3a962012f38fd74707fce2f66da18cf0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3a962012f38fd74707fce2f66da18cf0_JaffaCakes118
Size

496KB
MD5

3a962012f38fd74707fce2f66da18cf0
SHA1

fbe8b1f03d4a8d4666b27ba473f5b3607780a876
SHA256

d90689c552ee34390ec4a55dc768723f7b845cb7827c5ebc8220b168f57e15af
SHA512

526a3c95583558e0ac256c99b86031ec68a14c5238aacbc90b1285ffeecd9023f36c9150db9515c59df46445b9447305d3e3ec4a44fee165005f2d58d1ad16e7
SSDEEP

12288:bXPBjtuGfwVcIW1kRzdAdNPNxRgGMC5RTfDg:bXPdtu6wLHpAdNlxRo+T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a962012f38fd74707fce2f66da18cf0_JaffaCakes118

Files

3a962012f38fd74707fce2f66da18cf0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a36902ec27db8d394004fd0920b94f43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

shlwapi

PathRemoveFileSpecA

netapi32

Netbios

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

user32

SetRect
GetDC
ReleaseDC
SetWindowPos
SystemParametersInfoA
InvalidateRect
SetCursor
OffsetRect
TrackMouseEvent
GetWindowRect
LoadCursorA
RegisterWindowMessageA
DefDlgProcA
IsWindowUnicode
PostThreadMessageA
RegisterClipboardFormatA
EnableWindow
IsWindow
SetTimer
IsIconic
GetSystemMetrics
DrawIcon
ScreenToClient
GetClientRect
PtInRect
SetForegroundWindow
SendMessageA
PostMessageA
PostQuitMessage
TranslateMessage
DispatchMessageA
GetParent
SetFocus
GetFocus
GetSysColor
InflateRect
UnionRect
SetRectEmpty
CopyRect
DestroyMenu
DestroyCursor
DestroyIcon
LoadIconA
FindWindowA
GetLastActivePopup
BringWindowToTop
MessageBeep
CopyAcceleratorTableA
GetNextDlgTabItem
GetActiveWindow
KillTimer
GetWindowLongA
GetSysColorBrush
GetClassNameA
GetDesktopWindow
CharUpperA
CharNextA
LoadStringA
GetWindowDC
MapWindowPoints
AdjustWindowRectEx
GetTopWindow
IsChild
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
WindowFromPoint
ClientToScreen
TrackPopupMenuEx
GetSubMenu
DrawFocusRect
FrameRect
DrawStateA
FillRect
LoadMenuA
SetWindowRgn
TabbedTextOutA
DrawTextA
GrayStringA
GetCursorPos
IsRectEmpty
DefWindowProcA
EndPaint
BeginPaint
UpdateWindow
ShowWindow
CreateWindowExA
GetMessageA
UnregisterClassA
DestroyWindow
SetWindowLongA
TrackPopupMenu
SetMenuDefaultItem
DrawEdge
GetCapture
ReleaseCapture
GetNextDlgGroupItem
LoadBitmapA
SetWindowTextA
MessageBoxExA
EnumDisplayDevicesA
GetMenuItemCount
GetMenuItemID
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
IntersectRect
GetWindowPlacement
MoveWindow
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapDialogRect
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
ExcludeUpdateRgn
ShowCaret
HideCaret
MessageBoxA
IsWindowEnabled
SetWindowsHookExA
PeekMessageA
IsWindowVisible
ValidateRect
CallNextHookEx
GetKeyState
EnableMenuItem

