1b925a40804538fe0d1e25b2c331a1ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1b925a40804538fe0d1e25b2c331a1ea_JaffaCakes118
Size

4.5MB
MD5

1b925a40804538fe0d1e25b2c331a1ea
SHA1

6cdf9ae977277070484842070f97d69f5518d73c
SHA256

985c3a82139c14743565c6339108f529d253bcbf6ced99672b9170af1ef359cc
SHA512

07ba7ad0a9ec5286957a414348537891ca7018013ba5b64a6c1d42ed5053f703d2544448db3d49ebdc9da1a0571a2d73a0f1196b258ef5340bff0e2f547b8eb9
SSDEEP

98304:pkmcYbnwcw2jSITERjLhce7oRJwpiS3GWl:SYbnrw1Ce7F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b925a40804538fe0d1e25b2c331a1ea_JaffaCakes118

Files

1b925a40804538fe0d1e25b2c331a1ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba12b42a88b428d34e6a55651f923cc1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetFileSecurityA
GetUserNameA
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueA
RegQueryValueExA
RegSetValueA
RegSetValueExA
SetFileSecurityA

comctl32

ImageList_Add
ImageList_Create
ImageList_Destroy
ImageList_Draw
ImageList_DrawEx
ImageList_GetIconSize
InitCommonControls

comdlg32

CommDlgExtendedError
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

gdi32

AbortDoc
BitBlt
CloseEnhMetaFile
CombineRgn
CopyMetaFileA
CreateBitmap
CreateBitmapIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDIBSection
CreateDIBitmap
CreateEllipticRgn
CreateEnhMetaFileA
CreateFontIndirectA
CreateHalftonePalette
CreateHatchBrush
CreatePalette
CreatePatternBrush
CreatePen
CreatePolygonRgn
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
DPtoLP
DeleteDC
DeleteEnhMetaFile
DeleteObject
Ellipse
EndDoc
EndPage
EnumFontFamiliesA
EnumFontFamiliesExA
EqualRgn
Escape
ExcludeClipRect
ExtCreatePen
ExtFloodFill
ExtSelectClipRgn
ExtTextOutA
FillRgn
FrameRgn
GdiFlush
GetBkColor
GetBkMode
GetBoundsRect
GetCharWidthA
GetClipBox
GetCurrentPositionEx
GetDCOrgEx
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileA
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetMapMode
GetNearestColor
GetNearestPaletteIndex
GetObjectA
GetObjectType
GetPaletteEntries
GetPixel
GetPolyFillMode
GetROP2
GetRgnBox
GetStockObject
GetStretchBltMode
GetSystemPaletteEntries
GetSystemPaletteUse
GetTextAlign
GetTextCharsetInfo
GetTextColor
GetTextExtentPoint32A
GetTextExtentPointA
GetTextFaceA
GetTextMetricsA
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
IntersectClipRect
LPtoDP
LineTo
MoveToEx
OffsetClipRgn
OffsetRgn
OffsetViewportOrgEx
OffsetWindowOrgEx
PatBlt
PlayEnhMetaFile
Polygon
Polyline
PtInRegion
PtVisible
RealizePalette
RectVisible
Rectangle
ResizePalette
RestoreDC
RoundRect
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetDIBits
SetMapMode
SetPaletteEntries
SetPixel
SetPixelV
SetPolyFillMode
SetROP2
SetRectRgn
SetStretchBltMode
SetSystemPaletteUse
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StartDocA
StartPage
StretchBlt
StretchDIBits
TextOutA
UnrealizeObject

kernel32

Beep
BuildCommDCBA
CloseHandle
CompareFileTime
CompareStringA
CompareStringW
ConvertDefaultLocale
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateFileMappingA
CreateMutexA
CreateProcessA
CreateThread
DeleteCriticalSection
DeleteFileA
DeviceIoControl
DuplicateHandle
EnterCriticalSection
EnumResourceLanguagesA
EnumSystemLocalesA
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstFileA
FindNextFileA
FindResourceA
FindResourceExA
FlushFileBuffers
FlushInstructionCache
FormatMessageA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommProperties
GetCommState
GetCommTimeouts
GetCommandLineA
GetComputerNameA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileAttributesA
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetProcessTimes
GetProcessWorkingSetSize
GetProfileIntA
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeExA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetThreadLocale
GetThreadTimes
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadReadPtr
IsBadWritePtr
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalReAlloc
LockFile
LockResource
MapViewOfFile
MoveFileA
MulDiv
MultiByteToWideChar
OpenProcess
OutputDebugStringA
PurgeComm
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
SetLastError
ResumeThread
RtlUnwind
SearchPathA
SetCommState
SetCommTimeouts
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualLock
VirtualProtect
VirtualQuery
VirtualUnlock
WaitForDebugEvent
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringA
WriteProcessMemory
lstrcmp
lstrcmpW
lstrcmpi
lstrcpy
lstrlen
lstrlenW

