63b49484a3543692314eed6bec7cfe6e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

63b49484a3543692314eed6bec7cfe6e_JaffaCakes118
Size

1.4MB
MD5

63b49484a3543692314eed6bec7cfe6e
SHA1

0c39c0239b388d6d689acf384bf87fc10d3e923c
SHA256

539140461a33a0bbc875bd29f2c11a98832a1e213ae9be56c64209779f3cae15
SHA512

14ffd01b0ed7d8b73739279b3ec42280ad443c8db4210f09ee86d34dec87c85f6c78b4faad9fa2db5bf3b8bc4f925f8581cd734e1e360afa58abd2e10b3472fe
SSDEEP

24576:eVcvpec5eXmZf9LEaeEuIXFqhg5Mwb9bS/CoohD3m7:eVcvpec5eXmZfHelXhg5Mwb14CoohD3S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63b49484a3543692314eed6bec7cfe6e_JaffaCakes118

Files

63b49484a3543692314eed6bec7cfe6e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c3c2350ec4e2f973f552970616f3cc4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
RegQueryValueA
RegEnumKeyA
RegCloseKey
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

comctl32

_TrackMouseEvent

gdi32

SetBkMode
SetMapMode
ExcludeClipRect
CreateBitmap
SelectClipRgn
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
RestoreDC
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
CreatePen
SetRectRgn
GetTextColor
GetRgnBox
SetBkColor
SetTextColor
GetClipBox
CopyMetaFileA
CreateDCA
SaveDC
GetObjectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
BitBlt
LPtoDP
DPtoLP
GetWindowExtEx
GetViewportExtEx
GetMapMode
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteDC
CreateRectRgn
CombineRgn
DeleteObject
GetDIBits
GetDeviceCaps
StretchBlt
GetCharWidthA
GetTextExtentPoint32A
Polygon
Polyline
CreateRectRgnIndirect
CreateFontIndirectA
CreateSolidBrush
GetStockObject
CreateDIBitmap
RealizePalette
CreatePalette
PatBlt

kernel32

GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
GetCurrentDirectoryA
GetFileTime
SetErrorMode
RtlUnwind
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
RaiseException
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
TlsGetValue
GetProcessHeap
GetStartupInfoA
ExitThread
CreateThread
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
GetACP
LCMapStringA
LCMapStringW
LockResource
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTimeZoneInformation
GetDriveTypeA
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
InterlockedIncrement
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindClose
GetCurrentProcess
DuplicateHandle
GetThreadLocale
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
MoveFileA
GetCurrentProcessId
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedDecrement
GetModuleFileNameW
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcmpW
GetVersionExA
GlobalFree
CopyFileA
GlobalSize
LocalAlloc
LocalLock
LocalUnlock
GetFileAttributesA
FindFirstFileA
FindNextFileA
RemoveDirectoryA
CompareStringW
CompareStringA
lstrlenW
GetVersion
InterlockedExchange
MultiByteToWideChar
MulDiv
CreateProcessA
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
SetFileAttributesA
DeleteFileA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateMutexA
lstrcmp
GlobalAlloc
GlobalLock
GlobalUnlock
GetTempPathA
lstrcat
Sleep
ExitProcess
GetLastError
RestoreLastError
GetProcAddress
FormatMessageA
LocalFree
GetTickCount
LoadLibraryA
GetModuleHandleA
GetModuleFileNameA
CreateDirectoryA
lstrlen
SetFilePointer
GetFileSize
ReadFile
CreateFileA
WriteFile
CloseHandle
lstrcpy
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetCommandLineA

oleaut32

OleLoadPicture
VariantCopy
SysAllocStringByteLen
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString

