0b824323d98ac966e5adcdf801db9d04_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b824323d98ac966e5adcdf801db9d04_JaffaCakes118
Size

836KB
MD5

0b824323d98ac966e5adcdf801db9d04
SHA1

6f3bcb37658cdd3ca3ef5922fbc431b8d4203b56
SHA256

5b480842228be1063cc6f6413b2a6413d7ca2b4a6a10d7ddf20cfe70896f17c5
SHA512

e0b422cd0bf0480b771b147e2b90ee66f8f9a0663eed28db3989df63dde56b03b6fc16737309d9ea3955a8cc8e7e151b89fd031362ede4c91e4272669bb3ab89
SSDEEP

12288:7i7t1ccCJ3QUshbreNmDxuSjlP1mXtJG2lbL86avFCFaU6:2h1MZZshfeNSlBQLF16

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b824323d98ac966e5adcdf801db9d04_JaffaCakes118

Files

0b824323d98ac966e5adcdf801db9d04_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4835193aec29a3b2db2b53f59b345ad0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_ntoa
ntohl
inet_addr
socket
htons
gethostbyaddr
send
WSAEventSelect
connect
WSASetLastError
ioctlsocket
recv
WSAGetLastError
select
__WSAFDIsSet
closesocket

kernel32

TerminateProcess
HeapSize
UnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetTimeZoneInformation
GetStdHandle
HeapReAlloc
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
VirtualProtect
GetSystemInfo
VirtualQuery
SetStdHandle
SetEnvironmentVariableA
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapFree
GetSystemTimeAsFileTime
HeapAlloc
CreateThread
ExitThread
RtlUnwind
GetTickCount
SetErrorMode
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetShortPathNameA
CreateFileA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
ResumeThread
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcmpA
GetLastError
SetLastError
MulDiv
GlobalAlloc
FormatMessageA
LocalFree
GetPrivateProfileStringA
WritePrivateProfileStringA
lstrcpynA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpyA
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetStringTypeExA
lstrcmpiA
CompareStringW
CompareStringA
GetVersion
MultiByteToWideChar
ResetEvent
InterlockedIncrement
SetThreadPriority
InterlockedDecrement
GetPrivateProfileIntA
SetEvent
lstrlenA
GetModuleFileNameA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CreateEventA
CloseHandle
WaitForMultipleObjectsEx
Sleep
FreeEnvironmentStringsA

user32

PostThreadMessageA
DeleteMenu
WindowFromPoint
SetRect
CharNextA
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
ValidateRect
ShowOwnedPopups
PostQuitMessage
SetWindowRgn
DrawIcon
IsRectEmpty
FindWindowA
IsZoomed
GetMenuItemInfoA
DestroyCursor
SetCursorPos
SetCapture
InflateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
DestroyMenu
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
WinHelpA
GetCapture
SetParent
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
ScrollWindow
MessageBoxA
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
TranslateMDISysAccel
DefFrameProcA
ShowScrollBar
GetMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
ScreenToClient
GetScrollInfo
SetScrollInfo
RegisterClassA
UnregisterClassA
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
SetWindowPos
IntersectRect
IsIconic
GetWindowPlacement
PtInRect
GetSystemMenu
RegisterClipboardFormatA
LockWindowUpdate
GetDCEx
GetNextDlgGroupItem
InvalidateRgn
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
CharUpperA
CopyAcceleratorTableA
MessageBeep
CreateWindowExA
DestroyIcon
LoadImageA
SetMenuItemInfoA
DrawEdge
GetCursor
IsMenu
DrawFrameControl
CloseWindow
DrawMenuBar
DrawFocusRect
DrawIconEx
DrawStateA
LoadBitmapA
MapWindowPoints
CallWindowProcA
ChildWindowFromPointEx
GetAsyncKeyState
ReleaseCapture
GetClassNameA
GetWindowLongA
SetWindowLongA
IsWindowVisible
BeginDeferWindowPos
EndDeferWindowPos
DeferWindowPos
EqualRect
CopyRect
RegisterWindowMessageA
SetMenuDefaultItem
GetCursorPos
SetForegroundWindow
LoadIconA
PostMessageA
LoadMenuA
GetSubMenu
wsprintfA
GetSysColor
GetParent
KillTimer
SetTimer
RedrawWindow
UpdateWindow
GetClientRect
GetWindowRect
SendMessageA
FillRect
OffsetRect
LoadCursorA
SetCursor
GetSystemMetrics
GetClassInfoA
SystemParametersInfoA
InvalidateRect
EnableWindow

gdi32

CreatePatternBrush
GetStockObject
CreatePen
PatBlt
CreateRectRgnIndirect
RectVisible
GetMapMode
GetTextExtentPoint32A
GetTextMetricsA
CreateEllipticRgn
LPtoDP
Ellipse
StretchDIBits
CreateFontA
GetBkColor
GetTextColor
GetRgnBox
EnumFontFamiliesExA
SetPixel
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SelectObject
Escape
ExtTextOutA
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
SetGraphicsMode
GetGraphicsMode
GetTextAlign
SetPixelV
CombineRgn
CreateFontIndirectA
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
DPtoLP
SetRectRgn
CreateRectRgn
GetViewportOrgEx
SetViewportOrgEx
DeleteObject
CreateSolidBrush
BitBlt
Rectangle
TextOutA

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteKeyA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegEnumKeyExA
InitiateSystemShutdownA
RegConnectRegistryA
RegCreateKeyExA
RegSetValueA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyA
RegDeleteValueA

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
ShellExecuteA

comctl32

ImageList_ReplaceIcon
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_GetIcon
ImageList_GetImageCount
ImageList_AddMasked
InitCommonControlsEx
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleLockRunning

oleaut32

OleCreateFontIndirect
VarDateFromStr
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantClear
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
VariantCopy
VariantInit
VariantChangeType

wsock32

WSACleanup
WSAStartup

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 488KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4835193aec29a3b2db2b53f59b345ad0

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wsock32

version

oleacc

Sections

.text Size: 488KB - Virtual size: 485KB

.rdata Size: 112KB - Virtual size: 110KB

.data Size: 16KB - Virtual size: 36KB

.rsrc Size: 216KB - Virtual size: 212KB

.text
Size: 488KB - Virtual size: 485KB

.rdata
Size: 112KB - Virtual size: 110KB

.data
Size: 16KB - Virtual size: 36KB

.rsrc
Size: 216KB - Virtual size: 212KB