4a15982f758438930daca382b3b20055_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a15982f758438930daca382b3b20055_JaffaCakes118
Size

324KB
MD5

4a15982f758438930daca382b3b20055
SHA1

cc8030a25ed2a32cbe96b52786832ad11532e3dd
SHA256

dea2274fea09eb569f8b73b0f8d89e05877386345bba47f77b1989f7e9341c59
SHA512

98b56cef2b9f250e9fe58f9be1607de87bd2865779cedcf41f9942a8de1ed1fbb3176c33c38248cf336d3963bb69b645134b918fe94f1c4ed294efad41e87f54
SSDEEP

6144:PrhSVeBkU65ZuxKI/wlI3N6xglwIRFfrAEzl0Fz7iaqh:j0CkzruxJwlI3N6yyKFjAEzl0ll8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a15982f758438930daca382b3b20055_JaffaCakes118

Files

4a15982f758438930daca382b3b20055_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bee6e5ee0dc175081bda87398c233263

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

sendto
send
select
recvfrom
recv
ioctlsocket
setsockopt
htons
htonl
getsockname
gethostname
gethostbyname
connect
closesocket
shutdown
socket
inet_addr
bind
__WSAFDIsSet
WSAStartup
WSASetLastError
WSASend
WSARecv
WSAGetLastError
WSACleanup

kernel32

ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceExA
GetDriveTypeA
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetLongPathNameA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetThreadLocale
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
GetVersionExA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LockResource
MapViewOfFile
MoveFileA
MulDiv
MultiByteToWideChar
OpenEventA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
RemoveDirectoryA
ResetEvent
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
EnumResourceLanguagesA
WriteConsoleW
WriteFile
WritePrivateProfileStringA
lstrcmpA
lstrcmpW
lstrlenA
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessA
CreateMutexA
CreateFileW
CreateFileMappingA
CreateFileA
CreateEventA
CreateDirectoryA
CopyFileA
ConvertDefaultLocale
CompareStringW
CompareStringA
CloseHandle
GetVersion
WriteConsoleA

user32

GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetForegroundWindow
GetKeyState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMessageA
GetMessagePos
GetMessageTime
GetNextDlgTabItem
GetParent
GetPropA
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
GrayStringA
InflateRect
IsDialogMessageA
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
MapWindowPoints
MessageBoxA
MessageBoxW
ModifyMenuA
MoveWindow
OffsetRect
GetDC
PostMessageA
PostQuitMessage
PtInRect
RegisterClassA
RegisterWindowMessageA
ReleaseDC
RemovePropA
SendDlgItemMessageA
SendMessageA
SendMessageW
SetActiveWindow
SetCursor
SetFocus
SetForegroundWindow
SetMenuItemBitmaps
SetPropA
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowWindow
SystemParametersInfoA
TabbedTextOutA
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
ValidateRect
WinHelpA
DrawTextW
DrawTextExA
DrawTextA
DrawIcon
DispatchMessageA
DestroyWindow
DestroyMenu
DefWindowProcA
CreateWindowExA
CreateDialogIndirectParamA
CopyRect
ClientToScreen
CheckMenuItem
CallWindowProcA
CallNextHookEx
BeginPaint
AdjustWindowRectEx
GetCursorPos
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoExA
GetClassInfoA
GetCapture
GetActiveWindow
EndPaint
EndDialog
EnableWindow
PeekMessageA
EnableMenuItem

gdi32

ScaleWindowExtEx
SelectObject
SetBkMode
SetMapMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
TextOutA
SetBkColor
CreateBitmap
CreateCompatibleDC
CreateSolidBrush
DeleteDC
DeleteObject
Escape
ExtTextOutA
GetClipBox
GetDeviceCaps
GetObjectA
GetStockObject
OffsetViewportOrgEx
PtVisible
RectVisible
RestoreDC
SaveDC
ScaleViewportExtEx
BitBlt

advapi32

RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
InitializeSecurityDescriptor
RegEnumValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueA
RegQueryValueExA
RegSetValueExA
SetSecurityDescriptorDacl
RegEnumKeyA

shell32

Shell_NotifyIconA
Shell_NotifyIconW
ShellExecuteA

oleaut32

VariantChangeType
VariantClear
VariantInit

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

shlwapi

PathFindFileNameA
PathFindExtensionA
SHDeleteKeyA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

Win32MiniDumpInit

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bee6e5ee0dc175081bda87398c233263

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

advapi32

shell32

oleaut32

winspool.drv

shlwapi

version

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.rdata Size: 44KB - Virtual size: 44KB

.data Size: 80KB - Virtual size: 2.4MB

.idata Size: 12KB - Virtual size: 12KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 164KB - Virtual size: 164KB

.rdata
Size: 44KB - Virtual size: 44KB

.data
Size: 80KB - Virtual size: 2.4MB

.idata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 20KB - Virtual size: 20KB