4ced4eff9ee7f137f1bd5d76b2e8bd61_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4ced4eff9ee7f137f1bd5d76b2e8bd61_JaffaCakes118
Size

1.2MB
MD5

4ced4eff9ee7f137f1bd5d76b2e8bd61
SHA1

f9f6650c7e4b1f3fc2ea328d8eb76bd697144203
SHA256

2f7e4d03ffd6a0760f2c7d6bbf9da59843d6e936658155a56241d10ae29bd9bd
SHA512

3311f2d7e1c487cd7bccb22874df16a6c4b09b2349eb883f3860640434622964479c5bd1b395933f804291e928562dc150905fca1913f55d1955b4cb0facc5fa
SSDEEP

24576:FE+ialAX9wzvYvAsjF4xvXmHoxZGqulVzTS:+1jmmHoxYqul1T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ced4eff9ee7f137f1bd5d76b2e8bd61_JaffaCakes118

Files

4ced4eff9ee7f137f1bd5d76b2e8bd61_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d2a8c4c2c30a5acf9db8d1e839f9d56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\projects\Svn\Ultimate Fixer\desktop\trunk\App\Demo-Release\App.pdb

Imports

wininet

InternetGetConnectedState
InternetCanonicalizeUrlA
InternetReadFile
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
FindCloseUrlCache
InternetCloseHandle
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA

kernel32

EnumResourceLanguagesA
ConvertDefaultLocale
lstrcmpA
GlobalFlags
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
SetErrorMode
GetCurrentDirectoryA
GetTickCount
ExitProcess
RtlUnwind
GetTimeFormatA
GetDateFormatA
SuspendThread
HeapAlloc
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
ExitThread
HeapSize
GetTimeZoneInformation
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
UnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
SetEnvironmentVariableA
GetLocaleInfoW
GetFullPathNameA
lstrcpyA
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
GetFileTime
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
SetLastError
FormatMessageA
lstrcpynA
LocalAlloc
LocalFree
MoveFileExA
GetVolumeInformationW
ReleaseMutex
CreateMutexA
CreateMailslotA
InterlockedDecrement
InterlockedIncrement
CopyFileA
WritePrivateProfileStringA
TerminateProcess
GetVolumeInformationA
ExpandEnvironmentStringsA
DeviceIoControl
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemDirectoryA
RemoveDirectoryA
CreateDirectoryA
SetFileAttributesA
GetFileAttributesA
CompareStringW
CompareStringA
lstrcmpiA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentThreadId
GlobalAddAtomA
SetUnhandledExceptionFilter
GetVersion
ResumeThread
OpenEventA
GetCurrentThread
SetCurrentDirectoryA
GetFileAttributesExA
SetFilePointer
GetFileSize
SetEndOfFile
CreateWaitableTimerA
SetWaitableTimer
WaitForMultipleObjects
CancelWaitableTimer
LocalFileTimeToFileTime
SetThreadPriority
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
GetCommandLineA
GetWindowsDirectoryA
MulDiv
FreeResource
GlobalLock
GlobalFree
GlobalUnlock
GlobalAlloc
CreateThread
TerminateThread
CreateFileA
ReadFile
GetLastError
WriteFile
LoadLibraryA
GetProcAddress
FreeLibrary
MoveFileA
GetCurrentProcessId
DeleteFileA
GetSystemTime
Sleep
SetEvent
GetLogicalDrives
GetDriveTypeA
GetLocalTime
SystemTimeToFileTime
FileTimeToSystemTime
GetModuleFileNameA
FindResourceExA
GlobalDeleteAtom
CreateEventA
CreateProcessA
WaitForSingleObject
CloseHandle
MultiByteToWideChar
GetModuleHandleA
ResetEvent
lstrlenA
WideCharToMultiByte
FindNextFileA
FindFirstFileA
FindClose
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
HeapFree
GetProcessHeap

