5d2a447cafc298e2372570d04b336b18_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5d2a447cafc298e2372570d04b336b18_JaffaCakes118
Size

1.1MB
MD5

5d2a447cafc298e2372570d04b336b18
SHA1

e1b8d6075ef2529e2cc5c7d1bf46fedae593da96
SHA256

98d57d7d1a9a599281a2594fc9f57dab1388532f3f6a10b1aeb3bc59158854c4
SHA512

cccfde515d0048da1b8dd14596bd9bf7d9e90f6b046c062ee70610e8c17500dad06e69783a67f928892ade7c3809e82a94efb23d8c10c29799b11ec64670d2c1
SSDEEP

12288:12eEf5XSWnyOcNeyXqB35lZrFp46PEpY1fMbsZdgGMC5RF++SR4:3ER5n+E7rFO6PEpgo+hSR4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d2a447cafc298e2372570d04b336b18_JaffaCakes118

Files

5d2a447cafc298e2372570d04b336b18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fbf9c3a95d439fec465e60ae505913fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

shlwapi

PathFileExistsA
PathRemoveFileSpecA

netapi32

Netbios

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

user32

FrameRect
DrawFocusRect
TrackPopupMenuEx
WindowFromPoint
GetActiveWindow
GetNextDlgTabItem
GetWindowLongA
DrawStateA
DestroyMenu
UnionRect
InflateRect
EqualRect
ReleaseCapture
GetSysColorBrush
RegisterClassExA
CreateIconIndirect
DestroyCursor
DefWindowProcA
EndPaint
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
SetWindowRgn
SetRectEmpty
DrawFrameControl
IsRectEmpty
ClientToScreen
GetCapture
SetCapture
DestroyIcon
DrawIconEx
GetIconInfo
GetFocus
GetDlgItem
ShowWindow
SetDlgItemTextA
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
BeginPaint
CreateWindowExA
GetMessageA
UnregisterClassA
DestroyWindow
SetWindowLongA
GetClassNameA
EnumChildWindows
MapWindowPoints
CheckRadioButton
GetWindowThreadProcessId
SetFocus
LoadMenuA
GetSubMenu
SetMenuDefaultItem
GetCursorPos
TrackPopupMenu
GrayStringA
DrawTextA
TabbedTextOutA
EnumDisplayDevicesA
CopyRect
GetSysColor
FillRect
IsWindowVisible
IsIconic
DrawIcon
ScreenToClient
SetForegroundWindow
PostThreadMessageA
UnpackDDElParam
ReuseDDElParam
SetMenu
TranslateAcceleratorA
LoadAcceleratorsA
RegisterClipboardFormatA
RemoveMenu
AppendMenuA
MessageBeep
GetMenuStringA
DeleteMenu
InsertMenuA
WaitMessage
CopyAcceleratorTableA
DrawEdge
GetDesktopWindow
CharUpperA
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
CharNextA
GetWindowDC
ValidateRect
LoadStringA
wvsprintfA
OemToCharA
CharToOemA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MoveWindow
IsDialogMessageA
GetNextDlgGroupItem
SetWindowTextA
PostQuitMessage
LoadIconA
FindWindowA
GetLastActivePopup
BringWindowToTop
LoadBitmapA
LoadImageA
SetRect
GetDC
ReleaseDC
SetCursor
OffsetRect
TrackMouseEvent
LoadCursorA
MessageBoxA
InvalidateRect
UpdateWindow
SystemParametersInfoA
GetSystemMetrics
KillTimer
RedrawWindow
IsWindow
PostMessageA
RegisterWindowMessageA
GetParent
CheckDlgButton
EnableWindow
PtInRect
GetClientRect
SendMessageA
SetTimer
TranslateMessage
DispatchMessageA
SendDlgItemMessageA
PeekMessageA
AdjustWindowRectEx
ScrollWindowEx
IsDlgButtonChecked
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
GetWindow
SetWindowPos
IntersectRect
GetWindowPlacement
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
GetDlgItemInt
GetDlgItemTextA
GetDialogBaseUnits
GetWindowRect
SetDlgItemInt

winmm

waveOutGetNumDevs
waveOutGetDevCapsA

kernel32

Process32First
CreateToolhelp32Snapshot
RemoveDirectoryA
ResumeThread
SuspendThread
LeaveCriticalSection
EnterCriticalSection
GetShortPathNameA
MoveFileExA
GetVersionExA
FindNextFileA
SetCurrentDirectoryA
DeviceIoControl
CreateFileA
GetLastError
SetPriorityClass
GetCurrentProcess
MulDiv
WinExec
Module32First
ReleaseMutex
CreateMutexA
CreateProcessA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetProcessTimes
GetWindowsDirectoryA
LoadLibraryA
GetModuleFileNameA
FreeLibrary
MoveFileA
ExitProcess
GetProcAddress
MultiByteToWideChar
CreateEventA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
SizeofResource
LoadResource
FindResourceA
WaitForSingleObject
ResetEvent
SetEvent
GetPriorityClass
LocalFree
lstrcmpiA
IsProcessorFeaturePresent
GetSystemInfo
GetComputerNameA
GlobalMemoryStatus
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
GetProfileStringA
QueryPerformanceCounter
QueryPerformanceFrequency
HeapFree
HeapAlloc
GetProcessHeap
GetVersion
TerminateThread
GetCurrentThreadId
CreateDirectoryA
GetTickCount
GetModuleHandleA
FlushInstructionCache
VirtualFreeEx
ReadProcessMemory
VirtualAllocEx
GetLocalTime
WriteFile
ReadFile
GetFileSize
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcatA
InterlockedIncrement
lstrlenA
WideCharToMultiByte
SetLastError
SetThreadPriority
GetThreadLocale
GetCurrentThread
lstrcmpA
lstrcpynA
DuplicateHandle
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFullPathNameA
GetStringTypeExA
LocalAlloc
GlobalFlags
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
GetFileAttributesA
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
lstrlenW
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
SetErrorMode
GlobalSize
CopyFileA
RtlUnwind
CreateThread
ExitThread
GetStartupInfoA
GetCommandLineA
RaiseException
SetStdHandle
GetFileType
GetTimeZoneInformation
GetSystemTime
GetACP
HeapReAlloc
HeapSize
FatalAppExitA
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
OpenProcess
Process32Next
GetExitCodeProcess
TerminateProcess
CloseHandle
ExpandEnvironmentStringsA
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
GetSystemDirectoryA
SetFileAttributesA
DeleteFileA
GetCurrentDirectoryA
FindFirstFileA
FindClose
Sleep
FormatMessageA