ltdis10n

L_CreatePaintPalette
L_HalfToneBitmapExt
L_UnderlayBitmap

ltdlg10n

L_DlgGetAngle
L_DlgGetChange
L_DlgGetEmboss

ltefx10n

L_EfxDrawFrame

ltfil10n

L_FileInfo
L_GetExtFileOption
L_LoadBitmap
L_SaveFile
L_SaveFileOffset
L_SetComment
L_SetExtFileOption
L_SetWMFResolution

ltimg10n

L_AutoTrimBitmap
L_ChangeBitmapContrast
L_ChangeBitmapHue
L_ChangeBitmapIntensity
L_ChangeBitmapSaturation
L_EmbossBitmap
L_GammaCorrectBitmap
L_GetAutoTrimRect
L_GetBitmapColorCount
L_InvertBitmap
L_MosaicBitmap
L_SharpenBitmap

ltkrn10n

L_AccessBitmap
L_ChangeToDIB
L_ColorResBitmap
L_ConvertFromDIB
L_CopyBitmapRect
L_FlipBitmap
L_FreeBitmap
L_GetBitmapColors
L_GetPixelColor
L_GrayScaleBitmap
L_InitBitmap
L_PutBitmapColors
L_PutPixelColor
L_ReleaseBitmap
L_ResampleBitmap
L_ReverseBitmap
L_RotateBitmap
L_RotateBitmapFine
L_ShearBitmap
L_SizeBitmap
L_UnlockSupport

lttwn10n

L_TwainAcquire
L_TwainAcquireExt
L_TwainSelect

msvfw32

DrawDibClose
DrawDibDraw
DrawDibOpen
DrawDibRealize
DrawDibSetPalette

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoDisconnectObject
CoFreeUnusedLibraries
CoGetClassObject
CoInitialize
CoLockObjectExternal
CoRegisterClassObject
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
DoDragDrop
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleDuplicateData
OleFlushClipboard
OleGetClipboard
OleInitialize
OleIsCurrentClipboard
OleLockRunning
OleTranslateAccelerator
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
StringFromCLSID

oleaut32

LoadTypeLib
OleCreateFontIndirect
RegisterTypeLib
SafeArrayDestroy
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysStringByteLen
SysStringLen
SystemTimeToVariantTime
VarUdateFromDate
VariantChangeType
VariantClear
VariantCopy
VariantInit
VariantTimeToSystemTime

oledlg

OleUIBusyA

shell32

DragAcceptFiles
DragFinish
DragQueryFile
ExtractIconA
SHAppBarMessage
SHBrowseForFolder
SHChangeNotify
SHFileOperation
SHGetFileInfo
SHGetMalloc
SHGetPathFromIDList
SHGetSpecialFolderLocation
ShellExecuteA
Shell_NotifyIcon

shlwapi

PathFindExtensionA
PathFindFileNameA
PathIsDirectoryA
PathIsUNCA
PathStripToRootA

