32dc7b611379bb349dcaa7e9c1e42d37_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

32dc7b611379bb349dcaa7e9c1e42d37_JaffaCakes118
Size

1.1MB
MD5

32dc7b611379bb349dcaa7e9c1e42d37
SHA1

049456050db2f994ad1d8060457aa410740e6844
SHA256

c9f75038a4f09465b8ff413bcad7f94565a5000c15e5edfd80f3447fdfed4be5
SHA512

ecfa3f40ce4ab4b3f68be87ebf05c52f13c2bd90861f4427a834afbf8f0d881a65819afe22137ac7c45c551bc4541f10779df8748320ad7b5f64c70cdd2d0253
SSDEEP

24576:w9nnUdAg+QzrjJ+N0z1NxyGFLPgp/zXpK838/A8K1c3P6:ld3mWhFLPE7XYe8/A8K14

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32dc7b611379bb349dcaa7e9c1e42d37_JaffaCakes118

Files

32dc7b611379bb349dcaa7e9c1e42d37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e3263163e03521fff434962bd144a95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\projects\Svn\Ultimate Cleaner\desktop\trunk\App\Demo-Release\App.pdb

Imports

wininet

InternetGetConnectedState
InternetCanonicalizeUrlA
InternetReadFile
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
FindCloseUrlCache
InternetCloseHandle
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA

kernel32

EnumResourceLanguagesA
ConvertDefaultLocale
lstrcmpA
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
GetCurrentDirectoryA
GetTickCount
ExitProcess
RtlUnwind
IsBadReadPtr
HeapFree
HeapAlloc
GetTimeFormatA
GetDateFormatA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
ExitThread
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetTimeZoneInformation
UnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
SuspendThread
GetFileTime
GetFullPathNameA
lstrcpyA
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
SetLastError
FormatMessageA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
lstrcpynA
LocalAlloc
LocalFree
MoveFileExA
ReleaseMutex
CreateMutexA
CreateMailslotA
GetVolumeInformationA
GetCommandLineA
ExpandEnvironmentStringsA
InterlockedDecrement
InterlockedIncrement
WritePrivateProfileStringA
TerminateProcess
DeviceIoControl
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemDirectoryA
RemoveDirectoryA
CreateDirectoryA
SetFileAttributesA
GetFileAttributesA
CompareStringW
CompareStringA
lstrcmpiA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
MultiByteToWideChar
GetCurrentThreadId
GlobalAddAtomA
SetUnhandledExceptionFilter
GetVersion
ResumeThread
OpenEventA
GetCurrentThread
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetFileAttributesExA
SetFilePointer
GetFileSize
SetEndOfFile
CreateWaitableTimerA
SetWaitableTimer
WaitForMultipleObjects
CancelWaitableTimer
LocalFileTimeToFileTime
SetThreadPriority
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
GetWindowsDirectoryA
MulDiv
FreeResource
GlobalLock
GlobalFree
GlobalUnlock
GlobalAlloc
CreateThread
TerminateThread
CreateFileA
ReadFile
GetLastError
WriteFile
LoadLibraryA
GetProcAddress
FreeLibrary
MoveFileA
GetCurrentProcessId
CreateEventA
CreateProcessA
DeleteFileA
GetSystemTime
Sleep
WaitForSingleObject
SetEvent
GetLogicalDrives
GetDriveTypeA
GetLocalTime
SystemTimeToFileTime
FileTimeToSystemTime
GetModuleFileNameA
CloseHandle
GlobalDeleteAtom
GetModuleHandleA
ResetEvent
FindResourceExA
lstrlenA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
HeapReAlloc
GetProcessHeap

