0ca5e2533a142e402d5c18f1bf90432b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0ca5e2533a142e402d5c18f1bf90432b_JaffaCakes118
Size

652KB
MD5

0ca5e2533a142e402d5c18f1bf90432b
SHA1

229558379a0ec84b2dbda6ec403254eb58a1a3f7
SHA256

9a4605a81f51bd5885a850a9c252d1c188008d1046d06abc171541110ec50c16
SHA512

131a11cc9a86ff4802b9e0c7b64c4b3ad1bf2901230fa208961175a87fa662a59003abfcf8aaa8fbf4e0967657f8d5858aa435adf9a23eb54e7a1eddb2be8c96
SSDEEP

6144:ib343Oemmn36DWeENzgfe2n8cRtC/L+Qak8WxE69hE3qLVLZDpb+MzMVGQt1:mkOen36cNzgfe28cRtQ+Qa3CJ9G3q1Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ca5e2533a142e402d5c18f1bf90432b_JaffaCakes118

Files

0ca5e2533a142e402d5c18f1bf90432b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c42aafc9edbd4e4a7e7d139bcc21690

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAEventSelect
WSACreateEvent
connect
htons
shutdown
send
inet_addr
socket
WSAStartup
getsockname
recv
WSACloseEvent
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
closesocket
inet_ntoa
WSAGetLastError
WSACleanup

iphlpapi

GetAdaptersInfo

msimg32

AlphaBlend
TransparentBlt

userenv

CreateEnvironmentBlock

kernel32

DuplicateHandle
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetFileTime
RtlUnwind
HeapFree
HeapAlloc
SetErrorMode
GetFileType
ExitProcess
GetStartupInfoA
GetCommandLineA
RaiseException
GetTimeZoneInformation
GetSystemTime
GetACP
ExitThread
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
CompareStringA
CompareStringW
SetStdHandle
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GlobalFlags
GlobalAlloc
lstrcmpA
GetCurrentThread
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
FileTimeToLocalFileTime
GetThreadLocale
FormatMessageA
lstrcpynA
GetModuleFileNameA
WideCharToMultiByte
InterlockedIncrement
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
SizeofResource
LoadResource
LockResource
GetLocalTime
FileTimeToSystemTime
WriteFile
GetFileAttributesA
ReadFile
SetFilePointer
MultiByteToWideChar
SetLastError
TerminateProcess
OpenEventA
CreateEventA
LocalFree
GetCurrentDirectoryA
GetTickCount
EnterCriticalSection
LeaveCriticalSection
GetComputerNameA
DeleteCriticalSection
InitializeCriticalSection
CreateThread
SetCurrentDirectoryA
WinExec
GetCurrentProcess
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
ProcessIdToSessionId
Process32Next
OpenProcess
CreateFileA
GetFileSize
GetVersion
lstrlenA
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
GetLastError
CreateProcessA
WaitForSingleObject
CloseHandle
OutputDebugStringA
GetExitCodeThread
TerminateThread
lstrcatA
MulDiv
InterlockedDecrement
GetVersionExA
WritePrivateProfileStringA
lstrcpyA
GetProfileStringA
HeapReAlloc

user32

PostThreadMessageA
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
LoadStringA
GetSysColorBrush
GetClassNameA
MapDialogRect
SetWindowContextHelpId
SetCursor
PostQuitMessage
DestroyMenu
ValidateRect
CharNextA
GetWindowDC
ClientToScreen
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
SetFocus
AdjustWindowRectEx
ScreenToClient
IsWindowVisible
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetKeyState
CharUpperA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowPos
IntersectRect
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
SystemParametersInfoA
GetAsyncKeyState
CallNextHookEx
GetDlgCtrlID
GetCaretPos
ExitWindowsEx
GetMessageA
DispatchMessageA
TranslateMessage
LoadIconA
LoadMenuA
GetSubMenu
GetCursorPos
TrackPopupMenu
RegisterWindowMessageA
MessageBoxA
BlockInput
GetDesktopWindow
CopyRect
InflateRect
OffsetRect
GetSysColor
InvalidateRect
UpdateWindow
GetWindowLongA
SetWindowLongA
UnhookWindowsHookEx
BringWindowToTop
SetForegroundWindow
SetWindowsHookExA
FindWindowA
PostMessageA
RegisterClipboardFormatA
LoadImageA
ShowCursor
GetSystemMetrics
GetFocus
DefWindowProcA
LoadCursorA
LoadBitmapA
ReleaseCapture
SetCapture
GetDC
ReleaseDC
PtInRect
GetParent
RedrawWindow
wsprintfA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetClientRect
GetWindowRect
SendMessageA
EnableWindow
SetTimer
KillTimer
CreateWindowExA
MessageBeep
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
GetMessagePos

gdi32

GetViewportExtEx
GetWindowExtEx
CreatePen
GetMapMode
PatBlt
DPtoLP
GetBkColor
ScaleWindowExtEx
LPtoDP
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
LineTo
MoveToEx
IntersectClipRect
CreateCompatibleBitmap
SelectObject
SetStretchBltMode
StretchBlt
DeleteDC
GetTextExtentPoint32A
DeleteObject
CreateSolidBrush
CreateFontA
CreateFontIndirectA
Rectangle
GetObjectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetTextExtentPointA
CreateDIBitmap
BitBlt
CreateCompatibleDC
GetDeviceCaps
GetTextColor
CreateBitmap
SetBkMode
GetStockObject
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
GetDIBits

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

CreateServiceA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
CreateProcessAsUserA
RegDeleteKeyA
RegCreateKeyExA
RegEnumKeyA
RegOpenKeyA
GetTokenInformation
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
ConvertStringSecurityDescriptorToSecurityDescriptorA
ControlService
DeleteService
RegCloseKey
ChangeServiceConfig2A
StartServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
RegDeleteValueA
OpenProcessToken
LookupPrivilegeValueA
DuplicateTokenEx
SetTokenInformation
AdjustTokenPrivileges

shell32

Shell_NotifyIconA

comctl32

_TrackMouseEvent
ord17
ImageList_Destroy

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
VariantCopy
VariantTimeToSystemTime
VariantClear
VariantChangeType
SysAllocStringLen
SysAllocString
SysFreeString

shlwapi

PathAppendA

clientinfo

?GetHWInfo@@YGHPAKPAD111@Z

Sections

.text
Size: 328KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 635KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c42aafc9edbd4e4a7e7d139bcc21690

Headers

File Characteristics

Imports

ws2_32

iphlpapi

msimg32

userenv

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

shlwapi

clientinfo

Sections

.text Size: 328KB - Virtual size: 324KB

.rdata Size: 64KB - Virtual size: 60KB

.data Size: 32KB - Virtual size: 635KB

.rsrc Size: 224KB - Virtual size: 223KB

.text
Size: 328KB - Virtual size: 324KB

.rdata
Size: 64KB - Virtual size: 60KB

.data
Size: 32KB - Virtual size: 635KB

.rsrc
Size: 224KB - Virtual size: 223KB