06c81d56ae04a2d8ee6810ec6272d289_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06c81d56ae04a2d8ee6810ec6272d289_JaffaCakes118
Size

864KB
MD5

06c81d56ae04a2d8ee6810ec6272d289
SHA1

1cac64242d3930017888d7efcf07d89a227f4001
SHA256

d443f966d4daa665bb303b087ba6377a8d3a0bfa77044cfb3e0d561699d03b23
SHA512

73486207fe79217c4985f5f59826e15df7bfc134c39f7d1e6bdf15ae87ea79d068d55b29e6824e0a09969056a949e1c50f4112d44070bb879930232882b89bc2
SSDEEP

24576:DDwEKXxWWPisooU3851kEqq0CHLWTHFmsqc8:UW6iso38fkEqqvEQc8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06c81d56ae04a2d8ee6810ec6272d289_JaffaCakes118

Files

06c81d56ae04a2d8ee6810ec6272d289_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6299c8acab97503e8df2940908158ffe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\V3_1.1\V3 User Interface\bin\PrayayaV3_r.pdb

Imports

kernel32

GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
GetVersion
ConvertDefaultLocale
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
InterlockedIncrement
SetErrorMode
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitThread
CreateThread
GetCurrentDirectoryA
RtlUnwind
RaiseException
HeapReAlloc
ExitProcess
HeapSize
VirtualProtect
GetSystemInfo
VirtualQuery
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
CompareStringA
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
InterlockedExchange
GetModuleHandleA
InterlockedDecrement
GetFileTime
FileTimeToLocalFileTime
GetFullPathNameW
GetCurrentProcess
DuplicateHandle
UnlockFile
CopyFileExW
GetLongPathNameW
SetThreadContext
GetThreadContext
CreateRemoteThread
WriteProcessMemory
SetEnvironmentVariableW
VirtualProtectEx
VirtualAllocEx
OpenFileMappingW
RemoveDirectoryW
GetLogicalDrives
QueryDosDeviceW
GetDriveTypeW
DeviceIoControl
lstrcpynW
lstrcpynA
LockFile
GetThreadLocale
MoveFileW
GlobalAlloc
FormatMessageW
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
SetLastError
GetModuleHandleW
GetVersionExA
FileTimeToSystemTime
GetTickCount
UnmapViewOfFile
SystemTimeToFileTime
GetCurrentDirectoryW
SetFileTime
LocalFileTimeToFileTime
GetLastError
GetVolumeInformationW
GetFileSizeEx
GetLocalTime
GetCommandLineW
GetCurrentThread
SetThreadPriority
GetModuleFileNameA
SetFileAttributesW
FlushFileBuffers
CreateMutexW
LocalFree
SetEndOfFile
SetFilePointer
MoveFileExW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetDiskFreeSpaceExW
SuspendThread
ResumeThread
CreateProcessW
FreeLibrary
CopyFileW
CreateDirectoryW
Process32NextW
GetProcAddress
TerminateProcess
LoadLibraryW
OpenProcess
Process32FirstW
lstrcatA
CreateToolhelp32Snapshot
WideCharToMultiByte
Module32NextW
lstrcpyA
Module32FirstW
lstrlenA
ReleaseMutex
VirtualFree
lstrcmpiA
WaitForSingleObject
OpenMutexW
Sleep
VirtualAlloc
OutputDebugStringW
WriteFile
GetUserDefaultLCID
CloseHandle
ReadFile
GetFileSize
CreateFileW
GetEnvironmentVariableW
MultiByteToWideChar
GetCurrentProcessId
GetPrivateProfileIntW
ExpandEnvironmentStringsW
QueryPerformanceCounter
GetVersionExW
DeleteFileW
QueryPerformanceFrequency
MapViewOfFile
CreateFileMappingW
GetUserDefaultLangID
GetFileAttributesW
GetPrivateProfileStringW
LoadResource
WritePrivateProfileStringW
LockResource
FindResourceW
SizeofResource
lstrcatW
lstrcmpiW
FindClose
FindNextFileW
FindFirstFileW
lstrcmpW
lstrcpyW
lstrlenW
SetHandleCount
GetModuleFileNameW

