29b2036e49805a216450073dff1ea12a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29b2036e49805a216450073dff1ea12a_JaffaCakes118
Size

1.7MB
MD5

29b2036e49805a216450073dff1ea12a
SHA1

4e5a00e5c55f375b3e53e11c54628edf49e8bcb0
SHA256

1c99ea334acbb00461c708c3e5d5dae0bc13d60e817dc1b421706979a19a79c2
SHA512

6b87ba42a2ecc1b9b1e19674e99cd8bfcb7637c8790186fb4e4a0cb4101ee7d0ca907848e97811b6e319aede171872db30606388469de7df44d8b1920fd9a110
SSDEEP

24576:dQzbGfRMfJV68tT28cyAwQ78H+K+59Ks3Yd/YinSs/cKFpeU8WT2TY:debG2hV1tTzkKs3GWGeUfT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29b2036e49805a216450073dff1ea12a_JaffaCakes118

Files

29b2036e49805a216450073dff1ea12a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ad7f89a076d52d2dcf1cb64ebe125130

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetDriveTypeW
SetFileAttributesW
FileTimeToSystemTime
VirtualQuery
SetUnhandledExceptionFilter
GetModuleFileNameW
GetFileTime
SetFilePointerEx
SetEndOfFile
CreateEventA
GetCurrentProcessId
SetEnvironmentVariableW
GetTickCount
LocalAlloc
SetLastError
GetCurrentProcess
SetEvent
FlushFileBuffers
DisconnectNamedPipe
EnterCriticalSection
WaitForSingleObject
GetStartupInfoW
SetThreadPriority
RemoveDirectoryW
ResetEvent
GetCurrentThread
LeaveCriticalSection
SetFilePointer
GetCurrentDirectoryW
OpenFileMappingW
UnmapViewOfFile
MapViewOfFile
DeleteCriticalSection
GetEnvironmentVariableW
CreateFileW
InitializeCriticalSection
ReadFile
CreateEventW
GlobalFree
MultiByteToWideChar
GetLocaleInfoW
GetTempFileNameW
LocalFree
MoveFileW
CreateDirectoryW
GetLastError
MulDiv
ExitProcess
FormatMessageW
GetVersionExA
WriteFile
GetFileAttributesW
CreateProcessW
CloseHandle
DeleteFileW
GetTempPathW
GetCurrentThreadId
Sleep
LoadLibraryW
LoadLibraryA
GetProcAddress
WideCharToMultiByte
FindClose
FindFirstFileW
GetUserGeoID
FindNextFileW
CopyFileW
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
CreateToolhelp32Snapshot
lstrcpyW
GetProcessHeap
Process32NextW
WTSGetActiveConsoleSessionId
LockResource
GetExitCodeProcess
FindResourceW
HeapFree
GetModuleHandleW
GetPrivateProfileIntW
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
GlobalHandle
VirtualFreeEx
VirtualAllocEx
WriteProcessMemory
ReadProcessMemory
WinExec
EnumResourceNamesW
GlobalAlloc
GetTimeZoneInformation
CreateThread
ResumeThread
PeekNamedPipe
GetThreadPriority
HeapReAlloc
GetSystemTime
GlobalUnlock
GetComputerNameW
SystemTimeToTzSpecificLocalTime
GlobalLock
WaitForMultipleObjects
WaitNamedPipeW
CreateNamedPipeW
ConnectNamedPipe
GetOverlappedResult
CancelIo
CreateMutexW
ReleaseMutex
GetCommandLineW
OpenProcess
SizeofResource
ProcessIdToSessionId
HeapAlloc
Process32FirstW
GetFileSizeEx
LoadResource
WriteConsoleA
SetStdHandle
RaiseException
GetConsoleMode
GetConsoleCP
RtlUnwind
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetVersionExW
GetGeoInfoW
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapSize
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
TerminateProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
GetModuleHandleA
HeapCreate
HeapDestroy
VirtualAlloc
VirtualFree
GetStartupInfoA
GetCommandLineA
InterlockedDecrement
InterlockedIncrement
FreeLibrary

