5ac60de2642ef3c570eec419031beeca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5ac60de2642ef3c570eec419031beeca_JaffaCakes118
Size

484KB
MD5

5ac60de2642ef3c570eec419031beeca
SHA1

eb435c96c9ce0f4bd1193c65e04b40d0be0f096d
SHA256

451617440a3a4df65436db1b7a28aaae47a9e5b17886dc3143b529aa7b5cf3ac
SHA512

5bee3f7a3dffb0b2dc30bdd704549bb5ed34512c1bd049f810c57c7bd51e82f27452bc1ff23350c208b558a0fcb06b8d2658e1d035243f717abb800166863f6a
SSDEEP

12288:i0aaHyJotvNqZwmaO0txYnbmZegJvnz322k81klRNRt5v9nKRncgCqyJ43v29sSp:i7JMvZJT3ktPNRt5v98ncgCZ43v291T9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ac60de2642ef3c570eec419031beeca_JaffaCakes118

Files

5ac60de2642ef3c570eec419031beeca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a80e3db28bdb7397a226c08023293293

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

ioctlsocket
gethostname
inet_addr
WSAStartup
recv
__WSAFDIsSet
send
WSAGetLastError
getsockname
getpeername
select
accept
listen
gethostbyname
connect
inet_ntoa
htons
htonl
bind
shutdown
closesocket
socket
setsockopt
WSACleanup

kernel32

GetVersionExA
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
LoadResource
SizeofResource
FindResourceA
CreateMutexA
OpenProcess
CreateProcessA
GetModuleFileNameA
Sleep
SetProcessShutdownParameters
WideCharToMultiByte
HeapSize
FatalAppExitA
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
SetLastError
TlsFree
ExitThread
CreateThread
GetVersion
GetCommandLineA
GlobalDeleteAtom
GetModuleHandleA
TerminateProcess
ExitProcess
RaiseException
InterlockedIncrement
InterlockedDecrement
GetLocalTime
GetTimeZoneInformation
HeapFree
HeapAlloc
RtlUnwind
InterlockedExchange
TlsGetValue
ResumeThread
TlsAlloc
GetCurrentProcess
GetCurrentThread
DuplicateHandle
TlsSetValue
SetThreadPriority
CreateSemaphoreA
ReleaseSemaphore
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalAddAtomA
GetSystemTime
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
SetHandleCount
SystemTimeToFileTime
ReadFile
GetComputerNameA
GetLogicalDriveStringsA
SetErrorMode
FindFirstFileA
FindNextFileA
FindClose
SetFileTime
CreateDirectoryA
GetCurrentProcessId
LoadLibraryA
GetProcAddress
GetCurrentThreadId
FreeLibrary
UnmapViewOfFile
GetLastError
OutputDebugStringA
GetStdHandle
WriteConsoleA
WriteFile
CloseHandle
DeleteFileA
MoveFileA
CreateFileA
SetFilePointer
SetEndOfFile
AllocConsole
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
FlushFileBuffers
GetACP
GetOEMCP
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetConsoleCtrlHandler
SetStdHandle
GetStartupInfoA
GetLocaleInfoW

user32

MapWindowPoints
CreateDialogParamA
ExitWindowsEx
GetUserObjectInformationA
GetProcessWindowStation
GetWindow
IsIconic
PostThreadMessageA
TranslateMessage
GetMessageA
MapVirtualKeyA
VkKeyScanA
GetAsyncKeyState
PostQuitMessage
GetClipboardOwner
GetClipboardData
EnumWindows
GetPropA
IsWindowVisible
SetPropA
RemovePropA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
DrawIconEx
GetIconInfo
SetClipboardViewer
FindWindowA
OpenDesktopA
EnumDesktopWindows
GetMenuState
KillTimer
ChangeClipboardChain
GetSubMenu
WaitMessage
DispatchMessageA
RegisterWindowMessageA
GetCursorPos
IntersectRect
mouse_event
GetKeyboardState
keybd_event
SetTimer
GetForegroundWindow
GetWindowThreadProcessId
SetActiveWindow
MessageBeep
FlashWindow
SetForegroundWindow
EndDialog
DialogBoxParamA
EnumDisplaySettingsA
GetThreadDesktop
OpenInputDesktop
SetThreadDesktop
CloseDesktop
GetDC
SetWindowTextA
GetWindowTextA
GetClassNameA
GetWindowDC
ReleaseDC
LoadImageA
SystemParametersInfoA
CheckMenuItem
DestroyCursor
GetParent
WindowFromPoint
IsChild
CallWindowProcA
GetSystemMetrics
SetMenuDefaultItem
TrackPopupMenu
GetMenuItemID
LoadStringA
EnableMenuItem
DestroyMenu
LoadIconA
PeekMessageA
LoadMenuA
LoadBitmapA
GetDesktopWindow
EqualRect
IsRectEmpty
GetWindowPlacement
SetWindowRgn
InflateRect
PtInRect
GetWindowRgn
InvalidateRgn
ShowWindow
GetWindowLongA
GetCapture
ClientToScreen
GetWindowRect
SetWindowPos
UpdateWindow
LoadCursorA
SetCursor
SetCapture
ClipCursor
PostMessageA
ReleaseCapture
BeginPaint
OffsetRect
FillRect
SetRect
EndPaint
DefWindowProcA
DestroyWindow
RegisterClassExA
CreateWindowExA
SetWindowLongA
GetDlgItemTextA
SetDlgItemInt
MessageBoxA
GetDlgItemInt
SetDlgItemTextA
GetFocus
SetFocus
SendMessageA
SendDlgItemMessageA
GetDlgItem
EnableWindow
ChangeDisplaySettingsA

gdi32

GetRegionData
GetObjectA
GetBitmapBits
GdiFlush
SelectObject
BitBlt
CreateDIBSection
GetStockObject
CreatePalette
SelectPalette
RealizePalette
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
GetDIBits
CreateDCA
ExtEscape
DeleteDC
GetSystemPaletteEntries
SetROP2
FrameRgn
CreateRectRgnIndirect
CombineRgn
CreateRectRgn
CreateHatchBrush
DeleteObject
CreateSolidBrush

advapi32

RegCloseKey
RegSetValueExA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
SetServiceStatus
RegOpenKeyA
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
OpenProcessToken
ImpersonateLoggedOnUser
RevertToSelf
GetUserNameA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegCreateKeyA

shell32

Shell_NotifyIconA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

comctl32

ord17

rshooks

SetMousePriorityHook
SetKeyboardPriorityLLHook
SetMousePriorityLLHook
SetKeyboardFilterHook
SetMouseFilterHook
UnSetHook
SetHook
SetKeyboardPriorityHook

Sections

.text
Size: 344KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a80e3db28bdb7397a226c08023293293

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

rshooks

Sections

.text Size: 344KB - Virtual size: 341KB

.rdata Size: 60KB - Virtual size: 56KB

.data Size: 24KB - Virtual size: 32KB

.rsrc Size: 52KB - Virtual size: 51KB

.text
Size: 344KB - Virtual size: 341KB

.rdata
Size: 60KB - Virtual size: 56KB

.data
Size: 24KB - Virtual size: 32KB

.rsrc
Size: 52KB - Virtual size: 51KB