42920fd0fd3363c3cd4037afe8b60451_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

42920fd0fd3363c3cd4037afe8b60451_JaffaCakes118
Size

1.6MB
MD5

42920fd0fd3363c3cd4037afe8b60451
SHA1

aa0e2add3578396eb08b8e0f70c425e6dc53f797
SHA256

c8bf667f5ca36fdfa667600f8183b1a5121e10a491f981b26b9d805d885577ec
SHA512

9b4c7affe1f645b83d371a737eeedfc7e074c2ce832fb083f2b1bff97efb9f381439ef40fe7baa0b559e57bbf99ccc19265956577ffb049bf010e27babe9ebe9
SSDEEP

24576:21pvA/jCMeRgDzQ2HKMB70DoEVem0TtI/s+FIEyFlyDLZy4gRQmp0+Jw:AoGQnt3nNnyw4gym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42920fd0fd3363c3cd4037afe8b60451_JaffaCakes118

Files

42920fd0fd3363c3cd4037afe8b60451_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55331cb91559c01bc0977903f823bf32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\RHUB2\Code\PCGUI\Release\PCGUI.pdb

Imports

ws2_32

WSAGetLastError
send
connect
shutdown
socket
htons
inet_addr
WSALookupServiceEnd
WSAAddressToStringW
WSALookupServiceNextW
WSALookupServiceBeginW
gethostname
htonl
ioctlsocket
WSACleanup
WSAStartup
select
recv
closesocket
gethostbyname
setsockopt
inet_ntoa
__WSAFDIsSet

comctl32

ImageList_GetImageInfo
ImageList_Create
ImageList_Destroy
CreatePropertySheetPageA
PropertySheetA
ImageList_ReplaceIcon
ImageList_SetBkColor
ord17
_TrackMouseEvent
ImageList_Draw

imm32

ImmAssociateContext

kernel32

GetFileType
HeapReAlloc
GetTimeFormatA
GetDateFormatA
HeapSize
VirtualProtect
VirtualAlloc
GetStdHandle
UnhandledExceptionFilter
ExitThread
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetTimeZoneInformation
SetStdHandle
LCMapStringA
LCMapStringW
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetDriveTypeA
GetDriveTypeW
RtlUnwind
GetStartupInfoW
GetCurrentDirectoryW
WritePrivateProfileStringW
GetPrivateProfileIntW
SetErrorMode
InterlockedIncrement
TlsFree
LocalReAlloc
GlobalHandle
GlobalReAlloc
GlobalFlags
GlobalGetAtomNameW
GetTickCount
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
FileTimeToSystemTime
SuspendThread
SetThreadPriority
InterlockedDecrement
lstrcpynW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
lstrcatW
lstrcmpW
FreeResource
CreateSemaphoreA
GetTempPathA
GetTempFileNameA
DeleteFileA
GetModuleHandleW
CreateSemaphoreW
LocalFree
LocalAlloc
WaitForMultipleObjects
SetProcessShutdownParameters
ExitProcess
GetComputerNameA
GetVersionExA
LoadLibraryA
GetCurrentDirectoryA
QueryPerformanceCounter
QueryPerformanceFrequency
HeapAlloc
GetProcessHeap
HeapFree
CreateFileA
GetModuleFileNameA
ExpandEnvironmentStringsA
TlsAlloc
TlsGetValue
GetCurrentThread
CreateThread
TlsSetValue
GetModuleHandleA
CreateEventA
Thread32First
Thread32Next
GetUserDefaultUILanguage
GetUserDefaultLCID
ReleaseSemaphore
FormatMessageA
SetFilePointer
IsDebuggerPresent
GetSystemTimeAsFileTime
lstrcpyW
GlobalMemoryStatus
GetSystemInfo
VirtualQuery
GetFileTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
OutputDebugStringW
GetCurrentThreadId
GetProcAddress
GetCurrentProcessId
WriteFile
GetFileAttributesW
FormatMessageW
OpenProcess
TerminateProcess
lstrlenW
WideCharToMultiByte
GetDiskFreeSpaceExW
GetTempFileNameW
GetCurrentProcess
GetVersion
GetWindowsDirectoryW
LoadLibraryW
FreeLibrary
MulDiv
GlobalFree
CreateEventW
ResumeThread
SetEvent
WaitForSingleObject
ResetEvent
CreateFileW
GetFileSize
CopyFileW
RemoveDirectoryW
GetLastError
FindFirstFileW
FindNextFileW
FindClose
SetFileAttributesW
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
SetLastError
GetLongPathNameW
DeleteFileW
lstrcmpiW
GlobalAlloc
GlobalLock
GlobalUnlock
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CloseHandle
Sleep
SetUnhandledExceptionFilter
GetLogicalDrives
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetTempPathW
CreateDirectoryW
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
FindResourceA
FreeEnvironmentStringsA

