2b892b1450709bf7387db2c22c1c1e10_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2b892b1450709bf7387db2c22c1c1e10_JaffaCakes118
Size

3.0MB
MD5

2b892b1450709bf7387db2c22c1c1e10
SHA1

2872b387b1db258c5ff398edb383bab71528d2fe
SHA256

f8100ccdf8c40a1e291b7ab51bbfb2418860802d01fe84b940d73b404ad4e598
SHA512

6eb40484fd4e2f97416522bc0d045e96258e8392e48728f6262f9210509bb0dfcacd263890e149d788e9cda8ccf13af1b218fdfc8c92b04f7e98f21f1042dfd7
SSDEEP

49152:sDL405nvkikssVTHYN1k6zkpd9KGSC0EWQojTuqXPfVtGS5gL3s:sDBvkxssVTHo1kdvJSCrWlPfCS5H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b892b1450709bf7387db2c22c1c1e10_JaffaCakes118

Files

2b892b1450709bf7387db2c22c1c1e10_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9fb424a96d248db0bfa80ecd50b4ef72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mixerGetLineInfoA
timeGetTime
mciSendCommandA
timeKillEvent
mixerSetControlDetails
timeBeginPeriod
timeSetEvent
sndPlaySoundA
mciGetErrorStringA
waveOutGetDevCapsA
mixerOpen
mixerGetNumDevs
mixerClose
timeEndPeriod
timeGetDevCaps
waveOutGetNumDevs
waveOutOpen
waveOutClose
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
waveOutReset
waveOutGetPosition
waveInAddBuffer
waveInPrepareHeader
waveInUnprepareHeader
waveInGetDevCapsA
waveInGetNumDevs
waveInStart
waveInOpen
waveInClose
waveInReset
mixerGetControlDetailsA
mixerGetLineControlsA

wsock32

WSAStartup
__WSAFDIsSet
WSACancelAsyncRequest
socket
WSAAsyncGetHostByName
inet_addr
closesocket
recv
send
inet_ntoa
select
WSACleanup
WSAGetLastError
connect
ioctlsocket
htons

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

msacm32

acmStreamPrepareHeader
acmStreamConvert
acmStreamUnprepareHeader
acmStreamClose
acmFormatSuggest
acmStreamOpen
acmStreamSize

kernel32

GetLogicalDriveStringsA
SetErrorMode
DeviceIoControl
GetSystemDefaultLangID
WideCharToMultiByte
lstrlenW
TlsSetValue
TlsGetValue
IsBadWritePtr
IsBadReadPtr
TlsAlloc
TlsFree
FreeResource
LockResource
LoadResource
FindResourceA
GetFileType
FlushFileBuffers
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
GetCurrentThreadId
QueryPerformanceFrequency
QueryPerformanceCounter
ResetEvent
InterlockedDecrement
OpenFile
VirtualLock
VirtualProtect
GlobalHandle
lstrcatA
lstrcmpA
IsDBCSLeadByte
LocalUnlock
LocalLock
LocalAlloc
lstrcmpiA
FileTimeToDosDateTime
IsBadStringPtrA
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetVolumeLabelA
GetLocalTime
MoveFileA
VirtualUnlock
VirtualFree
VirtualAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
SetLastError
DuplicateHandle
LockFile
UnlockFile
GetStringTypeExA
GetThreadLocale
GetFileTime
GetProfileIntA
LocalReAlloc
GlobalFlags
GetCPInfo
GetOEMCP
SizeofResource
RtlUnwind
RaiseException
GetTimeZoneInformation
ExitProcess
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
GetACP
SetStdHandle
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
IsBadCodePtr
SetEnvironmentVariableA
GetLocaleInfoW
GetFileSize
SetEndOfFile
GlobalMemoryStatus
GetProfileStringA
FreeLibrary
GetProcAddress
LoadLibraryA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
lstrcpyA
GetFileAttributesA
GetVolumeInformationA
lstrcpynA
GetFullPathNameA
CloseHandle
InterlockedExchange
ReadFile
SetFilePointer
CreateFileA
FindNextFileA
InterlockedIncrement
GetCurrentDirectoryA
SetCurrentDirectoryA
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
SystemTimeToFileTime
GetSystemTime
SetFileTime
DeleteFileA
SetFileAttributesA
RemoveDirectoryA
CreateDirectoryA
GetDiskFreeSpaceA
GetModuleHandleA
GetExitCodeProcess
GetLastError
CreateProcessA
lstrlenA
WriteFile
GetTempFileNameA
MulDiv
WritePrivateProfileStringA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetPrivateProfileSectionA
CopyFileA
GetVersionExA
MoveFileExA
GetShortPathNameA
GetWindowsDirectoryA
MultiByteToWideChar
LocalFree
FormatMessageA
GetTempPathA
GetModuleFileNameA
TerminateProcess
OpenProcess
LoadLibraryExA
GetTickCount
GetCurrentProcess
GetCurrentThread
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
SetThreadPriority
GetExitCodeThread
SetEvent
CreateEventA
WaitForSingleObject
TerminateThread
CreateThread
GlobalSize
GetLocaleInfoA
GetCurrentProcessId
FreeEnvironmentStringsA
GetEnvironmentStrings
GetProcessVersion
ExpandEnvironmentStringsA
GetComputerNameA
GetSystemDirectoryA
GetDriveTypeA

