ac73e8ca5024d859ddfae5f0de0d75ed_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ac73e8ca5024d859ddfae5f0de0d75ed_JaffaCakes118
Size

4.5MB
MD5

ac73e8ca5024d859ddfae5f0de0d75ed
SHA1

3a721256354a8a1fd472768e5e4b3779d2c4a233
SHA256

3459f7b6f2077a4205baab680da19c05a87c4a840481d7a937f470e85ad6a74a
SHA512

0ef64a38fc80804908d830212d323eadefbed79228da37964cf6726e6bbad46fb82a54579454760d6dcdc7cc2b8b5c096c3fbe0e38c91e8ed7b0571c79e8b16e
SSDEEP

98304:E7D1igFARRFS2mv6qFF0F6yCu8GhlYawY:/gEhhJhld

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac73e8ca5024d859ddfae5f0de0d75ed_JaffaCakes118

Files

ac73e8ca5024d859ddfae5f0de0d75ed_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8058fdcaf266383c54bfc42067c99514

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLCID
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleExW
GetSystemTimeAsFileTime
GetTimeZoneInformation
CreateThread
ExitThread
RtlUnwind
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualQuery
SetStdHandle
GetFileType
HeapQueryInformation
GetStdHandle
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetStringTypeW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDriveTypeW
OutputDebugStringW
IsValidLocale
EnumSystemLocalesW
GetDateFormatW
GetTimeFormatW
LCMapStringW
WriteConsoleW
GetCurrentDirectoryW
CreateFileW
SetEnvironmentVariableA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFlags
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameA
FlushFileBuffers
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
lstrcmpA
GetThreadLocale
FileTimeToSystemTime
FileTimeToLocalFileTime
SuspendThread
SetThreadPriority
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
GetCurrentProcessId
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
OutputDebugStringA
lstrlenA
ReadFile
InitializeCriticalSection
DecodePointer
HeapSize
RaiseException
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
ReleaseMutex
GetWindowsDirectoryA
SetEvent
FreeResource
ResumeThread
GlobalFree
MulDiv
CreateEventA
FindResourceA
GetTempPathA
MoveFileA
SetErrorMode
CreateMutexA
OpenMutexA
GetCommandLineA
CreateDirectoryA
SetLastError
MapViewOfFile
LocalFree
OpenFileMappingA
LocalAlloc
FreeLibrary
GetProcAddress
LoadLibraryA
UnmapViewOfFile
GetVersionExA
ExitProcess
lstrcpynA
GetTickCount
FindClose
FindNextFileA
DeleteFileA
RemoveDirectoryA
SetFileAttributesA
GetFileAttributesA
FindFirstFileA
WriteFile
SetFilePointer
GetFileSize
CreateFileA
CloseHandle
GetModuleFileNameA
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
FormatMessageA
GetLastError
MultiByteToWideChar
GetACP
FindResourceW
LoadResource
LockResource
SizeofResource
TerminateProcess
WideCharToMultiByte

user32

UnhookWindowsHookEx
SetWindowsHookExA
GetTopWindow
GetClassNameA
GetClassLongA
EqualRect
MapWindowPoints
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ValidateRect
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
PeekMessageA
RegisterWindowMessageA
WindowFromPoint
GetMenuItemCount
GetMenuItemID
GetLastActivePopup
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetDesktopWindow
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
DestroyWindow
CallNextHookEx
SendDlgItemMessageA
RedrawWindow
UnregisterClassA
AnimateWindow
SetWindowPos
SystemParametersInfoA
ReleaseCapture
SetCapture
PostMessageA
GetParent
DispatchMessageA
TranslateMessage
GetWindowLongA
CopyIcon
PtInRect
SetWindowLongA
CopyRect
GetSysColor
FillRect
MessageBoxA
GetCursorPos
UnregisterHotKey
RegisterHotKey
LoadIconA
GetWindowModuleFileNameA
SetForegroundWindow
ShowWindow
SendMessageA
MessageBeep
GetNextDlgGroupItem
PostThreadMessageA
IsWindowVisible
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
LoadIconW
EnumWindows
FindWindowA
GetWindowTextA
GetWindowTextLengthA
GetSubMenu
LoadMenuW
GetMessagePos
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ShowCaret
CreateCaret
GetKeyState
GetFocus
InvalidateRect
LoadCursorA
SetCursor
ScreenToClient
ClientToScreen
ReleaseDC
GetDC
WinHelpA
KillTimer
SetTimer
CopyImage
EnableWindow
SetRect
GetWindowRect
GetDlgCtrlID
GetWindow
MonitorFromWindow
IsWindow
DestroyIcon
IsRectEmpty
InvalidateRgn
CopyAcceleratorTableA
GetSysColorBrush
RealChildWindowFromPoint
CharUpperA
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatA
PostQuitMessage
IntersectRect
DestroyMenu
OffsetRect
CharNextA
GetMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
CreateDialogIndirectParamA
GetMonitorInfoA