winmm

waveOutGetNumDevs
waveOutGetDevCapsA

kernel32

FreeLibrary
SetCurrentDirectoryA
FindFirstFileA
MoveFileA
ExitProcess
GetVersionExA
Sleep
MulDiv
TerminateThread
GetProcAddress
SetFileAttributesA
GetTickCount
MultiByteToWideChar
GetModuleHandleA
GetVersion
GetShortPathNameA
MoveFileExA
LeaveCriticalSection
GetLocalTime
EnterCriticalSection
ExpandEnvironmentStringsA
FindClose
FindNextFileA
InitializeCriticalSection
DeleteCriticalSection
ResumeThread
SizeofResource
LockResource
LoadResource
FindResourceA
GlobalUnlock
GlobalLock
GlobalAlloc
CreateEventA
GlobalFree
WaitForSingleObject
ResetEvent
SetEvent
GetPriorityClass
LocalFree
FormatMessageA
GetComputerNameA
GlobalMemoryStatus
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
GetProfileStringA
QueryPerformanceCounter
QueryPerformanceFrequency
HeapFree
HeapAlloc
GetProcessHeap
WriteFile
ReadFile
GetFileSize
CreateFileA
GetCurrentThreadId
GetCurrentThread
lstrcmpA
GlobalDeleteAtom
InterlockedIncrement
InterlockedDecrement
lstrlenA
WideCharToMultiByte
lstrcpyA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcatA
SetLastError
lstrcpynA
GetThreadLocale
DuplicateHandle
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFullPathNameA
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
WritePrivateProfileStringA
GetProcessVersion
GetCPInfo
GetOEMCP
GetFileAttributesA
GetFileTime
SetErrorMode
RtlUnwind
CreateThread
ExitThread
GetTimeZoneInformation
GetSystemTime
GetStartupInfoA
GetCommandLineA
RaiseException
GetACP
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetModuleFileNameA
LoadLibraryA
GetSystemDirectoryA
Process32First
lstrcmpiA
OpenProcess
GetExitCodeProcess
TerminateProcess
Process32Next
DeleteFileA
GetCurrentProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateProcessA
CreateMutexA
GetLastError
ReleaseMutex
CreateToolhelp32Snapshot
Module32First
CloseHandle

gdi32

GetTextExtentPointA
GetTextColor
PatBlt
CreatePen
GetWindowExtEx
GetViewportExtEx
PolyBezierTo
GetCurrentPositionEx
LineTo
MoveToEx
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
CreateDIBitmap
SetBkMode
RestoreDC
SaveDC
GetClipBox
CreateRectRgn
SelectClipRgn
StretchBlt
GetTextMetricsA
GetTextExtentPoint32A
Escape
TextOutA
RectVisible
PtVisible
LPtoDP
GetMapMode
DPtoLP
GetBkColor
CreateSolidBrush
BeginPath
EndPath
StrokeAndFillPath
PathToRegion
CombineRgn
GetPixel
CreateBitmap
SetBkColor
SetTextColor
CreateCompatibleBitmap
GetStockObject
ExtTextOutA
SelectObject
CreateDCA
DeleteDC
GetDeviceCaps
CreateFontA
GetObjectA
CreateFontIndirectA
DeleteObject
CreateCompatibleDC
BitBlt

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyA
RegEnumValueA
RegCloseKey

shell32

ShellExecuteA
SHFileOperationA
SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteExA

comctl32

ord17
_TrackMouseEvent
ImageList_Destroy

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
CoInitialize
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253
ord251

oleaut32

SysFreeString
SysStringLen
SysAllocStringByteLen
SysAllocStringLen
VariantCopy
SysAllocString
VariantChangeType
VariantTimeToSystemTime
VariantClear

urlmon

URLDownloadToFileA

wininet

HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
DeleteUrlCacheEntry
InternetGetLastResponseInfoA

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

Sections

.text
Size: 300KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a36902ec27db8d394004fd0920b94f43

Headers

File Characteristics

Imports

iphlpapi

shlwapi

netapi32

version

user32

winmm

kernel32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

wininet

rpcrt4

Sections

.text Size: 300KB - Virtual size: 296KB

.rdata Size: 140KB - Virtual size: 136KB

.data Size: 28KB - Virtual size: 46KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 300KB - Virtual size: 296KB

.rdata
Size: 140KB - Virtual size: 136KB

.data
Size: 28KB - Virtual size: 46KB

.rsrc
Size: 24KB - Virtual size: 23KB