user32

GetActiveWindow
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
BringWindowToTop
SetMenu
GetDesktopWindow
TranslateAcceleratorA
IsWindowEnabled
ShowWindow
MoveWindow
IsDialogMessageA
EndPaint
BeginPaint
GetWindowDC
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
GetMenuState
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
EqualRect
RegisterClassA
LoadMenuA
GetDlgCtrlID
CallWindowProcA
GetWindowLongA
SetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
CountClipboardFormats
OpenClipboard
EmptyClipboard
CloseClipboard
UnregisterClassA
CharUpperA
MessageBoxA
RegisterClassExA
CreateWindowExA
GetMessageA
DispatchMessageA
TranslateMessage
CreatePopupMenu
AppendMenuA
TrackPopupMenu
DestroyMenu
SetForegroundWindow
CopyIcon
GetCursorPos
FrameRect
LoadBitmapA
DestroyCursor
ReleaseDC
IsRectEmpty
GetClassInfoA
DefWindowProcA
IsWindow
WindowFromPoint
GetFocus
GetCapture
IsWindowVisible
ShowCaret
HideCaret
SetCaretPos
CreateCaret
SetRectEmpty
IntersectRect
FillRect
InflateRect
GetKeyState
GrayStringA
DrawTextExA
TabbedTextOutA
GetClientRect
GetDlgItem
wsprintfA
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
ValidateRect
RegisterClipboardFormatA
MessageBeep
SetWindowTextA
AdjustWindowRect
SetWindowPos
RegisterWindowMessageA
LoadImageA
PostThreadMessageA
RegisterHotKey
VkKeyScanA
PostQuitMessage
GetSystemMetrics
KillTimer
SetTimer
UpdateWindow
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
SetRect
CharNextA
GetSysColorBrush
GetMenuItemInfoA
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
ScreenToClient
SetWindowRgn
CopyRect
LoadCursorA
SetCursor
DrawTextA
InvalidateRect
GetDC
ClientToScreen
OffsetRect
PtInRect
GetMessagePos
MapWindowPoints
GetParent
PostMessageA
GetSysColor
SendMessageA
LoadIconA
EnableWindow
ReleaseCapture
SetCapture
GetWindowRect
DeferWindowPos

gdi32

CreatePatternBrush
CreateRectRgnIndirect
GetTextColor
GetRgnBox
ExtSelectClipRgn
GetClipBox
SetPixel
GetPixel
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
MoveToEx
LineTo
CreatePen
GetObjectA
CreateBitmap
SetMapMode
SetBkColor
SetDIBits
CreateDCA
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
ExcludeClipRect
RestoreDC
CombineRgn
CreateRoundRectRgn
CreateRectRgn
SetBkMode
SetTextColor
SelectObject
PtInRegion
CreatePolygonRgn
GetDeviceCaps
StretchBlt
CreateSolidBrush
DeleteObject
GetStockObject
CreateICA
DeleteDC
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
BitBlt
LPtoDP
DPtoLP
GetWindowExtEx
GetViewportExtEx
GetMapMode
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontA
SaveDC

msimg32

TransparentBlt

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegEnumValueA
RegQueryValueExA
RegDeleteValueA
RegQueryInfoKeyA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA

shell32

Shell_NotifyIconA
SHChangeNotify
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHQueryRecycleBinA
DragFinish
DragQueryFileA
ShellExecuteA

comctl32

ImageList_ReplaceIcon
_TrackMouseEvent
ord17
ImageList_Destroy
ImageList_Create
ImageList_Draw
ImageList_GetImageInfo

shlwapi

SHDeleteKeyA
SHCopyKeyA
PathMatchSpecA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA

oledlg

ord8

ole32

CoTaskMemAlloc
CoGetClassObject
CoUninitialize
CoInitialize
CreateStreamOnHGlobal
CoInitializeEx
CoCreateInstance
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize

oleaut32

SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysFreeString
OleCreateFontIndirect
OleLoadPicture

urlmon

URLDownloadToCacheFileA

ws2_32

WSAStartup
socket
htons
sendto

netapi32

Netbios

Sections

.text
Size: 804KB - Virtual size: 801KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e3263163e03521fff434962bd144a95

Headers

File Characteristics

PDB Paths

Imports

wininet

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

ws2_32

netapi32

Sections

.text Size: 804KB - Virtual size: 801KB

.rdata Size: 188KB - Virtual size: 186KB

.data Size: 32KB - Virtual size: 53KB

.rsrc Size: 132KB - Virtual size: 128KB

.text
Size: 804KB - Virtual size: 801KB

.rdata
Size: 188KB - Virtual size: 186KB

.data
Size: 32KB - Virtual size: 53KB

.rsrc
Size: 132KB - Virtual size: 128KB