2a0cd3944b126529e13c331062a31aa5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a0cd3944b126529e13c331062a31aa5_JaffaCakes118
Size

15.6MB
MD5

2a0cd3944b126529e13c331062a31aa5
SHA1

02f6a651aa3b3d0fc6bc6b8b5c4338b00000b3b5
SHA256

1988ae51c21a73ea48d04c45a272c4169db5b88d8791b7ad7b4d6adecad61041
SHA512

7474ca255e5dc325e901592fe2538ec62fe3138ec6a1f07df44344d18c01a9724085f297173cb1755ee12b0826a6b87de240bae6e242e7e7fb6fe131a20d8efd
SSDEEP

98304:2TXkqNyj8HdJeh3m+VTHijbNkj+mccSaCl5/aM0W:+0jybehVgcmcW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a0cd3944b126529e13c331062a31aa5_JaffaCakes118

Files

2a0cd3944b126529e13c331062a31aa5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f336c8d2cd27bd4b17d54d1ca1ae8c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Devlp01\ErrorSmart\trunk_ns\release\ErrorSmart.pdb

Imports

kernel32

GlobalAddAtomA
lstrcmpA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThreadId
GlobalDeleteAtom
GetCurrentProcessId
GetModuleFileNameW
InterlockedDecrement
SuspendThread
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
GetThreadLocale
SetFilePointer
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
RaiseException
GlobalFlags
GlobalReAlloc
GlobalHandle
LocalReAlloc
InterlockedIncrement
GetCPInfo
GetOEMCP
SetErrorMode
GetTickCount
VirtualProtect
VirtualQuery
GetCommandLineA
GetStartupInfoA
GetTimeFormatA
GetDateFormatA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitThread
CreateThread
SetEnvironmentVariableA
SetStdHandle
GetFileType
ExitProcess
RtlUnwind
HeapSize
HeapDestroy
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetACP
IsValidCodePage
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetDriveTypeA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileW
QueryDosDeviceA
ReadFile
WriteFile
TlsFree
TlsGetValue
TlsSetValue
TlsAlloc
ConnectNamedPipe
VirtualFree
VirtualAlloc
DisconnectNamedPipe
FlushFileBuffers
GetTempPathA
GetCurrentThread
GetSystemTime
CreateProcessA
SearchPathA
WritePrivateProfileStringA
HeapFree
GetProcessHeap
HeapAlloc
GetStdHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
GetSystemInfo
FormatMessageA
GetFileTime
ExpandEnvironmentStringsA
LocalFree
MoveFileA
CopyFileA
TerminateProcess
SetFileAttributesA
GetFileAttributesA
CreateNamedPipeA
GetVersionExA
lstrcatA
lstrcpyA
FreeResource
GlobalAlloc
ResumeThread
GlobalFree
GlobalUnlock
GlobalLock
ResetEvent
SetEvent
GetWindowsDirectoryA
MulDiv
GetModuleFileNameA
CreateDirectoryA
CreateFileA
GetLocalTime
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcpynA
SetLastError
LoadLibraryA
GetProcAddress
GetModuleHandleA
CreateEventA
FreeLibrary
WaitForSingleObject
SetThreadPriority
WinExec
DeleteFileA
FindClose
FindNextFileA
FindFirstFileA
SetCurrentDirectoryA
LockResource
SizeofResource
LoadResource
FindResourceA
GetCurrentDirectoryA
Sleep
GetCurrentProcess
CloseHandle
WideCharToMultiByte
lstrlenA
GetVersion
CompareStringA
GetLastError
MultiByteToWideChar
CompareStringW
GetEnvironmentVariableA
InterlockedExchange
HeapReAlloc