advapi32

RegEnumValueW
RegCloseKey
CloseServiceHandle
OpenServiceW
OpenSCManagerW
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
ControlService
QueryServiceStatusEx
SetServiceStatus
RegOpenKeyExW
RegDeleteKeyW
LookupPrivilegeValueW
GetAce
OpenProcessToken
InitializeAcl
RegCreateKeyExW
GetSidSubAuthority
AdjustTokenPrivileges
RegQueryValueExW
AddAccessAllowedAce
InitializeSecurityDescriptor
RegSaveKeyW
RegRestoreKeyW
RegSetKeySecurity
RegQueryInfoKeyW
RegEnumKeyExW
QueryServiceConfigW
LsaClose
StartServiceW
LookupAccountNameW
GetSecurityInfo
LsaAddAccountRights
ChangeServiceConfig2W
LsaOpenPolicy
EqualSid
QueryServiceObjectSecurity
CreateServiceW
ChangeServiceConfigW
SetServiceObjectSecurity
DeleteService
SetSecurityInfo
GetNamedSecurityInfoW
SetNamedSecurityInfoW
RegDeleteValueW
RegSetValueExW
DuplicateTokenEx
RegOpenKeyW
FreeSid
GetSidLengthRequired
IsValidSecurityDescriptor
SetEntriesInAclW
AllocateAndInitializeSid
GetSecurityDescriptorLength
GetSecurityDescriptorDacl
SetFileSecurityW
InitializeSid
SetSecurityDescriptorDacl
GetUserNameW

comctl32

InitCommonControlsEx
PropertySheetW
ord17
ImageList_DrawEx
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_EndDrag
ImageList_Destroy
ImageList_DragLeave
ImageList_GetImageInfo
ImageList_Merge
ImageList_Create
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_BeginDrag
ImageList_AddMasked
ImageList_DragMove
_TrackMouseEvent
CreateToolbarEx

comdlg32

GetSaveFileNameW
PrintDlgW
CommDlgExtendedError
GetOpenFileNameW

gdi32

StretchBlt
SetStretchBltMode
PatBlt
GetDIBColorTable
CreateDCW
StartPage
StartDocW
EndDoc
StretchDIBits
GetViewportExtEx
SetWindowExtEx
SetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
GetClipBox
GetTextMetricsA
ExtTextOutW
BitBlt
SetTextAlign
GetTextExtentPoint32W
CreateCompatibleBitmap
Rectangle
CreatePen
GetGlyphIndicesW
CreateCompatibleDC
GetDIBits
GetFontData
SetBkColor
CreateDIBitmap
GetDeviceCaps
SetBkMode
TextOutW
CreateFontIndirectW
DeleteDC
EndPage
SetTextColor
GetCurrentObject
DeleteObject
MoveToEx
SelectObject
LineTo
GetStockObject
CreateFontW
CreateSolidBrush
GetObjectW
CreatePatternBrush

gdiplus

GdipSaveImageToStream
GdipBitmapSetResolution
GdipGetImageEncoders
GdiplusStartup
GdipGetImageEncodersSize
GdiplusShutdown
GdipCreateBitmapFromScan0
GdipDisposeImage

msimg32

AlphaBlend
GradientFill

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CreateStreamOnHGlobal
CLSIDFromProgID
OleInitialize
CoInitializeSecurity
OleUninitialize

oleaut32

SysFreeString
VariantClear
SysAllocString
VariantInit
OleLoadPicturePath
OleLoadPicture

shell32

ShellExecuteExW
SHGetFolderPathW
Shell_NotifyIconW
CommandLineToArgvW
ord680
SHChangeNotify
ShellExecuteW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetMalloc

