48d5b995b952f44986ec33103a2afa55_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

48d5b995b952f44986ec33103a2afa55_JaffaCakes118
Size

2.1MB
MD5

48d5b995b952f44986ec33103a2afa55
SHA1

d73d8ce8e9ea74ca26a82e7b764b48a208f88a7d
SHA256

431036d3bf0a68480fdb888ed60986aafcee975526a557a30c0f3769fe404439
SHA512

2f2a237afba58f976f87f5241ffc893f9a5c4be4f68f29cae1984601daab3bcf3ff219702f2ec6771e10cee0bc0bb99459872b66800eae823eeb602d3bc316e5
SSDEEP

49152:V6+Owa1P0usmaaul3399fvz0aaZoO5TLspY:VrBAjaao33jfvz0gORspY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48d5b995b952f44986ec33103a2afa55_JaffaCakes118

Files

48d5b995b952f44986ec33103a2afa55_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0c0c620ed13f331fb41d5cf9569c3c64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\hronline\HRclient.pdb

Imports

kernel32

EnterCriticalSection
InitializeCriticalSection
CreateDirectoryW
GetProcessAffinityMask
Sleep
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
CloseHandle
ReadFile
CreateFileA
QueryPerformanceCounter
QueryPerformanceFrequency
CreateEventA
CreateMutexA
LeaveCriticalSection
ReleaseMutex
GetFullPathNameA
GetFullPathNameW
LocalFree
FormatMessageA
GetLastError
OutputDebugStringA
GetStdHandle
WriteConsoleW
DeleteCriticalSection
DeleteFileA
LoadResource
GetSystemInfo
IsProcessorFeaturePresent
VirtualQuery
LockResource
SizeofResource
FindResourceW
SetEnvironmentVariableA
WriteConsoleA
GetProcessHeap
GetLocaleInfoA
GetConsoleCP
GetConsoleOutputCP
GetCurrentDirectoryW
SetCurrentDirectoryW
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GetModuleFileNameW
GetProcAddress
GetDateFormatA
GetTimeFormatA
GetModuleHandleW
GetStringTypeW
GetStringTypeA
SetErrorMode
GetTimeZoneInformation
VirtualAlloc
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetCurrentDirectoryA
PeekNamedPipe
GetFileInformationByHandle
LCMapStringW
OpenMutexA
LCMapStringA
GetTickCount
GetVersionExA
lstrcmpW
FreeLibrary
SetLastError
LoadLibraryA
CompareStringW
LoadLibraryW
GetVersionExW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetCurrentThreadId
FreeResource
MulDiv
FormatMessageW
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalAlloc
InterlockedDecrement
GetModuleHandleA
SetThreadPriority
WaitForSingleObject
SetEvent
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
InterlockedIncrement
InterlockedExchange
CompareStringA
lstrcmpA
GetCurrentThread
GetCurrentProcessId
lstrlenA
SystemTimeToFileTime
FindClose
FindFirstFileW
GetFileAttributesExW
LocalFileTimeToFileTime
SetFileTime
CreateFileW
SetFileAttributesW
GetFileAttributesW
GetFileSizeEx
GetFileTime
WriteFile
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
SetStdHandle
HeapSize
HeapReAlloc
GetFileType
HeapFree
HeapAlloc
CreateThread
ExitThread
ExitProcess
FindFirstFileA
GetDriveTypeA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
GetSystemTimeAsFileTime
RtlUnwind
GetStartupInfoW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers

user32

GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
EnableWindow
SetForegroundWindow
UpdateWindow
GetClientRect
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
GetParent
GetDlgCtrlID
SendMessageW
CopyRect
PtInRect
GetMenu
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindow
GetDesktopWindow
GetWindowInfo
MoveWindow
EnumDisplayDevicesA
EnumDisplaySettingsA
DrawTextW
GetKeyState
GetClipboardData
OpenClipboard
SetClipboardData
CloseClipboard
SetCapture
ReleaseCapture
UnregisterClassW
ChangeDisplaySettingsW
AdjustWindowRectEx
CreateWindowExW
DestroyWindow
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
RegisterWindowMessageW
IsWindowEnabled
CheckMenuItem
MessageBoxA
LoadIconW
SetActiveWindow
GetMessageW
GetActiveWindow
ValidateRect
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
TabbedTextOutW
GetMenuState
SetFocus
GetAsyncKeyState
GetKeyboardLayout
CallWindowProcW
ScreenToClient
GetCursorPos
WaitMessage
TranslateAcceleratorW
TranslateMessage
PeekMessageW
EnableMenuItem
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
IsDialogMessageW
SetWindowTextW
DestroyMenu
PostQuitMessage
GetWindowThreadProcessId
GetSysColorBrush
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
CharUpperW
DispatchMessageW
GetWindowLongW
SetWindowLongW
PostMessageW
ChangeDisplaySettingsA
ShowWindow
ReleaseDC
EmptyClipboard
GetDC
DefWindowProcW
RegisterClassExW
LoadCursorW

gdi32

CreateFontW
GetStockObject
CreateBitmap
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
RectVisible
PtVisible
SetMapMode
RestoreDC
SaveDC
GetDeviceCaps
GetObjectW
GetClipBox
TextOutW
CreateCompatibleDC
SetGraphicsMode
SetBkColor
DeleteDC
GetTextExtentPoint32W
SetBkMode
SetTextColor
CreateDIBSection
CreateFontIndirectA
SelectObject
DeleteObject
ChoosePixelFormat
DescribePixelFormat
SetPixelFormat
SwapBuffers

