152b32757e113922b7c3dc2e1a65ef59_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

152b32757e113922b7c3dc2e1a65ef59_JaffaCakes118
Size

9.0MB
MD5

152b32757e113922b7c3dc2e1a65ef59
SHA1

a2aed9513fde0f57494b45f72400c437f7b2764a
SHA256

1108a256caf52be3508eac936e99d969011ebabbd8ae8ee9f8b572ff01826db3
SHA512

37b308f409121d6776f354f4da82369767e1095bc9a89ef9a5cb78e9ce11c450641210d73193162a561ddd6659cbf47f41c66267ebe06930f7e1481d3aa7cc4d
SSDEEP

98304:ONeV5umrECtLcVETtKoQXwtSVW85PHyyB9YvHurwYcYpJnJY9SceABEt0q6To2N4:ONeV56VEQCFISyB9YfuwYcYpJnJ3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
152b32757e113922b7c3dc2e1a65ef59_JaffaCakes118

Files

152b32757e113922b7c3dc2e1a65ef59_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d7622b365625d0585a96ee07679b8ce7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
htons
sendto
WSAStartup
WSACleanup
socket
gethostbyname
inet_ntoa
bind
recvfrom
shutdown

winmm

mixerSetControlDetails
waveInGetDevCapsA
waveOutGetNumDevs
PlaySoundA
waveOutOpen
waveInOpen
waveInStart
waveInGetErrorTextA
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
waveInUnprepareHeader
waveInPrepareHeader
waveInAddBuffer
waveInClose
waveOutSetVolume
waveOutGetDevCapsA
mixerOpen
mixerGetLineInfoA
mixerGetLineControlsA
mixerClose
mixerGetNumDevs
mixerGetDevCapsA
waveInGetNumDevs

msdmo

MoInitMediaType
MoFreeMediaType

kernel32

ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
GetVersionExA
ExitProcess
FindFirstFileA
FindClose
GetProcessId
CreateToolhelp32Snapshot
Process32Next
GetSystemTime
GetCurrentProcess
GetCurrentThread
SetPriorityClass
CreateThread
InterlockedIncrement
Sleep
FindResourceA
FreeResource
GlobalLock
GlobalUnlock
GlobalFree
CreateEventA
ResumeThread
GlobalAlloc
SetEvent
WaitForSingleObject
CloseHandle
ResetEvent
InterlockedDecrement
GetCurrentDirectoryA
GetWindowsDirectoryA
lstrcatA
CreateFileW
IsValidLocale
EnumSystemLocalesA
SetEnvironmentVariableA
WriteConsoleW
CompareStringW
GetTimeZoneInformation
GetStringTypeW
QueryPerformanceCounter
GetEnvironmentStringsW
lstrlenA
WinExec
lstrcpyA
lstrcmpA
MulDiv
lstrcpynA
LoadLibraryA
FreeLibrary
GetModuleHandleA
GetProcAddress
WideCharToMultiByte
FindResourceW
FreeEnvironmentStringsW
GetLocaleInfoW
LCMapStringW
GetConsoleMode
GetConsoleCP
GetStdHandle
SetHandleCount
IsValidCodePage
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcessHeap
IsProcessorFeaturePresent
GetFileType
SetStdHandle
HeapQueryInformation
HeapSize
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
EncodePointer
ExitThread
DecodePointer
GetSystemTimeAsFileTime
HeapAlloc
RtlUnwind
RaiseException
HeapFree
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathA
GetProfileIntA
GetNumberFormatA
GetTempPathA
GetTempFileNameA
GetFileTime
GetFileSizeEx
GetFileAttributesA
GetFileAttributesExA
SetErrorMode
GetACP
GetSystemDirectoryW
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
GetModuleHandleW
InterlockedExchange
GetTickCount
SuspendThread
SetThreadPriority
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetFullPathNameA
GetVolumeInformationA
LoadResource
LockResource
SizeofResource
HeapCreate
MultiByteToWideChar
lstrlenW
LocalFree
FormatMessageA
GlobalSize
CopyFileA
lstrcmpW
LoadLibraryW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
GetModuleFileNameA
GetCurrentProcessId
GetThreadLocale
lstrcmpiA
CreateFileA
DeleteFileA
MoveFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle

