bb08689787fcb4bc029679acd1708177_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bb08689787fcb4bc029679acd1708177_JaffaCakes118
Size

558KB
MD5

bb08689787fcb4bc029679acd1708177
SHA1

1196862efcda000b348ace3189191e36e700791b
SHA256

9875c102bbe89ad636096efca6b04d6b843529eb9717d822f7b0b42a087c7332
SHA512

15b5e7654ac67727b4d4942a21559858e056c6789685f7401ab19f0b8a043278ed5a0c13940f0903bebbc8c8d5afa86acd7cad72721c36a7a801bd19f142c46c
SSDEEP

12288:81M6LVFTIp5uFCGTlbmb6UXitm9eGFNK2g9:81DTIpqrY6yixGFvw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
bb08689787fcb4bc029679acd1708177_JaffaCakes118

Files

bb08689787fcb4bc029679acd1708177_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d5d6fc29c08b1092ee6708fd256d2d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
GetProfileStringA
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
HeapReAlloc
GetACP
RaiseException
HeapAlloc
HeapFree
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
CopyFileA
GlobalSize
GetOEMCP
GetCPInfo
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetProcessVersion
GetCurrentDirectoryA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
SizeofResource
GlobalFlags
GetProfileIntA
FormatMessageA
MulDiv
LocalAlloc
LocalLock
LocalUnlock
LocalFree
GetLastError
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
lstrcpynA
GetFileAttributesA
lstrlenW
LoadLibraryA
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalFindAtomA
SetLastError
FreeLibrary
GetTickCount
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalAddAtomA
CloseHandle
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalAlloc
GlobalDeleteAtom
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
lstrcmpA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
lstrcpyA
GetProcAddress
GetModuleHandleA

user32

LoadCursorA
DestroyCursor
MessageBeep
SetRect
GetTabbedTextExtentA
InvalidateRect
SetParent
IsRectEmpty
GetDC
WindowFromDC
ReleaseDC
InSendMessage
MapWindowPoints
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
WaitMessage
RegisterClipboardFormatA
MapDialogRect
GetWindow
SetWindowContextHelpId
wsprintfA
LockWindowUpdate
LoadMenuA
LoadAcceleratorsA
LoadStringA
GetNextDlgGroupItem
ShowWindow
SetWindowPos
MoveWindow
SetWindowLongA
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
LoadIconA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
SendMessageA
CharNextA
CharUpperA
DestroyIcon
GetSysColorBrush
GetLastActivePopup
MessageBoxA
SetCursor
ShowOwnedPopups
UnhookWindowsHookEx
PostMessageA
PostQuitMessage
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
GetSystemMetrics
InvertRect
GetDCEx
FindWindowA
WindowFromPoint
DestroyMenu
RemoveMenu
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
KillTimer
GetClientRect
SetTimer
EnableWindow
UpdateWindow
GetMenuStringA
InsertMenuA
FillRect
wvsprintfA
SetCursorPos
SetCapture
RedrawWindow
IsZoomed
GetSystemMenu
DeleteMenu
AppendMenuA
ClipCursor
InflateRect
CreateMenu
CopyAcceleratorTableA
PostThreadMessageA
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
GetDesktopWindow
ReleaseCapture
TranslateAcceleratorA
SetRectEmpty
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
SetFocus
PtInRect
GetClassNameA

gdi32

RestoreDC
SelectObject
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
DeleteObject
CreateRectRgn
SaveDC
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
StretchDIBits
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontA
SetBrushOrgEx
GetTextExtentPoint32A
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
GetTextColor
GetBkColor
LPtoDP
GetWindowOrgEx
GetMapMode
SetRectRgn
CombineRgn
CopyMetaFileA
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
UnrealizeObject
BitBlt
CreateRectRgnIndirect
DeleteDC
CreateDCA
SetAbortProc
StartDocA
StartPage
EndPage
EndDoc
AbortDoc
GetViewportOrgEx
CreatePen
Rectangle
PatBlt
GetCharWidthA
DPtoLP
GetStockObject
GetDeviceCaps
GetTextMetricsA
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateDIBitmap
GetTextExtentPointA
CreateFontIndirectA

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
PrintDlgA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueA
RegCloseKey
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
RegQueryValueA
GetFileSecurityA
SetFileSecurityA

shell32

ExtractIconA
DragQueryFileA
DragFinish
ShellAboutA
SHGetFileInfoA

comctl32

ImageList_ReplaceIcon
ord17
ImageList_Destroy
ImageList_Create

oledlg

ord8

ole32

WriteClassStm
ReleaseStgMedium
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
RevokeDragDrop
RegisterDragDrop
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
CoTaskMemFree
OleIsRunning
CreateItemMoniker
CoLockObjectExternal
WriteClassStg
GetRunningObjectTable
CreateFileMoniker
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CoDisconnectObject
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
CoRegisterClassObject
CreateBindCtx
OleDuplicateData
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromCLSID
CreateDataAdviseHolder
CreateOleAdviseHolder
CreateGenericComposite
CreateStreamOnHGlobal
OleRun
OleSaveToStream

olepro32

ord253

oleaut32

SysFreeString
SysStringByteLen
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
SysStringLen
SysAllocStringByteLen
VariantCopy
VariantChangeType
SysAllocString

wsock32

ioctlsocket
listen
connect
sendto
recvfrom
socket
inet_ntoa
WSAAsyncSelect
send
recv
closesocket
shutdown
htons
bind
htonl
accept
getpeername
ntohs
inet_addr
WSAGetLastError
WSASetLastError
WSAStartup
WSACleanup

Sections

.text
Size: 304KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d5d6fc29c08b1092ee6708fd256d2d2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

Sections

.text Size: 304KB - Virtual size: 303KB

.rdata Size: 84KB - Virtual size: 82KB

.data Size: 44KB - Virtual size: 61KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 304KB - Virtual size: 303KB

.rdata
Size: 84KB - Virtual size: 82KB

.data
Size: 44KB - Virtual size: 61KB

.rsrc
Size: 36KB - Virtual size: 34KB