user32

CharUpperW
PostQuitMessage
ShowOwnedPopups
RegisterClipboardFormatW
TranslateAcceleratorW
BringWindowToTop
InsertMenuItemW
LoadAcceleratorsW
ReuseDDElParam
UnpackDDElParam
GetSysColorBrush
SendDlgItemMessageW
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthW
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
GetScrollPos
GetMenu
GetMenuItemID
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetClassInfoW
GetDlgCtrlID
CallWindowProcW
GetWindowPlacement
ScreenToClient
DrawTextExW
DrawTextW
TabbedTextOutW
SetActiveWindow
CreateDialogIndirectParamW
IsWindowEnabled
GetNextDlgTabItem
GetMessageW
RegisterClassW
CreateWindowExW
VkKeyScanA
MapVirtualKeyA
keybd_event
mouse_event
GetProcessWindowStation
EnumDesktopsA
EnumDesktopWindows
GetClassNameA
FindWindowA
OpenDesktopA
OpenInputDesktop
GetUserObjectInformationA
GetThreadDesktop
SetThreadDesktop
CloseDesktop
PostThreadMessageA
GetWindowTextA
SetPropA
ClientToScreen
GetWindowDC
CallWindowProcA
GetPropA
DefWindowProcA
GetKeyboardState
ToAscii
GetClipboardOwner
GetClipboardData
ChangeClipboardChain
SetClipboardViewer
SystemParametersInfoA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
PostMessageA
CreateDialogParamA
GetMessageA
SetDlgItemTextA
GetDlgItemTextA
DialogBoxParamA
EndDialog
GetDlgItem
ValidateRect
InsertMenuA
GetUpdateRect
CreateWindowExA
EnableMenuItem
DestroyWindow
LoadImageA
RegisterClassA
LoadBitmapA
BeginPaint
EndPaint
GetAsyncKeyState
TrackPopupMenu
CreatePopupMenu
AppendMenuA
DestroyMenu
SendMessageA
SetWindowTextA
GetWindowLongA
AdjustWindowRect
SetWindowLongA
SetScrollInfo
ShowCursor
ScrollWindowEx
UpdateWindow
UnregisterClassA
PeekMessageA
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageA
IntersectRect
EnumWindows
GetForegroundWindow
UnionRect
GetActiveWindow
wsprintfW
wvsprintfW
GetDCEx
SetWindowPos
DrawIcon
DrawIconEx
SetWindowRgn
GetIconInfo
WindowFromPoint
InflateRect
IsRectEmpty
SetRectEmpty
DrawFrameControl
OffsetRect
MessageBoxExW
ShowWindow
ExitWindowsEx
LockWorkStation
GetWindowThreadProcessId
EnumThreadWindows
GetDialogBaseUnits
DefWindowProcW
GetPropW
RemovePropW
SetForegroundWindow
FlashWindow
GetDesktopWindow
GetSystemMenu
DrawMenuBar
SetMenu
CheckMenuItem
DeleteMenu
PostThreadMessageW
GetSystemMetrics
ReleaseCapture
LoadCursorW
SetCapture
RedrawWindow
PtInRect
IsWindow
IsIconic
GetWindow
SetRect
SetCursor
FindWindowW
MessageBoxW
PostMessageW
IsWindowUnicode
GetDC
ReleaseDC
GetSysColor
ModifyMenuW
InsertMenuW
DrawEdge
FillRect
LoadBitmapW
CopyRect
DrawStateW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetFocus
LoadIconW
InvalidateRect
AppendMenuW
GetClassNameW
GetWindowTextW
GetClassLongW
GetCursorPos
GetMenuItemInfoW
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
MoveWindow
IsDialogMessageW
RegisterWindowMessageW
WinHelpW
GetCapture
SetWindowsHookExW
GetClassInfoExW
ModifyMenuA
SetPropW
MapDialogRect
IsWindowVisible
LoadMenuW
RemoveMenu
GetSubMenu
GetMenuItemCount
SystemParametersInfoW
GetWindowLongW
SetWindowLongW
SetLayeredWindowAttributes
CloseWindow
GetParent
KillTimer
SetTimer
SetWindowTextW
UnregisterClassW
EnableWindow
GetClientRect
GetWindowRect
SendMessageW
MessageBeep
GrayStringW