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA
DragAcceptFiles

shlwapi

PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW
UrlUnescapeW
PathStripToRootW
PathIsUNCW
PathFileExistsW
PathAppendW

opengl32

glNormal3d
glScaled
glNormal3f
glVertex3d
glVertexPointer
glRasterPos3f
glGetTexEnvfv
glIsEnabled
glColor3fv
glFogi
glFogfv
glFogf
glLightfv
glLightf
glNormalPointer
glHint
glTexGenfv
glNewList
glEndList
glCallList
glCopyTexSubImage2D
glTexParameterf
glGenLists
glDeleteLists
wglGetProcAddress
glTexEnvfv
glPolygonMode
glDepthRange
glReadPixels
glMaterialfv
glEnd
glVertex2f
glBegin
glColor4ub
glBlendFunc
glEnable
glDisable
glClear
glVertex3fv
glColor3ub
glDepthMask
glAlphaFunc
glColor4f
glPointSize
glPopMatrix
glVertex3f
glTranslatef
glPushMatrix
glLineWidth
glGetError
glLightModelfv
glColorMaterial
glCullFace
glFrontFace
glLightModeli
glDepthFunc
glShadeModel
glClearStencil
glClearColor
glGetFloatv
glGetIntegerv
wglGetCurrentDC
glGetString
glGetBooleanv
glVertex2i
glColor3f
glDeleteTextures
glColor4fv
glColorMask
glDisableClientState
glDrawElements
glMaterialf
glEnableClientState
glDrawArrays
glTexCoordPointer
glFlush
wglMakeCurrent
glRotatef
glDrawBuffer
wglDeleteContext
wglShareLists
wglCreateContext
wglGetCurrentContext
glViewport
glScalef
glMultMatrixf
glNormal3fv
glTexImage2D
glBindTexture
glTexParameteri
glGenTextures
glTexSubImage2D
glOrtho
glLoadIdentity
glMatrixMode
glLineStipple
glScissor
glPushName
glInitNames
glRenderMode
glSelectBuffer
glTexEnvi
glTexGeni
glPolygonOffset
glStencilOp
glStencilFunc
glTexCoord2fv
glColor3ubv
glTexCoord2f
glLoadName
glColor4ubv

glu32

gluPerspective
gluLookAt
gluBuild2DMipmaps
gluPickMatrix

imm32

ImmIsIME
ImmGetContext
ImmGetCompositionFontW
ImmSetCompositionWindow
ImmReleaseContext
ImmGetDescriptionA
ImmSimulateHotKey

devil

ilCopyImage
ilGenImages
ilGetPalette
ilGetInteger
ilBindImage
ilDeleteImages
ilConvertPal
ilLoadL
ilTypeFromExt
ilInit
ilRegisterOrigin
ilConvertImage
ilDefaultImage
ilLoadImage
ilGetData
ilSaveImage

ilut

ilutInit
ilutGLBindTexImage
ilutGLBindMipmaps

ilu

iluScale
iluFlipImage
iluInit
iluGetImageInfo

openal32

alGenBuffers
alcGetString
alcGetContextsDevice
alcGetCurrentContext
alDeleteSources
alGetError
alGenSources
alcCloseDevice
alcDestroyContext
alcMakeContextCurrent
alcCreateContext
alcOpenDevice
alGetEnumValue
alSourcei
alIsBuffer
alSourceStop
alSourceUnqueueBuffers
alSourceQueueBuffers
alDeleteBuffers
alGetString
alBufferData
alGetSourcei
alSourcePlay
alSourcef

ole32

CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize

oleaut32

VariantInit
VariantChangeType
VariantClear

wininet

InternetWriteFile
InternetReadFile
HttpSendRequestW
InternetConnectW
InternetOpenUrlW
HttpOpenRequestW
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetQueryDataAvailable
InternetSetFilePointer

ws2_32

socket
getsockname
listen
shutdown
accept
__WSAFDIsSet
select
recv
WSAStartup
WSAIoctl
getsockopt
bind
closesocket
htons
connect
htonl
inet_addr
inet_ntoa
WSAGetLastError
sendto
setsockopt
recvfrom
ntohs
send
gethostbyname
ioctlsocket
WSACleanup
gethostname

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 423KB - Virtual size: 422KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 895KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c0c620ed13f331fb41d5cf9569c3c64

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

opengl32

glu32

imm32

devil

ilut

ilu

openal32

ole32

oleaut32

wininet

ws2_32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 423KB - Virtual size: 422KB

.data Size: 91KB - Virtual size: 895KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 423KB - Virtual size: 422KB

.data
Size: 91KB - Virtual size: 895KB

.rsrc
Size: 15KB - Virtual size: 14KB