user32

ShowScrollBar
SetScrollInfo
GetScrollInfo
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
AdjustWindowRectEx
SendDlgItemMessageA
BeginPaint
EndPaint
CheckRadioButton
IsDialogMessageA
IsWindowEnabled
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuCheckMarkDimensions
CreateDialogIndirectParamA
LoadStringA
ValidateRect
GetMessageA
RegisterClipboardFormatA
DestroyMenu
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
GetNextDlgGroupItem
SetWindowContextHelpId
MapDialogRect
CopyAcceleratorTableA
ShowOwnedPopups
GetSysColorBrush
PostThreadMessageA
RemoveMenu
DrawMenuBar
GetMenu
RegisterClassA
CreateWindowExA
DestroyWindow
GetWindowDC
GetAsyncKeyState
MessageBeep
GetNextDlgTabItem
InsertMenuA
EnableMenuItem
DrawFrameControl
DrawFocusRect
AppendMenuA
CreatePopupMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuItemInfoA
GetMenuStringA
GetSubMenu
SetMenu
CreateMenu
GetWindowRgn
SetWindowRgn
GetLastActivePopup
ShowWindow
MoveWindow
UpdateWindow
DrawTextExA
LoadImageA
ClientToScreen
IsWindowVisible
GetDoubleClickTime
GetCapture
ReleaseCapture
SetCapture
ClipCursor
SetTimer
PtInRect
InvertRect
GetFocus
GetMessagePos
GetSystemMetrics
IsClipboardFormatAvailable
InvalidateRect
GetCursorPos
ScreenToClient
GetClientRect
KillTimer
GetClassInfoA
DefWindowProcA
LoadCursorA
SetCursor
FrameRect
DrawEdge
RedrawWindow
EqualRect
GetWindowRect
LoadIconA
PostMessageA
SetWindowPos
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
GetWindowTextA
GetWindowThreadProcessId
EnumWindows
CopyRect
MessageBoxA
GetDesktopWindow
GetDC
ReleaseDC
SystemParametersInfoA
MsgWaitForMultipleObjects
wsprintfA
TranslateMessage
DispatchMessageA
GetSysColor
LoadBitmapA
DrawIconEx
DestroyIcon
SetRect
SetWindowLongA
GetParent
CallWindowProcA
PeekMessageA
PostQuitMessage
IsWindow
CharUpperA
GrayStringA
DrawTextA
TabbedTextOutA
IntersectRect
OffsetRect
IsRectEmpty
InflateRect
EnableWindow
GetKeyState
GetScrollPos
GetTopWindow
WinHelpA
GetDlgItem
GetWindowTextLengthA
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
RegisterWindowMessageA
IsIconic
GetWindowPlacement
CharToOemA
OemToCharBuffA
CharLowerA
WaitForInputIdle
SetDlgItemTextA
SetWindowTextA
EndDialog
DialogBoxParamA
UnionRect
OemToCharA
CharNextA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
WindowFromPoint
GetMessageTime
CharPrevA
CharUpperBuffA
CharLowerBuffA
UnregisterClassA
InvalidateRgn
IsMenu
SetActiveWindow
DrawAnimatedRects
SetParent
FindWindowA
EnumChildWindows
GetClassNameA
TrackPopupMenu
LoadMenuA
SetMenuDefaultItem
GetIconInfo
DrawStateA
CloseWindow
IsChild
GetSystemMenu
DeleteMenu
MapWindowPoints
SetFocus
ExitWindowsEx
SendMessageA
GetActiveWindow
IsWindowUnicode
DefDlgProcA
ExcludeUpdateRgn
ShowCaret
HideCaret
FillRect