gdi32

PtVisible
LPtoDP
GetMapMode
GetWindowExtEx
RectVisible
DPtoLP
GetCurrentObject
GetBkColor
GetTextColor
TextOutA
Escape
StretchBlt
GetClipBox
GetStockObject
FrameRgn
OffsetRgn
EqualRgn
CombineRgn
CreatePolygonRgn
SetTextColor
SetBkColor
CreateBitmap
SetPixel
GetPixel
SelectClipRgn
GetDCOrgEx
PatBlt
CreateRectRgnIndirect
StartDocA
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
GetTextExtentPointA
SetStretchBltMode
SetMapMode
CreateDIBitmap
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
GetViewportExtEx
CreateRoundRectRgn
CopyMetaFileA
GetTextMetricsA
SetRectRgn
CreateDIBPatternBrushPt
CreatePatternBrush
CreateHatchBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
GetClipRgn
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
GetCurrentPositionEx
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
GetBkMode
CreateFontIndirectA
GetTextExtentPoint32A
CreateRectRgn
ExtTextOutA
CreateCompatibleBitmap
SelectObject
CreateDCA
DeleteDC
GetObjectA
GetDeviceCaps
CreateFontA
CreateCompatibleDC
BitBlt
CreateSolidBrush
DeleteObject
ScaleViewportExtEx

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
GetPrinterDriverA
OpenPrinterA

advapi32

RegQueryValueExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
RegEnumValueA
RegEnumKeyA
RegQueryInfoKeyA
RegDeleteKeyA
RegDeleteValueA
GetUserNameA
RegEnumKeyExA
RegSetValueA
RegQueryValueA
RegCreateKeyA
RegOpenKeyExA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
DragAcceptFiles
SHFileOperationA
Shell_NotifyIconA
ShellExecuteA
ShellExecuteExA
SHGetSpecialFolderPathA
ExtractIconA

comctl32

ImageList_Merge
ImageList_AddMasked
ImageList_Add
ImageList_GetIcon
ImageList_GetImageCount
ImageList_Draw
ImageList_SetBkColor
ImageList_GetIconSize
_TrackMouseEvent
ord13
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Read
ImageList_Write
ord17

oledlg

ord8

ole32

OleInitialize
ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
OleRun
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
CoCreateInstance
CoInitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
OleDuplicateData

olepro32

ord253
ord251

oleaut32

VariantClear
SysAllocString
VariantTimeToSystemTime
VariantCopy
SysReAllocStringLen
SysStringLen
SysAllocStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantInit
VariantChangeType
VarCyFromStr
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
LoadTypeLi
SysAllocStringLen
SysStringByteLen
GetErrorInfo
SetErrorInfo
CreateErrorInfo
SysFreeString

urlmon

URLDownloadToFileA

wininet

HttpQueryInfoA
HttpSendRequestExA
HttpEndRequestA
HttpAddRequestHeadersA
InternetErrorDlg
GopherOpenFileA
GopherGetAttributeA
GopherCreateLocatorA
FtpGetFileA
FtpPutFileA
FtpOpenFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
FtpFindFirstFileA
InternetSetFilePointer
InternetGetCookieA
InternetSetCookieA
InternetSetStatusCallback
InternetSetOptionExA
InternetOpenUrlA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
InternetGetConnectedState
DeleteUrlCacheEntry
InternetFindNextFileA
GopherFindFirstFileA
InternetGetLastResponseInfoA
InternetWriteFile

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

Sections

.text
Size: 728KB - Virtual size: 727KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbf9c3a95d439fec465e60ae505913fe

Headers

File Characteristics

Imports

iphlpapi

shlwapi

netapi32

version

user32

winmm

kernel32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

wininet

rpcrt4

Sections

.text Size: 728KB - Virtual size: 727KB

.rdata Size: 204KB - Virtual size: 203KB

.data Size: 48KB - Virtual size: 70KB

.idata Size: 24KB - Virtual size: 20KB

.rsrc Size: 32KB - Virtual size: 29KB

.reloc Size: 56KB - Virtual size: 55KB

.text
Size: 728KB - Virtual size: 727KB

.rdata
Size: 204KB - Virtual size: 203KB

.data
Size: 48KB - Virtual size: 70KB

.idata
Size: 24KB - Virtual size: 20KB

.rsrc
Size: 32KB - Virtual size: 29KB

.reloc
Size: 56KB - Virtual size: 55KB