05cf32b9cb045284ca8972a2c3ca4426_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

05cf32b9cb045284ca8972a2c3ca4426_JaffaCakes118
Size

755KB
MD5

05cf32b9cb045284ca8972a2c3ca4426
SHA1

82326229c58d35c2f4c819fdd1ed72ec8e638c92
SHA256

acd2b75ab64e7d14baccf5ece55dcdaf84908031a977bebfb86878824b754fee
SHA512

48b60afd7f3cfcd2321fa6603e01864e08f751f363eb0307149458e49120b110faed899fd880d8cd77dfd9cb22f5e05daadd7b002ab54d0e5cc741344d25510b
SSDEEP

12288:rb0aM+xIaJz2IrakhZjUd1Tl51bI2bXmeYQb:rb0aM+xFdfjUdJL1rmeYe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05cf32b9cb045284ca8972a2c3ca4426_JaffaCakes118

Files

05cf32b9cb045284ca8972a2c3ca4426_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81f33fd93dff16b0232d6a99db404ccb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey

comctl32

_TrackMouseEvent
InitCommonControls
ImageList_Destroy

gdi32

CombineRgn
CreateRectRgn
GetDIBits
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
DeleteDC
SaveDC
RestoreDC
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
IntersectClipRect
DeleteObject
CreateSolidBrush
PatBlt
GetTextColor
GetDeviceCaps
StretchBlt
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
LPtoDP
CreateCompatibleBitmap
GetMapMode
DPtoLP
GetBkColor
BitBlt
GetTextExtentPoint32A
GetStockObject
CreateFontIndirectA
CreatePalette
RealizePalette
CreateDIBitmap
GetObjectA
GetTextExtentPointA
CreateCompatibleDC

kernel32

RtlUnwind
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
TerminateProcess
CreateThread
ExitThread
HeapReAlloc
HeapSize
GetACP
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LockResource
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
lstrcpy
SetFilePointer
GetFileSize
CloseHandle
WriteFile
LockResource
LoadResource
SizeofResource
CreateFileA
FindResourceA
CreateDirectoryA
GetModuleFileNameA
GetModuleHandleA
GetLastError
CreateMutexA
GetTickCount
Sleep
lstrcmp
SetErrorMode
GetFileTime
GetFileAttributesA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
GetTempPathA
IsBadCodePtr
GlobalUnlock
GlobalLock
GlobalAlloc
LocalFree
FormatMessageA
DeleteFileA
LocalAlloc
GlobalFlags
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
GetCurrentThread
lstrcpyn
RestoreLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
SetFileAttributesA
InterlockedIncrement
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpi
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GlobalFree
GetProcAddress
MulDiv
CreateProcessA
ReadFile
lstrcat
lstrlen
WinExec
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary

oleaut32

SysAllocString
VariantTimeToSystemTime
VariantChangeType
SysAllocStringByteLen
VariantCopy
VariantClear
SysStringLen
SysAllocStringLen
SysFreeString

olepro32

OleCreateFontIndirect
OleLoadPicture

shell32

ShellExecuteA
SHGetFileInfo

user32

WindowFromPoint
CharUpperA
GetClassNameA
GetDesktopWindow
CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
RegisterClipboardFormatA
PostThreadMessageA
EndPaint
BeginPaint
ClientToScreen
LoadStringA
wvsprintfA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
ShowWindow
SetWindowTextA
IsDialogMessage
SetDlgItemTextA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
IsWindowVisible
DestroyMenu
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
RegisterClipboardFormatA
OffsetRect
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
SetWindowPos
PostMessageA
GetWindowDC
SystemParametersInfoA
SetWindowRgn
GetSysColorBrush
FindWindowA
SetRect
CopyRect
RedrawWindow
LockWindowUpdate
GrayStringA
DrawTextA
TabbedTextOutA
LoadCursorA
CopyIcon
GetParent
GetDC
ReleaseDC
InflateRect
SetCursor
GetMessagePos
PtInRect
MessageBeep
SetWindowLongA
DestroyCursor
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetForegroundWindow
LoadMenuA
EnableMenuItem
GetSubMenu
SetPropA
PostQuitMessage
IsIconic
GetSystemMetrics
DrawIcon
KillTimer
InvalidateRect
SetTimer
GetSysColor
GetClientRect
GetDlgItem
MoveWindow
LoadBitmapA
SendMessageA
IsWindow
GetWindowRect
GetWindow
GetWindowLongA
ScreenToClient
GetWindowTextA
LoadIconA
EnableWindow
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
GetWindowTextLengthA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

ws2_32

socket
closesocket
htons
recv
getpeername
bind
listen
accept
WSAStartup
send
WSAGetLastError
ioctlsocket

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

ole32

CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries

oledlg

OleUIBusyA

Sections

FoBnN
Size: 521KB - Virtual size: 540KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 223KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mackt
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

81f33fd93dff16b0232d6a99db404ccb

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

oleaut32

olepro32

shell32

user32

winspool.drv

ws2_32

comdlg32

ole32

oledlg

Sections

FoBnN Size: 521KB - Virtual size: 540KB

.rsrc Size: 223KB - Virtual size: 228KB

.petite Size: 1KB - Virtual size: 4KB

.mackt Size: 8KB - Virtual size: 12KB

FoBnN
Size: 521KB - Virtual size: 540KB

.rsrc
Size: 223KB - Virtual size: 228KB

.petite
Size: 1KB - Virtual size: 4KB

.mackt
Size: 8KB - Virtual size: 12KB