gdi32

SaveDC
ExtSelectClipRgn
SetBkColor
SetMapMode
SetTextColor
GetObjectA
TextOutA
RestoreDC
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetBkColor
GetTextColor
GetMapMode
GetRgnBox
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetClipBox
Escape
CreatePen
CreateBitmap
GetTextExtentPoint32A
GetStockObject
DeleteObject
DeleteDC
SelectObject
GetDeviceCaps
BitBlt
Ellipse
CreateCompatibleBitmap
CreateCompatibleDC
GetPixel
SetPixel
CreateFontA
SetBkMode
ExtTextOutA
CreateSolidBrush

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegEnumValueA
RegOpenKeyExW
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueA
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextA
GetUserNameA
RegDeleteValueA
RegOpenKeyExA

shell32

SHGetSpecialFolderPathA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
Shell_NotifyIconA
ShellExecuteExA
ShellExecuteA
ExtractIconA
SHFileOperationA

comctl32

ImageList_ReplaceIcon
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_EndDrag
InitCommonControlsEx
ImageList_DragMove

shlwapi

PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
UrlUnescapeA
PathStripToRootA

ole32

CoRegisterMessageFilter
OleFlushClipboard
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoCreateGuid
StringFromCLSID
CoTaskMemAlloc
CoRegisterClassObject
CoRevokeClassObject
CoInitializeEx
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CLSIDFromString
CLSIDFromProgID
StringFromGUID2
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleIsCurrentClipboard

oleaut32

SafeArrayGetUBound
SafeArrayUnaccessData
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
VariantClear
VariantChangeType
OleCreateFontIndirect
SysAllocString
VariantCopy
SysStringLen
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayGetLBound
SafeArrayDestroy
SafeArrayAccessData
VariantInit
OleLoadPicture
SysFreeString

oledlg

ord8

gdiplus

GdiplusShutdown
GdipBitmapGetPixel
GdipGetImageWidth
GdipGetImageHeight
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromStream
GdipFree
GdipAlloc
GdiplusStartup

ws2_32

htons
socket
WSAGetLastError
setsockopt
connect
closesocket
send
recv
inet_ntoa
gethostbyname
inet_addr
accept
ioctlsocket
WSAStartup
select
getsockopt
shutdown
gethostname
WSACleanup
WSASetLastError
listen
bind

wininet

InternetCloseHandle
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetQueryOptionA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetSetCookieA
InternetGetCookieExA
FindNextUrlCacheEntryA
InternetReadFile
HttpQueryInfoA
FindFirstUrlCacheEntryA
InternetOpenUrlA
InternetCanonicalizeUrlA
InternetCrackUrlA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetAttemptConnect
InternetConnectA
InternetOpenA
DeleteUrlCacheEntry

winmm

sndPlaySoundA

oleacc

LresultFromObject
CreateStdAccessibleObject

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 823KB - Virtual size: 822KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8058fdcaf266383c54bfc42067c99514

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

ws2_32

wininet

winmm

oleacc

version

iphlpapi

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 823KB - Virtual size: 822KB

.data Size: 18KB - Virtual size: 121KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 190KB - Virtual size: 189KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 823KB - Virtual size: 822KB

.data
Size: 18KB - Virtual size: 121KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 190KB - Virtual size: 189KB