user32

DestroyMenu
CopyAcceleratorTableA
IsRectEmpty
InvalidateRgn
CharNextA
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatA
GetNextDlgGroupItem
PostThreadMessageA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
WinHelpA
IsChild
GetClassLongA
GetClassNameA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
UpdateWindow
GetMenu
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
GetScrollInfo
CallWindowProcA
OffsetRect
GetWindowPlacement
GetMenuItemID
GetMenuItemCount
SetWindowsHookExA
CallNextHookEx
GetMessageA
IsWindowVisible
GetKeyState
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
ScreenToClient
GrayStringA
DrawTextExA
TabbedTextOutA
UnhookWindowsHookEx
GetWindowThreadProcessId
GetLastActivePopup
PostQuitMessage
SetFocus
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
GetDlgItem
GetWindow
TrackMouseEvent
HideCaret
IsWindowEnabled
GetDesktopWindow
SetActiveWindow
GetActiveWindow
GetFocus
MessageBeep
CopyIcon
InflateRect
IsWindow
SetCapture
PtInRect
GetCaretPos
DestroyIcon
DrawFocusRect
DrawEdge
SetClassLongA
ReleaseCapture
ClientToScreen
WindowFromPoint
GetCapture
DestroyCursor
SendMessageA
LoadBitmapA
SetWindowLongA
CharUpperA
GetDC
SendMessageCallbackA
CreateWindowExA
EndPaint
BeginPaint
SetPropA
GetDlgCtrlID
DefWindowProcA
GetPropA
UnregisterClassA
RegisterClassExA
EnableWindow
ExitWindowsEx
SetTimer
KillTimer
InvalidateRect
GetWindowRect
PostMessageA
FindWindowA
MessageBoxA
LoadIconA
SetForegroundWindow
LoadMenuA
GetSubMenu
GetCursorPos
TrackPopupMenu
IsIconic
GetSystemMetrics
GetWindowLongA
GetClientRect
DrawIcon
GetSysColor
PeekMessageA
TranslateMessage
DispatchMessageA
RedrawWindow
ReleaseDC
LoadCursorA
SetRect
GetSysColorBrush
CopyRect
DrawTextA
SetWindowRgn
SetCursor
SystemParametersInfoA
SetWindowPos
GetParent
FillRect
GetWindowTextA
GetWindowTextLengthA
GetWindowDC
IntersectRect

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
ExtSelectClipRgn
CreatePen
SetViewportOrgEx
CreateRectRgnIndirect
GetMapMode
GetRgnBox
PtVisible
TextOutA
Escape
GetStockObject
GetWindowExtEx
GetViewportExtEx
MoveToEx
LineTo
GetClipBox
SetMapMode
RestoreDC
SaveDC
CreatePatternBrush
CreateBitmap
GetTextColor
GetBkColor
GetCurrentObject
GetTextExtentPoint32A
CreateCompatibleBitmap
ExtTextOutA
GetTextMetricsA
ExtCreateRegion
GetPixel
SelectClipRgn
StretchBlt
SelectObject
SetTextColor
SetBkColor
SetBkMode
DeleteDC
DeleteObject
CombineRgn
CreateRectRgn
CreateFontIndirectA
BitBlt
CreateCompatibleDC
CreateSolidBrush
GetDeviceCaps
GetObjectA
RectVisible

msimg32

GradientFill

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comctl32

_TrackMouseEvent

shlwapi

PathFileExistsA
PathIsDirectoryA
UrlUnescapeA
PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathFindFileNameA
SHDeleteKeyA

oledlg

ord8

ole32

CoInitializeEx
CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SafeArrayGetElemsize
OleCreateFontIndirect
OleLoadPicture
SysFreeString
SysStringLen
VarBstrCmp
SysAllocStringLen
SysAllocString
VariantClear
VariantChangeType
VariantInit
SysAllocStringByteLen
VariantCopy
DispCallFunc
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime

wininet

HttpOpenRequestA
InternetOpenUrlA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
InternetQueryDataAvailable
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetSetOptionExA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Exports

Exports

PIEImportTest

Sections

.text
Size: 856KB - Virtual size: 853KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 184KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14.6MB - Virtual size: 14.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f336c8d2cd27bd4b17d54d1ca1ae8c8

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

version

Exports

Exports

Sections

.text Size: 856KB - Virtual size: 853KB

.rdata Size: 184KB - Virtual size: 180KB

.data Size: 20KB - Virtual size: 37KB

.rsrc Size: 14.6MB - Virtual size: 14.6MB

.text
Size: 856KB - Virtual size: 853KB

.rdata
Size: 184KB - Virtual size: 180KB

.data
Size: 20KB - Virtual size: 37KB

.rsrc
Size: 14.6MB - Virtual size: 14.6MB