gdi32

ScaleWindowExtEx
GetBitmapBits
GetSystemPaletteEntries
CreateRectRgnIndirect
SetBkColor
CreateDIBSection
GetObjectA
SetDIBColorTable
CreateDCA
GetDIBits
SetStretchBltMode
SetBrushOrgEx
StretchBlt
SelectPalette
RealizePalette
ResizePalette
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
PtVisible
GetPixel
MoveToEx
LineTo
SetMapMode
RestoreDC
SaveDC
SetTextColor
SetBkMode
RectVisible
SelectObject
CreateCompatibleDC
GetObjectW
CreateFontIndirectW
CreateSolidBrush
CreatePatternBrush
GdiFlush
ExtTextOutW
CreatePen
UnrealizeObject
SetPaletteEntries
CreatePalette
GetClipBox
CreateRectRgn
CombineRgn
FrameRgn
FillRgn
CreateRoundRectRgn
CreatePolygonRgn
GetStockObject
DeleteObject
DeleteDC
CreateCompatibleBitmap
CreateBitmap
CreateFontW
GetDeviceCaps
GetTextExtentPoint32W
GetCurrentObject
BitBlt

comdlg32

GetOpenFileNameW
GetSaveFileNameW
GetFileTitleW
GetSaveFileNameA
CommDlgExtendedError

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
ImpersonateLoggedOnUser
RevertToSelf
GetUserNameA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegCreateKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegSetValueExA
RegNotifyChangeKeyValue
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
CreateServiceW
StartServiceW
RegDeleteValueW
RegSetValueExW
GetUserNameW
OpenSCManagerW
OpenServiceW
ControlService
CloseServiceHandle
DeleteService
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

DragFinish
SHGetFileInfoW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
DragQueryFileW
ShellExecuteW
SHGetFolderPathW
SHCreateDirectoryExW
SHGetMalloc

shlwapi

PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoCreateInstance
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
OleRun
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize

oleaut32

SysFreeString
VariantChangeType
VariantInit
SysStringLen
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
VarDateFromStr
VarUdateFromDate
OleLoadPicture
OleLoadPicturePath

urlmon

URLDownloadToFileA

wininet

InternetOpenW
DetectAutoProxyUrl
InternetReadFileExA
InternetErrorDlg
HttpSendRequestA
InternetConnectW
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetSetOptionA
InternetReadFile
HttpOpenRequestW
HttpSendRequestW
InternetQueryOptionA
InternetCloseHandle

vistafunc

?Vista_ChangeWindowMessageFilter@@YAHIH@Z

winmm

waveInAddBuffer
waveInUnprepareHeader
waveInReset
waveInOpen
waveInPrepareHeader
waveOutReset
waveInStart
waveOutUnprepareHeader
waveOutOpen
waveOutPrepareHeader
waveOutWrite

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 272KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55331cb91559c01bc0977903f823bf32

Headers

File Characteristics

PDB Paths

Imports

ws2_32

comctl32

imm32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

urlmon

wininet

vistafunc

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 272KB - Virtual size: 269KB

.data Size: 60KB - Virtual size: 126KB

.rsrc Size: 148KB - Virtual size: 146KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 272KB - Virtual size: 269KB

.data
Size: 60KB - Virtual size: 126KB

.rsrc
Size: 148KB - Virtual size: 146KB