2f0fa977c7f0bb5110d1f14fcc889ba8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f0fa977c7f0bb5110d1f14fcc889ba8_JaffaCakes118
Size

508KB
MD5

2f0fa977c7f0bb5110d1f14fcc889ba8
SHA1

003f5f33869998a931fc1df203399ce7f18f3568
SHA256

d9c2c014f3cadd1cb9ba2dc046dcdf1daf0a371b01e7e9aebcb8b8beaa2a0596
SHA512

9c2f718836bd7f421216a388fda05d85dcac9c82cbe78f9af459aee49a7e2b74f0e88f964f845d8d04c770665bcd78ffa582fc890ba0fba3c18ebf064e24344a
SSDEEP

12288:Tq3qBhHGOUkOqN/XAMMnMMMMM4jvr4Q1pKQhI3YGiPGAPdAt8s5on/:TqqRUkOu/XAMMnMMMMM4jvrPKwmRKdGh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f0fa977c7f0bb5110d1f14fcc889ba8_JaffaCakes118

Files

2f0fa977c7f0bb5110d1f14fcc889ba8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7c7517edba7be74082efdabdd8fc1a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

setsockopt
WSAConnect

kernel32

FlushFileBuffers
CreateEventA
WaitForSingleObject
CompareStringW
VirtualAlloc
GetFileTime
_lclose
GetEnvironmentStrings
ReadFile
GetFileType
FreeEnvironmentStringsW
GetCurrentThreadId
VirtualFree
GetTempPathA
GetSystemTime
GetOEMCP
GetUserDefaultLCID
SetEnvironmentVariableA
FindFirstFileA
FreeEnvironmentStringsA
lstrcmpiW
SetLocalTime
MulDiv
FileTimeToLocalFileTime
FreeResource
GlobalDeleteAtom
GetModuleFileNameW
RtlUnwind
CreateSemaphoreA
HeapFree
HeapDestroy
GetProfileStringA
GetFileAttributesA
RaiseException
MoveFileA
ReleaseSemaphore
WinExec
GlobalAddAtomA
SetCurrentDirectoryA
WriteFile
SystemTimeToFileTime
SetErrorMode
lstrcpyA
GetSystemDefaultLCID
SetEvent
HeapReAlloc
SetFileTime
SetEndOfFile
CreateProcessW
FreeLibrary
LockResource
_lread
GetTickCount
GetTimeZoneInformation
DeleteFileA
GetCurrentProcessId
FindResourceA
DeleteCriticalSection
VirtualProtect
FlushInstructionCache
GetSystemDefaultLangID
GetCurrentProcess
CreateDirectoryA
FindClose
SizeofResource
SearchPathA
InitializeCriticalSection
GlobalHandle
ExitThread
TlsFree
TlsSetValue
InterlockedDecrement
GetUserDefaultLangID
GlobalLock
GetStringTypeExA
CreateProcessA
LoadResource
ExitProcess
lstrlenA
GetACP
GetFullPathNameA
GetLocalTime
GetModuleFileNameA
GetTempFileNameA
lstrcatA
GetModuleHandleA
LoadLibraryExA
GetStdHandle
LCMapStringW
WideCharToMultiByte
GetExitCodeProcess
InterlockedIncrement
SetLastError
HeapCreate
GetStartupInfoA
GetVersionExA
GetLocaleInfoA
FormatMessageW
GlobalAlloc
GetCurrentDirectoryA
GetSystemInfo
ResetEvent
GetCommandLineA
VirtualQuery
_lwrite
LeaveCriticalSection
_llseek
FileTimeToSystemTime
CompareStringA
TlsGetValue
GetSystemDirectoryA
IsBadCodePtr
IsDBCSLeadByte
GetStringTypeW
HeapSize
TerminateProcess
CreateFileA
GetVersion
GetDriveTypeA
EnterCriticalSection
GlobalSize
GetEnvironmentStringsW
SetFilePointer
GlobalFree
FindNextFileA
CreateThread
IsBadReadPtr
SetStdHandle
UnhandledExceptionFilter
SetHandleCount
GlobalReAlloc
FormatMessageA
GetProcAddress
LockFile
Sleep
LoadLibraryA
RemoveDirectoryA
GetDateFormatA
MultiByteToWideChar
GetWindowsDirectoryA
lstrcmpA
GetLastError
GetCPInfo
TlsAlloc
lstrcpynA
GetStringTypeA
GetVolumeInformationA
UnlockFile
GetShortPathNameA
LCMapStringA
DuplicateHandle
ResumeThread
HeapAlloc
CloseHandle
lstrcmpiA
GlobalUnlock
SetFileAttributesA

ole32

OleSave
OleLoad

advapi32

RegEnumValueA
RegQueryValueExA
RegOpenKeyA
RegQueryValueA
RegisterEventSourceA
RegOpenKeyW
RegSetValueExA
RegQueryInfoKeyA
RegCreateKeyW
RegSetValueA
RegDeleteKeyA
InitializeSecurityDescriptor
RegDeleteValueW
RegEnumKeyA
RegOpenKeyExA
SetSecurityDescriptorDacl
RegDeleteKeyW
RegCreateKeyA
RegSetValueExW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteValueA
DeregisterEventSource
RegEnumKeyW
RegCloseKey
RegEnumValueW
ReportEventA

