: 1024B - Virtual size: 588B

.reloc Size: 202KB - Virtual size: 201KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 389KB - Virtual size: 389KB

.data
Size: 35KB - Virtual size: 69KB

.rsrc
Size: 1024B - Virtual size: 588B

.reloc
Size: 202KB - Virtual size: 201KB