user32

ClientToScreen
WindowFromPoint
GetClassNameA
ReleaseCapture
GetDC
KillTimer
SetTimer
DrawTextA
LoadBitmapA
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
SystemParametersInfoA
CharLowerA
SetCapture
DefWindowProcA
DestroyWindow
GetDesktopWindow
GetWindowRect
GetKeyState
UpdateWindow
DrawFocusRect
FillRect
LoadImageA
IsWindow
InvalidateRect
GetWindowLongA
SetWindowLongA
RedrawWindow
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
GetMenuStringA
GetMenuState
TabbedTextOutA
DrawTextExA
GrayStringA
GetWindowDC
GetWindow
SetWindowPos
GetMenu
CallWindowProcA
GetDlgCtrlID
GetWindowPlacement
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
AdjustWindowRectEx
GetClassInfoA
GetClassInfoExA
MessageBoxA
ValidateRect
ShowScrollBar
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
ScrollWindow
SetForegroundWindow
GetMonitorInfoA
MonitorFromWindow
PeekMessageA
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
SetActiveWindow
GetLastActivePopup
GetForegroundWindow
GetWindowTextLengthA
GetFocus
RemovePropA
GetPropA
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
IsChild
WinHelpA
SendDlgItemMessageA
LoadIconA
RegisterWindowMessageA
GetNextDlgTabItem
IsWindowEnabled
CreateDialogIndirectParamA
GetActiveWindow
CheckMenuItem
EnableMenuItem
ModifyMenuA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckDlgButton
SetDlgItemTextA
IsDialogMessageA
MoveWindow
CharUpperA
GetKeyNameTextA
MapVirtualKeyA
DrawStateA
IntersectRect
RegisterClipboardFormatA
CharNextA
WaitMessage
PostQuitMessage
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
GetMenuItemInfoA
DestroyMenu
GetSysColorBrush
RealChildWindowFromPoint
CopyImage
SetRectEmpty
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
UnregisterClassA
DeleteMenu
LoadMenuW
NotifyWinEvent
GetAsyncKeyState
IsZoomed
IsRectEmpty
UnionRect
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
PostThreadMessageA
CopyAcceleratorTableA
InvalidateRgn
DestroyIcon
SetParent
DestroyAcceleratorTable
SetClassLongA
DrawIconEx
DrawFrameControl
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
BringWindowToTop
LockWindowUpdate
InvertRect
HideCaret
GetIconInfo
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
FrameRect
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
CharUpperBuffA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
EndPaint
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
SubtractRect
DestroyCursor
GetWindowRgn
GetSystemMetrics
LoadIconW
IsIconic
PostMessageA
SendMessageA
DrawIcon
LoadBitmapW
EnableWindow
MapWindowPoints
GetUpdateRect
OffsetRect
GetNextDlgGroupItem
SetWindowRgn
GetCapture
GetCursorPos
TrackPopupMenu
GetSystemMenu
AppendMenuA
CreatePopupMenu
EnumWindows
GetWindowThreadProcessId
IsWindowVisible
SetRect
EndDialog
SetFocus
GetWindowTextA
GetDlgItem
SetWindowTextA
ShowWindow
DrawEdge
CopyRect
MessageBeep
CopyIcon
GetMessagePos
GetParent
ReleaseDC
ScreenToClient
InflateRect
PtInRect
SetCursor
GetSysColor
LoadCursorA
RegisterClassA
BeginPaint
GetClientRect

gdi32

GetBoundsRect
SetPixelV
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
SetPaletteEntries
SelectObject
StretchBlt
GetTextFaceA
CopyMetaFileA
CreateDCA
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
CreateFontIndirectA
FrameRgn
GetStockObject
SelectClipRgn
CreateRectRgn
CombineRgn
GetPixel
CreateFontA
GetTextExtentPoint32A
SetBkMode
SetTextColor
CreateICA
GetDeviceCaps
GetTextMetricsA
CreatePen
CreateSolidBrush
DPtoLP
CreateBitmap
CreateCompatibleBitmap
GetMapMode
SetMapMode
SetBkColor
DeleteDC
Rectangle
ExtFloodFill
EnumFontFamiliesExA
SetPixel
SetDIBColorTable
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
CreateEllipticRgn
CreatePolygonRgn
GetRgnBox
CreateDIBSection
CreateRoundRectRgn
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetTextColor
GetBkColor
SetRectRgn
CreateRectRgnIndirect
CreateHatchBrush
GetObjectType
SelectPalette
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
DeleteObject
PatBlt
GetObjectA
CreateCompatibleDC
BitBlt
Polyline

advapi32

RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA

shell32

DragQueryFileA
DragFinish
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA
Shell_NotifyIconA
SHBrowseForFolderA
ShellExecuteA

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoCreateInstance
CoTaskMemFree
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDuplicateData
ReleaseStgMedium
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
OleRun
PropVariantClear
CoTaskMemAlloc
DoDragDrop

oleaut32

SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringByteLen
SysStringByteLen
SysFreeString
OleLoadPicture
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
OleCreateFontIndirect
SysStringLen
VariantCopy
GetErrorInfo
SysAllocString
VarBstrFromDate

msimg32

AlphaBlend
TransparentBlt

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA

oledlg

ord8

wsock32

recv
send
connect
WSASetLastError
WSAGetLastError
htonl
select
accept
closesocket
WSAAsyncSelect

gdiplus

GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipGetImagePaletteSize
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCreateFromHDC

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 328KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7.3MB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7622b365625d0585a96ee07679b8ce7

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

winmm

msdmo

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

oledlg

wsock32

gdiplus

oleacc

imm32

winspool.drv

comdlg32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 328KB - Virtual size: 327KB

.data Size: 27KB - Virtual size: 214KB

.rsrc Size: 7.3MB - Virtual size: 7.3MB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 328KB - Virtual size: 327KB

.data
Size: 27KB - Virtual size: 214KB

.rsrc
Size: 7.3MB - Virtual size: 7.3MB