user32

DialogBoxParamA
DestroyCursor
SetCaretPos
DestroyMenu
ScreenToClient
DdeCreateDataHandle
DrawTextA
PtInRect
LoadIconA
CallWindowProcA
TranslateMessage
GetUpdateRgn
FindWindowA
EndDeferWindowPos
PostMessageA
PostQuitMessage
SetTimer
FillRect
HideCaret
VkKeyScanA
DefMDIChildProcA
WindowFromPoint
SetWindowLongA
SubtractRect
GetQueueStatus
AdjustWindowRectEx
GetMenuItemInfoA
GetCursor
GetClipboardData
GetSystemMenu
SetRect
LoadBitmapA
DrawFrameControl
InvalidateRgn
GetDesktopWindow
EnumClipboardFormats
GetWindowThreadProcessId
DdeConnect
SetMenuDefaultItem
GetMessageTime
SendDlgItemMessageA
IsWindowEnabled
CharToOemA
CharLowerBuffW
IsIconic
EqualRect
DeferWindowPos
IsChild
CopyRect
GetScrollInfo
CreatePopupMenu
GetCaretBlinkTime
InsertMenuA
IsDialogMessageA
keybd_event
CallNextHookEx
DdeInitializeA
SetCursor
DdeQueryConvInfo
DefFrameProcA
CharPrevA
DdeClientTransaction
GetMenuItemCount
CreateAcceleratorTableA
DdeSetUserHandle
GetFocus
DeleteMenu
SetClipboardData
GetSystemMetrics
DdeDisconnect
GetIconInfo
EnableMenuItem
CharUpperBuffW
EmptyClipboard
SetWindowsHookExA
CreateIcon
CreateMenu
WaitForInputIdle
EnumThreadWindows
GetClipboardFormatNameA
CharNextA
SetParent
InflateRect
SetKeyboardState
GetWindowLongA
PeekMessageW
MessageBoxA
GetSubMenu
LoadImageA
ShowCaret
DrawIcon
UpdateWindow
TranslateMDISysAccel
GetWindowTextLengthA
DdeGetData
CheckMenuItem
wsprintfA
CharToOemBuffA
DdeCreateStringHandleA
AttachThreadInput
VkKeyScanW
IntersectRect
DefWindowProcA
GetDlgItem
SetWindowsHookExW
CopyAcceleratorTableA
SetFocus
MessageBeep
IsWindow
UnhookWindowsHookEx
AdjustWindowRect
DdeAbandonTransaction
GetWindow
SetWindowPos
DdeFreeDataHandle
ShowCursor
DdeCmpStringHandles
CreateCaret
DdeFreeStringHandle
GetClientRect
DestroyIcon
SetPropA
GetPropA
EnableWindow
SetMenuItemInfoA
GetClassNameA
CharLowerBuffA
CharUpperBuffA
ModifyMenuA
LoadCursorA
GetCaretPos
DestroyCaret
DdeUninitialize
ReleaseCapture
ClipCursor
GetAsyncKeyState
GetTabbedTextExtentA
BeginDeferWindowPos
GetDoubleClickTime
DdePostAdvise
GetDC
MoveWindow
CreateCursor
RegisterClassExA
SetScrollInfo
GetClassInfoExA
SetCapture
GetCursorPos
LoadStringA
GetParent
MsgWaitForMultipleObjects
GetLastActivePopup
SystemParametersInfoA
SetMenu
EndDialog
GetMenuState
ReleaseDC
GetKeyboardLayout
TabbedTextOutA
SendMessageA
DrawMenuBar
IsCharAlphaA
PostThreadMessageA
CloseClipboard
SetScrollPos
MapWindowPoints
GetUpdateRect
BringWindowToTop
DdeQueryStringA
UnregisterClassA
SetWindowTextA
GetForegroundWindow
ShowScrollBar
CreateDialogParamA
GetScrollPos
LockWindowUpdate
RegisterClipboardFormatA
LoadAcceleratorsA
OffsetRect
MessageBoxIndirectA
DdeNameService
GetWindowRect
DispatchMessageA
GetActiveWindow
GetMenu
CharLowerA
SetForegroundWindow
RemovePropA
ShowWindow
GetKeyState
GetCapture
CharUpperA
DdeGetLastError
SetWindowRgn
SetScrollRange
GetWindowDC
GetWindowTextA
GetSysColor
GetMenuStringA
GetMenuItemID
InvalidateRect
IsWindowVisible
WaitMessage
DestroyAcceleratorTable
GetDCEx
RemoveMenu
CreateWindowExA
RegisterClassA
SetWindowContextHelpId
SetDlgItemTextA
EndPaint
GetKeyboardState
OemToCharA
IsRectEmpty
WinHelpA
AppendMenuA
DrawFocusRect
FrameRect
PeekMessageA
SetActiveWindow
BeginPaint
GetMessagePos
KillTimer
ToAscii
FindWindowW
GetWindowRgn
ClientToScreen
GetClassInfoA
IsClipboardFormatAvailable
PostMessageW
DestroyWindow
OpenClipboard
TrackPopupMenu
IsZoomed
SetCursorPos

samlib

SamConnect
SamLookupNamesInDomain
SamConnectWithCreds

ddraw

DirectDrawEnumerateA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 155KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7c7517edba7be74082efdabdd8fc1a6

Headers

File Characteristics

Imports

ws2_32

kernel32

ole32

advapi32

user32

samlib

ddraw

Sections

.text Size: 1KB - Virtual size: 1KB

.idata Size: 11KB - Virtual size: 10KB

.data Size: 155KB - Virtual size: 1.0MB

.rsrc Size: 132KB - Virtual size: 131KB

.rdata Size: 207KB - Virtual size: 207KB

.text
Size: 1KB - Virtual size: 1KB

.idata
Size: 11KB - Virtual size: 10KB

.data
Size: 155KB - Virtual size: 1.0MB

.rsrc
Size: 132KB - Virtual size: 131KB

.rdata
Size: 207KB - Virtual size: 207KB