2c13b5cbf81bdbffd780683dfdcc7bea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c13b5cbf81bdbffd780683dfdcc7bea_JaffaCakes118
Size

586KB
MD5

2c13b5cbf81bdbffd780683dfdcc7bea
SHA1

d883e8d4b1e420ff7c4b22fb0f011a7273b25938
SHA256

c63aed082a51e9c36542ca76903a17359b58da4e036c46df02ca1b8ec63f09b6
SHA512

6765a068cea90538fbed01bdc0f0b4fb1c5eada9c27e0a897e1669db6b5d77e160ef154a63c4e02bf827bb40e2a27a8c6866912427f3b250c348d1081c03f65a
SSDEEP

6144:fRoX8FZdwHXG/6mVIA/eE7vDrHxPo6BaliXayWayVxCxrZQ5fUM9fwewVZgU6Qsw:+zG/6KegvPlyCayWayVxCZQ9fJgxy2G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c13b5cbf81bdbffd780683dfdcc7bea_JaffaCakes118

Files

2c13b5cbf81bdbffd780683dfdcc7bea_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7312598f00267ecadf626c563f884714

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetACP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualQuery
GetSystemInfo
SizeofResource
VirtualAlloc
VirtualProtect
HeapReAlloc
HeapSize
CreateThread
ExitThread
ExitProcess
Sleep
RaiseException
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
RtlUnwind
GetTickCount
GetModuleHandleW
SetErrorMode
GetFileSizeEx
SetFileAttributesA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileAttributesExA
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileA
GetShortPathNameA
GetVolumeInformationA
CreateDirectoryA
CreateFileMappingA
CreateToolhelp32Snapshot
DeviceIoControl
FindNextFileA
GetSystemDirectoryA
LoadLibraryExA
MapViewOfFile
OpenProcess
Process32First
Process32Next
UnmapViewOfFile
lstrcatA
lstrcpyA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
CopyFileA
FormatMessageA
LocalFree
GlobalFlags
MulDiv
GetTempPathA
GetProfileIntA
SearchPathA
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalFree
CreateEventA
WaitForSingleObject
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GlobalAlloc
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
CompareStringA
lstrcmpW
GetVersionExA
FreeResource
lstrlenA
GlobalLock
GlobalUnlock
GetCurrentProcessId
GetProcAddress
GetModuleHandleA
LoadLibraryA
GlobalGetAtomNameA
GlobalAddAtomA
WideCharToMultiByte
GetLastError
SetLastError
MultiByteToWideChar
FindResourceA
LoadResource
LockResource
SetStdHandle

user32

SetWindowRgn
DrawIcon
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
CharNextA
CharUpperA
DestroyIcon
LockWindowUpdate
GetDCEx
WindowFromPoint
KillTimer
SetTimer
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuItemInfoA
InflateRect
GetMenuStringA
InsertMenuA
ClientToScreen
FillRect
LoadCursorA
DestroyCursor
SetRect
SetCapture
RemoveMenu
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ShowOwnedPopups
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
SetParent
GetSystemMenu
AppendMenuA
DeleteMenu
IsRectEmpty
MoveWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
CreateMenu
PostThreadMessageA
GetTabbedTextExtentA
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetClientRect
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
PtInRect
UnregisterClassA
RegisterClipboardFormatA
SetDlgItemTextA
GetDC
ReleaseDC
RegisterClassExA
FindWindowExA
FindWindowA
ExitWindowsEx
EnumWindows
wsprintfA
GetWindowRect
IsZoomed
GetSystemMetrics
GetClassNameA
GetSysColor
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
WinHelpA
SetWindowPos
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
EqualRect
GetDlgItem
SetWindowLongA
GetDlgCtrlID
GetKeyState
LoadIconA
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
GetParent
SetActiveWindow
IsWindowVisible
InvalidateRect
IsIconic
SendMessageA
InsertMenuItemA
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
GetClassInfoA
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetMenu
GetLastActivePopup
BringWindowToTop
PostMessageA
SetMenu
GetDesktopWindow
GetWindow
ShowWindow
GetWindowLongA
IsWindow
TranslateAcceleratorA
EnableWindow
UpdateWindow

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
CreateSolidBrush
OffsetViewportOrgEx
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
CreateEllipticRgn
LPtoDP
Ellipse
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetWindowOrgEx
Escape
SetViewportOrgEx
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetTextAlign
MoveToEx
TextOutA
LineTo
IntersectClipRect
ExcludeClipRect
CreateFontA
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
ExtTextOutA
BitBlt
CreateFontIndirectA
GetStockObject
PatBlt
Rectangle
GetViewportOrgEx
CreatePen
CreateDCA
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
DPtoLP
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
StretchDIBits
DeleteDC
GetObjectA
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
GetTextMetricsA
GetTextExtentPoint32A
DeleteObject
GetCharWidthA
SetMapMode

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
GetJobA
OpenPrinterA
ClosePrinter

advapi32

CloseServiceHandle
OpenSCManagerA
OpenServiceA
RegEnumValueA
StartServiceA
RegCreateKeyA
RegSetValueA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
CreateServiceA

shell32

ShellAboutA
SHGetFolderPathA
DragQueryFileA
DragFinish
SHGetFileInfoA
ExtractIconA
ShellExecuteA

shlwapi

PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
SHDeleteKeyA
StrRChrA
StrStrIA
StrToIntA
PathRemoveFileSpecW

oledlg

ord8

ole32

CreateStreamOnHGlobal
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoInitializeEx
CoRevokeClassObject
CoCreateInstance
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoUninitialize
CoInitialize

oleaut32

SysAllocStringLen
VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysAllocStringByteLen
SysStringLen
SysFreeString
VariantInit
VariantChangeType
VariantClear

ws2_32

socket
send
recv
inet_addr
htons
gethostbyname
connect
closesocket
WSAStartup
select

wininet

InternetCrackUrlA
InternetGetConnectedState
InternetCreateUrlA

psapi

EnumProcessModules
GetModuleFileNameExA
EnumProcesses

ntdll

NtQuerySystemInformation

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

comctl32

ord17

Sections

.text
Size: 327KB - Virtual size: 326KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 162KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7312598f00267ecadf626c563f884714

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

ws2_32

wininet

psapi

ntdll

version

comctl32

Sections

.text Size: 327KB - Virtual size: 326KB

.rdata Size: 79KB - Virtual size: 78KB

.data Size: 162KB - Virtual size: 181KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 327KB - Virtual size: 326KB

.rdata
Size: 79KB - Virtual size: 78KB

.data
Size: 162KB - Virtual size: 181KB

.rsrc
Size: 17KB - Virtual size: 17KB