user32

CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
TrackPopupMenuEx
GetKeyState
IsWindowVisible
UpdateWindow
GetMenu
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
GetScrollInfo
CopyRect
SetWindowsHookExW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
FlashWindow
LoadMenuW
UnregisterDeviceNotification
DrawTextW
DrawIcon
SetMenuItemInfoW
GetSystemMetrics
IsIconic
RegisterWindowMessageW
RegisterDeviceNotificationW
CreateMenu
RegisterHotKey
CheckMenuItem
SetLayeredWindowAttributes
EnableMenuItem
GetCapture
IsChild
DrawIconEx
EnableWindow
LoadStringW
InvalidateRect
SendMessageW
SetWindowLongW
CreateWindowExW
BringWindowToTop
DestroyMenu
LockWindowUpdate
UnregisterHotKey
GetCursorPos
GetDesktopWindow
DestroyIcon
DispatchMessageW
TranslateMessage
PostThreadMessageW
IsDialogMessageW
GetMessageW
GetClientRect
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
EndDialog
GetNextDlgTabItem
IsWindowEnabled
CreateDialogIndirectParamW
GetActiveWindow
SystemParametersInfoW
AnimateWindow
SetWindowTextW
MoveWindow
PtInRect
UnionRect
GetMenuItemCount
GetMenuItemID
ModifyMenuW
GetClassNameW
GetWindow
DrawFocusRect
DrawEdge
SetWindowRgn
FrameRect
GetWindowRgn
EnumChildWindows
UnregisterClassA
GetSubMenu
GetWindowLongW
EnumWindows
LoadIconW
MessageBoxW
wsprintfW
GetWindowThreadProcessId
SendMessageTimeoutW
IsWindow
PostMessageW
ShowWindow
SetWindowPos
SetForegroundWindow
KillTimer
SetTimer
LoadCursorW
SetCursor
RegisterClipboardFormatW
WindowFromPoint
MessageBeep
GetNextDlgGroupItem
ReleaseCapture
SetCapture
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
UnregisterClassW
GetSysColorBrush
ValidateRect
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
TabbedTextOutW
FillRect
InflateRect
CharUpperW
ReleaseDC
GetDC
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
InsertMenuW
GetWindowTextW
GetWindowRect
DrawTextExW

gdi32

SetMapMode
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ExtSelectClipRgn
GetStockObject
CreateSolidBrush
GetTextMetricsW
CombineRgn
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
RestoreDC
SaveDC
GetTextExtentPoint32W
ExtTextOutW
CreateFontIndirectW
CreateRectRgnIndirect
CreateBitmap
GetDeviceCaps
GetObjectW
SetBkColor
GetClipBox
SetTextColor
DeleteDC
FrameRgn
CreateRoundRectRgn
SetPixel
DeleteObject
SetBkMode
BitBlt
SelectObject
CreateCompatibleBitmap
ScaleWindowExtEx
GetCurrentObject
CreateCompatibleDC

comdlg32

GetOpenFileNameW
GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegDeleteKeyW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueW
RegSetValueExW
RegOpenKeyW
RegQueryValueW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyW
RegCloseKey
RegQueryValueExW

shell32

SHGetFileInfoW
SHGetSpecialFolderPathW
SHFileOperationW
CommandLineToArgvW
SHGetFolderPathW
Shell_NotifyIconW
SHCreateDirectoryExW
ExtractIconW

comctl32

_TrackMouseEvent
InitCommonControlsEx
ord14

shlwapi

PathFindFileNameW
StrStrIW
PathGetDriveNumberW
PathFindExtensionW
PathIsPrefixW
SHDeleteKeyW
PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
StrChrIW
PathIsDirectoryW

oledlg

OleUIBusyW

ole32

CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoFreeUnusedLibraries

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysStringLen
VariantInit
VariantChangeType

wininet

InternetReadFileExA
InternetOpenA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
HttpQueryInfoW
InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetReadFile
InternetCloseHandle
InternetSetOptionW
InternetOpenUrlW
InternetSetFilePointer
InternetCrackUrlW
FtpOpenFileW
FtpGetFileSize

gdiplus

GdiplusStartup
GdipAlloc
GdipFree
GdipCloneImage
GdipLoadImageFromFile
GdipDrawImageI
GdipDisposeImage
GdipCloneBitmapAreaI
GdipCreateBitmapFromHBITMAP
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromHICON
GdipCreateFromHDC
GdipSetPenDashStyle
GdipDrawEllipseI
GdipCreateSolidFill
GdipSetSmoothingMode
GdipDrawRectangleI
GdipFillEllipseI
GdipFillRectangleI
GdipCloneBrush
GdipCreatePen1
GdipDeletePen
GdipDeleteBrush
GdipDeleteGraphics
GdipDrawImageRectI
GdipDrawImagePointRectI
GdipCreateTexture

ws2_32

connect
inet_ntoa
closesocket
htons
socket

dnsapi

DnsQuery_W
DnsRecordListFree

v3communication

ord3
ord5
ord4

setupapi

SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW

msimg32

GradientFill

Sections

.text
Size: 648KB - Virtual size: 645KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6299c8acab97503e8df2940908158ffe

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

gdiplus

ws2_32

dnsapi

v3communication

setupapi

msimg32

Sections

.text Size: 648KB - Virtual size: 645KB

.rdata Size: 152KB - Virtual size: 148KB

.data Size: 16KB - Virtual size: 37KB

.rsrc Size: 44KB - Virtual size: 42KB

.text
Size: 648KB - Virtual size: 645KB

.rdata
Size: 152KB - Virtual size: 148KB

.data
Size: 16KB - Virtual size: 37KB

.rsrc
Size: 44KB - Virtual size: 42KB