user32

AdjustWindowRectEx
AppendMenuA
AttachThreadInput
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcA
CharNextA
CharUpperA
CharUpperBuffA
CheckDlgButton
CheckMenuItem
ChildWindowFromPointEx
ClientToScreen
CloseClipboard
CopyAcceleratorTableA
CopyIcon
CopyImage
CopyRect
CreateAcceleratorTableA
CreateDialogIndirectParamA
CreateIconFromResource
CreateIconFromResourceEx
CreateIconIndirect
CreateMenu
CreatePopupMenu
CreateWindowExA
DefFrameProcA
DefMDIChildProcA
DefWindowProcA
DeferWindowPos
DeleteMenu
DestroyAcceleratorTable
DestroyCursor
DestroyMenu
DestroyWindow
DispatchMessageA
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawStateA
DrawTextA
DrawTextExA
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EnumChildWindows
EnumWindows
EqualRect
FillRect
FindWindowA
FrameRect
GetActiveWindow
GetAncestor
GetAsyncKeyState
GetCapture
GetCaretPos
GetClassInfoA
GetClassInfoExA
GetClassLongA
GetClassNameA
GetClientRect
GetClipboardData
GetClipboardOwner
GetClipboardViewer
GetCursor
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetInputState
GetKeyNameTextA
GetKeyState
GetKeyboardLayout
GetKeyboardState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuState
GetMenuStringA
GetMessageA
GetMessagePos
GetMessageTime
GetNextDlgGroupItem
GetNextDlgTabItem
GetOpenClipboardWindow
GetParent
GetPriorityClipboardFormat
GetProcessWindowStation
GetPropA
GetQueueStatus
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTabbedTextExtentA
GetTopWindow
GetUpdateRect
GetWindow
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowTextA
GetWindowTextLengthA
GetWindowThreadProcessId
GrayStringA
InflateRect
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
InvalidateRgn
IsCharLowerA
IsChild
IsClipboardFormatAvailable
IsDialogMessage
IsDlgButtonChecked
IsIconic
IsMenu
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
LoadCursorFromFileA
LoadIconA
LoadImageA
LoadMenuA
LockWindowUpdate
MapDialogRect
MapVirtualKeyA
MapVirtualKeyExA
MapWindowPoints
MessageBeep
MessageBoxA
ModifyMenuA
MoveWindow
OffsetRect
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
PtInRect
RedrawWindow
RegisterClassA
RegisterClassExA
RegisterClipboardFormatA
RegisterHotKey
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ReuseDDElParam
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SendMessageA
SendNotifyMessageA
SetActiveWindow
SetCapture
SetClassLongA
SetClipboardData
SetCursor
SetCursorPos
SetDlgItemInt
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenu
SetMenuDefaultItem
SetMenuItemBitmaps
SetParent
SetPropA
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowContextHelpId
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextA
SetWindowsHookExA
ShowCursor
ShowOwnedPopups
ShowScrollBar
ShowWindow
SubtractRect
SwapMouseButton
SystemParametersInfoA
TabbedTextOutA
ToAsciiEx
TrackPopupMenu
TrackPopupMenuEx
TranslateAccelerator
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnpackDDElParam
UnregisterClassA
UnregisterHotKey
UpdateWindow
ValidateRect
WaitMessage
WinHelpA
WindowFromDC
WindowFromPoint
keybd_event
mouse_event
wsprintfA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

PlaySound

winspool.drv

ClosePrinter
DocumentPropertiesA
GetJobA
GetPrinterA
OpenPrinterA

Exports

Exports

HS6Callback

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 650KB - Virtual size: 652KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 151KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MY_DATA1
Size: 512B - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.spliced
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iat
Size: 192KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ba12b42a88b428d34e6a55651f923cc1

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

gdi32

kernel32

ltdis10n

ltdlg10n

ltefx10n

ltfil10n

ltimg10n

ltkrn10n

lttwn10n

msvfw32

ole32

oleaut32

oledlg

shell32

shlwapi

user32

version

winmm

winspool.drv

Exports

Exports

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.rdata Size: 650KB - Virtual size: 652KB

.data Size: 151KB - Virtual size: 252KB

MY_DATA1 Size: 512B - Virtual size: 388KB

.spliced Size: 64KB - Virtual size: 64KB

.iat Size: 192KB - Virtual size: 2.5MB

.idata Size: 16KB - Virtual size: 20KB

.rsrc Size: 31KB - Virtual size: 31KB

.text
Size: 3.4MB - Virtual size: 3.4MB

.rdata
Size: 650KB - Virtual size: 652KB

.data
Size: 151KB - Virtual size: 252KB

MY_DATA1
Size: 512B - Virtual size: 388KB

.spliced
Size: 64KB - Virtual size: 64KB

.iat
Size: 192KB - Virtual size: 2.5MB

.idata
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 31KB - Virtual size: 31KB