a9dc49dd57aff8a1715ddf65bd677b34_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a9dc49dd57aff8a1715ddf65bd677b34_JaffaCakes118
Size

10.4MB
MD5

a9dc49dd57aff8a1715ddf65bd677b34
SHA1

0fd4ac2bd23964930ddcb8b7de1a370b5da2579e
SHA256

717b4980291638ac5801155d35c0add185a2a715443aaa04248f447ea2d3bf32
SHA512

a32b573fb35551b7870970b9d6871dec696493a4f66e89ced7e073c42b45c8e7cd60dfbbbce7045764e297f7ef3e015013670a85bde6cde91a85708336474b66
SSDEEP

196608:ynJAw+Ky+je+jOunIiqiiqxiqqeD8P3RQmRQJRQQ+9+8S4DjQ2d2foP/g:WJAaqzqkqh+AtUfg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9dc49dd57aff8a1715ddf65bd677b34_JaffaCakes118

Files

a9dc49dd57aff8a1715ddf65bd677b34_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a3d915578c52e8c3bd5a267fb11aa021

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winscard

SCardReconnect
g_rgSCardT1Pci
SCardReleaseContext
SCardTransmit
SCardDisconnect
g_rgSCardT0Pci

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LocalAlloc
GetVersionExA
lstrcmpW
LoadLibraryA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetCurrentThreadId
FreeResource
InterlockedIncrement
SetThreadPriority
ResumeThread
WaitForSingleObject
SetEvent
SuspendThread
CreateEventW
InterlockedExchange
CompareStringA
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
WritePrivateProfileStringW
InterlockedDecrement
GetModuleHandleA
lstrlenA
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GetFileSizeEx
GetFileTime
InitializeCriticalSection
GlobalFlags
GetStartupInfoW
RtlUnwind
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapReAlloc
CreateThread
ExitProcess
SetStdHandle
GetFileType
HeapSize
VirtualProtect
VirtualAlloc
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
GetThreadLocale
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
MulDiv
SetLastError
GetSystemDefaultUILanguage
GetUserDefaultLCID
GetLocaleInfoW
DeleteFileW
GetVersionExW
GetSystemInfo
GetCurrentProcessId
OpenProcess
DeviceIoControl
SetFileTime
GetCurrentDirectoryW
GetFileAttributesW
CreateDirectoryW
WideCharToMultiByte
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFilePointer
ExitThread
GetFileSize
GetTempPathW
GetTempFileNameW
GetModuleHandleW
GetModuleFileNameW
FlushFileBuffers
SetCommState
GetCommState
ClearCommError
ReadFileEx
WriteFileEx
GetTickCount
ReadFile
GetLastError
FormatMessageW
lstrcpynW
LocalFree
FreeLibrary
LoadLibraryW
GetProcAddress
Sleep
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
CreateFileW
WriteFile
CloseHandle

user32

GetSysColorBrush
LoadCursorW
CopyAcceleratorTableW
IsRectEmpty
SetRect
InvalidateRgn
SetCapture
ReleaseCapture
WindowFromPoint
GetNextDlgGroupItem
MessageBeep
UnregisterClassW
RegisterClipboardFormatW
PostThreadMessageW
DestroyMenu
SetRectEmpty
IsZoomed
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
SetCursor
PostQuitMessage
GetMessageW
TranslateMessage
ValidateRect
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
CharNextW
IsWindowEnabled
ShowWindow
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
EndPaint
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetParent
EqualRect
DeferWindowPos
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
GetWindowLongW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetDesktopWindow
CharUpperW
GetMenuState
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ReleaseDC
GetDC
SendDlgItemMessageA
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetSysColor
GetCursorPos
InvalidateRect
ScreenToClient
PtInRect
CopyRect
LoadIconW
KillTimer
SetTimer
GetClientRect
IsIconic
GetSystemMenu
DrawIcon
GetSystemMetrics
SendMessageW
EnableWindow
wsprintfW
PostMessageW
MoveWindow

gdi32

GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetTextMetricsW
GetRgnBox
GetMapMode
ExtSelectClipRgn
DeleteObject
SelectObject
GetTextColor
GetBkColor
GetStockObject
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
GetTextExtentPoint32W
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateRectRgnIndirect
ExtTextOutW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
RegOpenKeyW
RegSetValueExW
RegCreateKeyW
RegQueryValueExW

shell32

ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

VariantCopy
OleCreateFontIndirect
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocString
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime

winhttp

WinHttpSendRequest
WinHttpReceiveResponse
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpOpen
WinHttpSetTimeouts
WinHttpConnect
WinHttpOpenRequest
WinHttpSetOption

psapi

GetProcessMemoryInfo

wininet

InternetQueryDataAvailable
InternetSetOptionExW
HttpQueryInfoW
InternetCloseHandle
InternetGetLastResponseInfoW
InternetOpenW
InternetSetStatusCallbackW
InternetSetFilePointer
InternetWriteFile
InternetReadFile
HttpSendRequestW
InternetConnectW
HttpOpenRequestW

Sections

.text
Size: 382KB - Virtual size: 381KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9.7MB - Virtual size: 9.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 461KB - Virtual size: 461KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3d915578c52e8c3bd5a267fb11aa021

Headers

DLL Characteristics

File Characteristics

Imports

winscard

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

winhttp

psapi

wininet

Sections

.text Size: 382KB - Virtual size: 381KB

.rdata Size: 99KB - Virtual size: 98KB

.data Size: 9.7MB - Virtual size: 9.7MB

.rsrc Size: 461KB - Virtual size: 461KB

.text
Size: 382KB - Virtual size: 381KB

.rdata
Size: 99KB - Virtual size: 98KB

.data
Size: 9.7MB - Virtual size: 9.7MB

.rsrc
Size: 461KB - Virtual size: 461KB