gdi32

ExtSelectClipRgn
CreateDCA
GetTextColor
CopyMetaFileA
LineTo
MoveToEx
SelectClipRgn
ScaleWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetStretchBltMode
RestoreDC
SaveDC
GetClipBox
SetTextColor
SetBkMode
SetWindowExtEx
SetViewportExtEx
GetEnhMetaFileA
GetMetaFileA
GetMetaFileBitsEx
DeleteMetaFile
SetWinMetaFileBits
GetEnhMetaFileHeader
PlayEnhMetaFile
DeleteEnhMetaFile
CreateDIBitmap
GetDIBits
GetSystemPaletteEntries
SetMapMode
SetBkColor
StretchDIBits
CreateRoundRectRgn
CreateRectRgnIndirect
IntersectClipRect
GetWindowOrgEx
SelectPalette
RealizePalette
CreateHalftonePalette
GetStretchBltMode
GetBkMode
PtInRegion
CreatePatternBrush
CreateBitmap
CreateRectRgn
GetTextMetricsA
PatBlt
StartDocA
StartPage
EndPage
EndDoc
AbortDoc
CreateCompatibleBitmap
GetCurrentObject
CreateFontIndirectA
CreatePalette
EnumFontFamiliesExA
CreateScalableFontResourceA
GetTextExtentPoint32A
RemoveFontResourceA
AddFontResourceA
CreateFontA
CreateSolidBrush
CreatePen
Rectangle
GetStockObject
GetObjectA
ExtCreateRegion
CombineRgn
DeleteDC
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GdiFlush
GetDeviceCaps
GetPaletteEntries
BitBlt
DeleteObject
CreateCompatibleDC
GetMapMode
GetWindowExtEx
LPtoDP
CreateDIBSection
SelectObject
DPtoLP
GetViewportExtEx
GetBkColor
GetTextExtentPointA

comdlg32

PrintDlgA
GetOpenFileNameA
CommDlgExtendedError
GetFileTitleA
GetSaveFileNameA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegEnumKeyA
LookupAccountSidA
GetUserNameA
RegConnectRegistryA
RegEnumValueA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegSetValueA
RegCreateKeyA

shell32

SHGetFileInfoA
ExtractIconA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
DragQueryFileA
DragFinish
SHBrowseForFolderA
SHAppBarMessage
Shell_NotifyIconA
ShellExecuteExA
SHGetMalloc

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_GetIconSize
ord17
ImageList_Destroy
ImageList_Create
ImageList_GetIcon

oledlg

ord8

ole32

OleInitialize
OleDuplicateData
CoRevokeClassObject
CoRegisterMessageFilter
CLSIDFromString
CoUninitialize
CoInitialize
CoCreateInstance
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromProgID
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
DoDragDrop
OleGetClipboard
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoTaskMemFree
ReleaseStgMedium
CoFreeUnusedLibraries
OleUninitialize
CreateStreamOnHGlobal
CoTaskMemAlloc

olepro32

ord253

oleaut32

VariantTimeToSystemTime
SysAllocStringLen
VariantChangeType
SysAllocStringByteLen
VariantCopy
VariantClear
SysFreeString
LoadTypeLi
RegisterTypeLi
VariantInit
SysAllocString
SysStringLen

urlmon

URLDownloadToFileA

netapi32

Netbios

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 348KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 192KB - Virtual size: 506KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 336KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fb424a96d248db0bfa80ecd50b4ef72

Headers

File Characteristics

Imports

winmm

wsock32

version

msacm32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

netapi32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 348KB - Virtual size: 344KB

.data Size: 192KB - Virtual size: 506KB

.rsrc Size: 336KB - Virtual size: 333KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 348KB - Virtual size: 344KB

.data
Size: 192KB - Virtual size: 506KB

.rsrc
Size: 336KB - Virtual size: 333KB