user32

UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
BringWindowToTop
SetMenu
GetDesktopWindow
TranslateAcceleratorA
EndPaint
BeginPaint
GetWindowDC
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
ShowWindow
MoveWindow
IsDialogMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
GetMenu
AdjustWindowRectEx
EqualRect
DeferWindowPos
RegisterClassA
GetDlgCtrlID
CallWindowProcA
SetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetActiveWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
OemToCharA
UnregisterClassA
CharUpperA
MessageBoxA
RegisterClassExA
CreateWindowExA
CreatePopupMenu
AppendMenuA
TrackPopupMenu
DestroyMenu
SetForegroundWindow
GetMessageA
TranslateMessage
DispatchMessageA
CopyIcon
GetCursorPos
FrameRect
LoadBitmapA
DestroyCursor
ReleaseDC
IsRectEmpty
GetClassInfoA
DefWindowProcA
IsWindow
WindowFromPoint
GetFocus
GetCapture
ShowCaret
HideCaret
SetCaretPos
CreateCaret
SetRectEmpty
IntersectRect
GetSysColor
FillRect
InflateRect
GetKeyState
GrayStringA
DrawTextExA
TabbedTextOutA
GetClientRect
GetDlgItem
LoadMenuA
wsprintfA
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
ValidateRect
ShowOwnedPopups
MapDialogRect
SetWindowTextA
AdjustWindowRect
SetWindowPos
RegisterWindowMessageA
LoadImageA
PostThreadMessageA
RegisterHotKey
VkKeyScanA
DestroyIcon
PostQuitMessage
GetSystemMetrics
KillTimer
SetTimer
IsWindowVisible
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
SetRect
CharNextA
GetMenuItemInfoA
GetSysColorBrush
GetWindow
SetWindowContextHelpId
UpdateWindow
ScreenToClient
SetWindowRgn
CopyRect
LoadCursorA
SetCursor
DrawTextA
InvalidateRect
GetDC
ClientToScreen
OffsetRect
PtInRect
LoadIconA
GetMessagePos
MapWindowPoints
ReleaseCapture
SetCapture
GetWindowRect
SendMessageA
EnableWindow
GetParent
PostMessageA
GetWindowLongA

gdi32

ExtSelectClipRgn
CreatePatternBrush
GetTextColor
GetRgnBox
GetClipBox
CreateRectRgnIndirect
SetPixel
GetPixel
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
MoveToEx
LineTo
CreatePen
GetObjectA
CreateBitmap
SetMapMode
SetBkColor
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
ExcludeClipRect
RestoreDC
CreateCompatibleBitmap
CreateFontA
CreateRoundRectRgn
SetBkMode
SetTextColor
SelectObject
PtInRegion
CreatePolygonRgn
SetDIBits
CreateDCA
GetDeviceCaps
StretchBlt
CreateSolidBrush
DeleteObject
GetStockObject
CreateICA
DeleteDC
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
BitBlt
LPtoDP
DPtoLP
GetWindowExtEx
GetViewportExtEx
GetMapMode
GetBkColor
CreateCompatibleDC
SaveDC

msimg32

TransparentBlt

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA
RegQueryInfoKeyA
RegDeleteValueA
RegEnumValueA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameA
RegDeleteKeyA
RegOpenKeyA

shell32

ShellExecuteA
Shell_NotifyIconA
SHChangeNotify
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHQueryRecycleBinA
DragFinish
DragQueryFileA
ExtractIconA

comctl32

ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_GetImageCount
ImageList_SetImageCount
ImageList_Destroy
ImageList_Create
ord17
ImageList_Draw
ImageList_GetImageInfo

shlwapi

SHCopyKeyA
PathUnquoteSpacesA
PathMatchSpecA
StrRChrA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
SHDeleteKeyA
PathFindFileNameA

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
CoInitializeEx
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize

oleaut32

SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysStringLen
VariantInit
VariantChangeType
VariantClear
OleLoadPicture
SysAllocStringLen
OleCreateFontIndirect
SysFreeString

urlmon

URLDownloadToCacheFileA

ws2_32

WSAStartup
socket
htons
sendto

netapi32

Netbios

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 892KB - Virtual size: 888KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d2a8c4c2c30a5acf9db8d1e839f9d56

Headers

File Characteristics

PDB Paths

Imports

wininet

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

ws2_32

netapi32

version

Sections

.text Size: 892KB - Virtual size: 888KB

.rdata Size: 212KB - Virtual size: 208KB

.data Size: 28KB - Virtual size: 52KB

.rsrc Size: 132KB - Virtual size: 129KB

.text
Size: 892KB - Virtual size: 888KB

.rdata
Size: 212KB - Virtual size: 208KB

.data
Size: 28KB - Virtual size: 52KB

.rsrc
Size: 132KB - Virtual size: 129KB