shell32

SHGetFileInfo
Shell_NotifyIcon
ShellExecuteA

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

user32

SetDlgItemTextA
IsDialogMessage
IsWindowEnabled
CreateDialogIndirectParamA
GetDesktopWindow
InflateRect
ValidateRect
TranslateMessage
GetMessageA
GetWindowThreadProcessId
DestroyMenu
MapDialogRect
SetWindowContextHelpId
IsClipboardFormatAvailable
UnregisterClassA
CharNextA
CopyAcceleratorTableA
IsRectEmpty
InvalidateRgn
GetNextDlgGroupItem
PostThreadMessageA
GetPropA
RemovePropA
GetWindowTextLengthA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
TrackPopupMenu
IsWindowVisible
GetMenu
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
EqualRect
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
CallWindowProcA
IntersectRect
GetWindowPlacement
GetMenuState
GetMenuItemID
GetMenuItemCount
MessageBoxA
MessageBeep
DialogBoxIndirectParamA
GetClassNameA
GetSystemMenu
CheckDlgButton
SetFocus
SetWindowTextA
EndDialog
WinHelpA
GetDialogBaseUnits
LoadStringA
BeginPaint
EndPaint
SetMenuDefaultItem
GetSysColorBrush
SystemParametersInfoA
SetWindowPos
FindWindowA
SetWindowRgn
CharUpperA
SetCursor
ReleaseDC
GetDC
GetScrollRange
SetScrollPos
GetScrollPos
SetWindowLongA
LockWindowUpdate
CopyRect
RedrawWindow
SetRect
ShowWindow
UpdateWindow
RegisterClipboardFormatA
GetKeyState
ReleaseCapture
GetClassInfoA
LoadCursorA
DefWindowProcA
ShowCaret
SetCaretPos
CreateCaret
ShowScrollBar
GetNextDlgTabItem
GetFocus
SetCapture
GetCapture
EnableScrollBar
ClientToScreen
PostMessageA
AppendMenuA
CreatePopupMenu
FillRect
OffsetRect
PtInRect
DestroyCaret
GetParent
GetCursorPos
DrawIconEx
DestroyCursor
CheckMenuItem
SetPropA
PostQuitMessage
wsprintfA
EmptyClipboard
SetClipboardData
CloseClipboard
GetSystemMetrics
SetForegroundWindow
OpenClipboard
IsIconic
LoadMenuA
GetSubMenu
EnableMenuItem
DrawIcon
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
RegisterClipboardFormatA
GetDlgItem
LoadIconA
SendDlgItemMessageA
IsChild
SetWindowsHookExA
CallNextHookEx
GetLastActivePopup
GetClassLongA
KillTimer
SetTimer
InvalidateRect
LoadBitmapA
GetSysColor
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetClientRect
GetActiveWindow
IsWindow
GetWindow
GetWindowLongA
GetWindowTextA
MoveWindow
GetWindowRect
ScreenToClient
EnableWindow
SendMessageA
GetWindowDC

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

ws2_32

send
WSAGetLastError
socket
recv
getpeername
htons
bind
ioctlsocket
WSAStartup
accept
closesocket
listen

comdlg32

GetFileTitleA

iphlpapi

GetAdaptersInfo

ole32

CoTaskMemAlloc
ReleaseStgMedium
CoRevokeClassObject
OleDuplicateData
StgIsStorageFile
StgOpenStorage
CoTaskMemFree
CreateStreamOnHGlobal
CoInitialize
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
CLSIDFromProgID
CoCreateInstance
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleGetClipboard
CLSIDFromString

oledlg

OleUIBusyA

Sections

.text
Size: 565KB - Virtual size: 568KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 134KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 70KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 378KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 232KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.poly
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c3c2350ec4e2f973f552970616f3cc4b

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

oleaut32

shell32

shlwapi

user32

winspool.drv

ws2_32

comdlg32

iphlpapi

ole32

oledlg

Sections

.text Size: 565KB - Virtual size: 568KB

.data Size: 134KB - Virtual size: 144KB

Size: 70KB - Virtual size: 88KB

.rsrc Size: 378KB - Virtual size: 377KB

Size: 512B - Virtual size: 4KB

Size: 232KB - Virtual size: 236KB

Size: 8KB - Virtual size: 8KB

.poly Size: 7KB - Virtual size: 8KB

.idata Size: 10KB - Virtual size: 32KB

.text
Size: 565KB - Virtual size: 568KB

.data
Size: 134KB - Virtual size: 144KB

.rsrc
Size: 378KB - Virtual size: 377KB

.poly
Size: 7KB - Virtual size: 8KB

.idata
Size: 10KB - Virtual size: 32KB