shlwapi

SHDeleteEmptyKeyW
SHDeleteKeyW

user32

EnableMenuItem
IsWindow
GetPropW
GetDlgItemInt
SetDlgItemInt
GetSysColor
GetClientRect
SetFocus
IsWindowEnabled
ScreenToClient
ShowWindow
GetFocus
RemoveMenu
SetMenuDefaultItem
SetScrollInfo
MoveWindow
ReleaseDC
GetDC
SetForegroundWindow
GetScrollInfo
wsprintfW
GetWindowDC
GetWindowLongW
DefWindowProcW
PeekMessageW
SendMessageTimeoutW
TranslateMessage
FindWindowW
RegisterClassW
DispatchMessageW
MsgWaitForMultipleObjects
RegisterWindowMessageW
WaitForInputIdle
GetDesktopWindow
IsCharAlphaW
RemovePropW
IsClipboardFormatAvailable
OpenClipboard
CloseClipboard
CallWindowProcW
GetClipboardData
MapDialogRect
GetMessageW
CreateDialogIndirectParamW
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
InflateRect
DrawFocusRect
GetIconInfo
GetWindowTextW
DrawStateW
DrawEdge
IsWindowVisible
DestroyIcon
DrawIconEx
ClientToScreen
GetAsyncKeyState
EndDialog
GetCursorPos
ScrollWindowEx
EnableWindow
DestroyCursor
MapWindowPoints
SetActiveWindow
GetSubMenu
CreateDialogParamW
IsDialogMessageW
InsertMenuW
MapVirtualKeyW
GetKeyNameTextW
GetKeyState
SetCapture
ReleaseCapture
InsertMenuItemW
SetWindowPlacement
FindWindowExW
PostQuitMessage
GetSystemMenu
FlashWindowEx
SetMenuItemInfoW
GetWindowThreadProcessId
ModifyMenuW
EndPaint
BeginPaint
IsIconic
GetSysColorBrush
LoadIconW
MonitorFromWindow
MonitorFromRect
GetMonitorInfoW
UpdateWindow
GetClassNameA
GetClassNameW
AppendMenuW
TrackPopupMenu
GetSystemMetrics
DestroyMenu
GetParent
LoadImageW
GetDlgItemTextW
SetDlgItemTextW
GetDlgItem
SendDlgItemMessageW
DeleteMenu
SetWindowLongW
GetCursor
GetMenu
CreatePopupMenu
SetPropW
CreateWindowExW
SetTimer
PostMessageW
KillTimer
SetWindowTextW
GetWindowRect
InvalidateRect
GetWindowPlacement
IsZoomed
CharLowerW
SendMessageW
DestroyWindow
CheckDlgButton
IsDlgButtonChecked
SetWindowPos
DialogBoxIndirectParamW
CheckMenuItem
SetCursor
DrawTextW
FillRect
MessageBoxW
LoadCursorW
DialogBoxParamW
GetDlgCtrlID
FrameRect

ws2_32

gethostname
closesocket
WSACleanup
sendto
accept
WSAEventSelect
ntohs
ioctlsocket
send
connect
getsockopt
setsockopt
select
listen
WSAGetLastError
__WSAFDIsSet
bind
socket
WSAStartup
gethostbyaddr
recv
gethostbyname
inet_addr
htons

netapi32

NetApiBufferFree
NetQueryDisplayInformation
NetUserGetLocalGroups
NetUserGetInfo

iphlpapi

GetIpAddrTable
GetAdaptersAddresses
GetNetworkParams

wininet

InternetQueryOptionW
InternetAutodial
InternetGetConnectedState
InternetAutodialHangup

dnsapi

DnsQuery_W
DnsRecordListFree

Sections

.rdata
Size: 379KB - Virtual size: 378KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 985KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 374KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad7f89a076d52d2dcf1cb64ebe125130

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

comdlg32

gdi32

gdiplus

msimg32

ole32

oleaut32

shell32

shlwapi

user32

ws2_32

netapi32

iphlpapi

wininet

dnsapi

Sections

.rdata Size: 379KB - Virtual size: 378KB

.data Size: 985KB - Virtual size: 1.1MB

.rsrc Size: 374KB - Virtual size: 374KB

.rdata
Size: 379KB - Virtual size: 378KB

.data
Size: 985KB - Virtual size: 1.1MB

.rsrc
Size: 374KB - Virtual size: 374KB