18a128a175e64fba6f74cc6f75c319e5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

18a128a175e64fba6f74cc6f75c319e5_JaffaCakes118
Size

5.6MB
MD5

18a128a175e64fba6f74cc6f75c319e5
SHA1

45ba61a5ed1f6d92ef6aa24699e72181035aff16
SHA256

bc662455a9b935c0203b8fcd3b4d1143b1f52cafcdb1c6f3247224aab02649c2
SHA512

dc73ae82a6eb9146564cbc0254626723bd88f0f5344a5a45b95d03da9919bb5b4be6ffe27572c8ae3b9ade81a416d351716234060e4a68d63cc69d16d319be4b
SSDEEP

49152:FZux/YE5RcUwLV8SDZTgjuLbH31onGr2MILcz9oGdmfKBiqX:FZuNTcUG8yZTgju/HprzI7GaKBiq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18a128a175e64fba6f74cc6f75c319e5_JaffaCakes118

Files

18a128a175e64fba6f74cc6f75c319e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bec85a7f8d1a9c3ed713dad6906626ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmDisableIME

msimg32

AlphaBlend

ws2_32

WSACreateEvent
htonl
bind
listen
shutdown
send
recv
socket
connect
accept
closesocket
WSAEventSelect
WSACloseEvent
WSACleanup
WSAGetLastError
gethostname
inet_addr
inet_ntoa
gethostbyname
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
htons
WSAStartup

winmm

timeGetTime

d3d8

Direct3DCreate8

ddraw

DirectDrawCreateEx

mss32

_AIL_start_sample@4
_AIL_stop_sample@4
_AIL_shutdown@0
_AIL_file_read@8
_AIL_allocate_sample_handle@4
_AIL_mem_free_lock@4
_AIL_release_sample_handle@4
_AIL_init_sample@4
_AIL_set_named_sample_file@20
_AIL_set_sample_loop_count@8
_AIL_startup@0
_AIL_close_digital_driver@4
_AIL_last_error@0
_AIL_set_sample_volume_pan@12
_AIL_open_digital_driver@16
_AIL_set_preference@8

kernel32

GetCurrentProcess
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GetFullPathNameA
GetThreadLocale
GetCurrentThread
lstrcmpA
SetThreadPriority
SuspendThread
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
SystemTimeToFileTime
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
RaiseException
CreateThread
ExitThread
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetFileType
GetStartupInfoA
GetCommandLineA
HeapReAlloc
SetEnvironmentVariableA
SetCurrentDirectoryA
HeapSize
GetACP
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
CompareStringW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SetLastError
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
EnterCriticalSection
DuplicateHandle
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetLastError
LocalFree
MoveFileA
SetVolumeLabelA
GetDriveTypeA
GetCurrentDirectoryA
MultiByteToWideChar
GetFileSize
GetDiskFreeSpaceA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
FormatMessageA
GetProcAddress
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
TerminateThread
CreateDirectoryA
CreateProcessA
SetFilePointer
ReadFile
InterlockedExchange
GetProfileStringA
GetFileTime
Sleep
CreateFileA
CloseHandle
FindClose
FindNextFileA
FindFirstFileA
CompareStringA
GetVersionExA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetTickCount
GetModuleFileNameA
MulDiv
lstrlenA
lstrcpynA
CreateEventA
GlobalFree
GlobalUnlock
GlobalLock
ResumeThread
GlobalAlloc
LockResource
SizeofResource
LoadResource
FindResourceA
WaitForSingleObject
ResetEvent
SetEvent
FreeLibrary
LoadLibraryA
lstrcpyA
WinExec
lstrcatA
QueryPerformanceFrequency
GetPrivateProfileIntA
WriteFile
DeleteFileA
SetFileAttributesA
GetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime

user32

CharUpperA
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageA
GetNextDlgGroupItem
SetWindowContextHelpId
MapDialogRect
CopyAcceleratorTableA
CharNextA
LoadStringA
GetSysColorBrush
DestroyMenu
RegisterClipboardFormatA
PostThreadMessageA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
MapWindowPoints
DispatchMessageA
SetFocus
AdjustWindowRectEx
GetScrollPos
GetTopWindow
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
CharToOemBuffA
OemToCharBuffA
wsprintfA
GetFocus
IsRectEmpty
IsWindow
GetMessagePos
MessageBeep
SetWindowLongA
IsChild
GetClassNameA
FillRect
GetWindowRect
GetWindowLongA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
DrawStateA
CopyRect
FrameRect
InflateRect
GetSysColor
DrawFocusRect
PeekMessageA
GetActiveWindow
GetParent
GetCapture
SetCapture
ClientToScreen
WindowFromPoint
ReleaseCapture
GetIconInfo
RedrawWindow
DestroyCursor
GetDesktopWindow
GetCursorPos
SetCursor
LoadCursorA
OffsetRect
FindWindowA
LoadImageA
IsIconic
DrawIcon
LoadBitmapA
GetDC
ReleaseDC
LoadIconA
IsWindowVisible
SetRect
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetMenuCheckMarkDimensions
GetMenuState
GetDlgCtrlID
ModifyMenuA
ScreenToClient
PtInRect
MessageBoxA
SendMessageA
PostMessageA
GetClientRect
SetWindowRgn
InvalidateRect
GetSystemMetrics
KillTimer
SetTimer
EnableWindow
SendDlgItemMessageA

gdi32

CreateSolidBrush
CreateDIBitmap
GetTextExtentPointA
PatBlt
GetMapMode
GetBkColor
GetTextColor
LPtoDP
DPtoLP
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
LineTo
MoveToEx
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetBkMode
SelectPalette
RestoreDC
SaveDC
GetClipBox
CreateBitmap
SetBkColor
SetTextColor
DeleteDC
GetStockObject
CreateCompatibleBitmap
DeleteObject
CreatePalette
SetDIBitsToDevice
RealizePalette
StretchDIBits
GetObjectA
GetDIBits
SelectObject
CreatePen
Rectangle
GetDeviceCaps
CreateFontA
BitBlt
CreateCompatibleDC
CreateRectRgn

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA

comctl32

ord17
ImageList_Destroy

oledlg

ord8

ole32

CoGetClassObject
CLSIDFromString
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CLSIDFromProgID

olepro32

ord253

oleaut32

SysStringLen
VariantChangeType
SysAllocStringByteLen
VariantCopy
VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
VariantClear
SysAllocString
VariantInit

wininet

HttpQueryInfoA
FtpGetFileSize
InternetConnectA
FtpOpenFileA
InternetOpenA
InternetSetOptionA
InternetOpenUrlA
InternetCloseHandle
InternetQueryDataAvailable
InternetReadFile

Exports

Exports

?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B

Sections

.text
Size: 680KB - Virtual size: 679KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bec85a7f8d1a9c3ed713dad6906626ae

Headers

File Characteristics

Imports

imm32

msimg32

ws2_32

winmm

d3d8

ddraw

mss32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 680KB - Virtual size: 679KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 84KB - Virtual size: 189KB

.rsrc Size: 4.6MB - Virtual size: 4.6MB

.text
Size: 680KB - Virtual size: 679KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 84KB - Virtual size: 189KB

.rsrc
Size: 4.6MB - Virtual size: 4.6MB