69399d6a2870aa492c8c8e3ed6517e82_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

69399d6a2870aa492c8c8e3ed6517e82_JaffaCakes118
Size

1.6MB
MD5

69399d6a2870aa492c8c8e3ed6517e82
SHA1

20bf2de517a25cf5d5897381e0a1bcd04bfb9f00
SHA256

652015d712d1cab8a060344a1086112bc13e1148245c29f0618be01be6e2069c
SHA512

b1b0264112a463c26f58f42ec8b89ceb93ffd54db3d50192a59e451b18ad22272ba765743ba57dc2012e4448d6f9ff247a765e270f04694ef31de76564ef0d10
SSDEEP

24576:Iw+tw8ezivTouXJ8A1fiV05948TWnUwn3Un:Bpx4xfiUXw3Un

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69399d6a2870aa492c8c8e3ed6517e82_JaffaCakes118

Files

69399d6a2870aa492c8c8e3ed6517e82_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c8488c14652332ca91b6167798464c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

wsock32

WSAStartup
WSACleanup
htonl
sendto
accept
WSASetLastError
closesocket
recv
inet_ntoa
bind
socket
WSAIsBlocking
send
WSAAsyncSelect
htons
inet_addr
listen
getsockname
connect
gethostbyname
WSAGetLastError
ioctlsocket
recvfrom

kernel32

VirtualFree
GetCommandLineA
RemoveDirectoryA
GetACP
SetStdHandle
TerminateProcess
HeapSize
HeapDestroy
GetSystemTimeAsFileTime
GetStartupInfoA
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
HeapCreate
GetFileType
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetFileInformationByHandle
PeekNamedPipe
ExitThread
LocalFileTimeToFileTime
CompareStringA
CompareStringW
GetProfileStringA
FileTimeToLocalFileTime
FileTimeToSystemTime
Sleep
lstrcpyA
TerminateThread
FindFirstFileA
FindNextFileA
DeleteFileA
FindClose
FindResourceA
LoadResource
LockResource
GetCPInfo
lstrlenW
SetEnvironmentVariableA
GetSystemTime
GetTimeZoneInformation
RaiseException
SetCurrentDirectoryA
HeapCompact
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
lstrcpyW
GetCurrentDirectoryA
GlobalSize
SetErrorMode
GetFileSize
GetOEMCP
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
GlobalFlags
GetFileTime
GetCurrentThread
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
DuplicateHandle
CreateEventA
SuspendThread
SetThreadPriority
SetEvent
WaitForSingleObject
lstrcpynA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
FormatMessageA
LocalFree
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
MulDiv
GetModuleHandleA
SetLastError
lstrcatA
lstrcmpA
GetExitCodeThread
WriteFile
CreateFileA
SearchPathA
GetFileAttributesA
CreateThread
GetStringTypeW
ResumeThread
lstrlenA
GetVersion
InterlockedDecrement
InterlockedIncrement
ExitProcess
_lopen
SystemTimeToFileTime
SetFileTime
IsBadReadPtr
_lclose
LoadLibraryA
GetVersionExA
CloseHandle
GetLocalTime
GetCurrentProcess
GetTickCount
GetTempPathA
GetTempFileNameA
CreateDirectoryA
CopyFileA
CreateProcessA
GetSystemDirectoryA
GetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
WinExec
GetDriveTypeA
GetModuleFileNameA
GetDiskFreeSpaceA
MultiByteToWideChar
WideCharToMultiByte
GetProfileIntA
IsBadCodePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetProcAddress
FreeLibrary

user32

GetMessagePos
CountClipboardFormats
GetSystemMenu
FindWindowA
GetTabbedTextExtentA
PostThreadMessageA
CopyAcceleratorTableA
GetDCEx
LockWindowUpdate
InvertRect
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
ShowOwnedPopups
SetParent
GetLastActivePopup
GetForegroundWindow
GetWindow
IntersectRect
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
CallWindowProcA
SetMenuDefaultItem
GetFocus
FrameRect
PtInRect
MessageBeep
SetWindowPos
GetWindowPlacement
InflateRect
CreateWindowExA
MapVirtualKeyA
DefWindowProcA
SetForegroundWindow
GetClassNameA
ExitWindowsEx
GetMessageTime
IsRectEmpty
DispatchMessageA
SetClipboardViewer
ChangeClipboardChain
RegisterWindowMessageA
GetMenu
SetMenu
IsChild
GetClipboardData
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
IsClipboardFormatAvailable
CheckMenuItem
IsMenu
GetAsyncKeyState
PostQuitMessage
SetWindowLongA
wsprintfA
GetCursorPos
ScreenToClient
GetKeyState
BringWindowToTop
LoadMenuA
EnableMenuItem
IsZoomed
IsWindow
IsWindowVisible
IsIconic
DrawIcon
ShowScrollBar
LoadIconA
LoadImageA
GetClientRect
PeekMessageA
DrawFocusRect
LoadBitmapA
DeleteMenu
RemoveMenu
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenuState
ModifyMenuA
InsertMenuA
AppendMenuA
DrawTextA
DrawIconEx
DestroyIcon
CopyRect
DrawEdge
SystemParametersInfoA
FillRect
GetMenuItemInfoA
SetRect
MapDialogRect
GetDesktopWindow
OffsetRect
UpdateWindow
GetSysColor
GetDC
DestroyMenu
wvsprintfA
LoadStringA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
ReleaseDC
SetDlgItemInt
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
TranslateAcceleratorA
UnpackDDElParam
ValidateRect
SetCursorPos
LoadAcceleratorsA
DestroyCursor
SetRectEmpty
CharUpperA
WindowFromPoint
RedrawWindow
GetMessageA
GetWindowLongA
FindWindowExA
TranslateMessage
RegisterClipboardFormatA
SetTimer
GetSystemMetrics
GetWindowRect
GetParent
PostMessageA
ReleaseCapture
SetCapture
KillTimer
MessageBoxA
InvalidateRect
EnableWindow
LoadCursorA
SetCursor
SendMessageA
EndDialog
GetNextDlgTabItem
MsgWaitForMultipleObjects
TrackPopupMenu
ReuseDDElParam
UnregisterClassA

gdi32

GetObjectA
DeleteObject
SetDIBitsToDevice
RealizePalette
SelectPalette
GetDeviceCaps
GetPixel
BitBlt
CreateCompatibleDC
GetBkMode
CreateSolidBrush
CreatePen
CreateCompatibleBitmap
GetTextExtentPoint32W
GetTextExtentPoint32A
Ellipse
SetPixel
DeleteDC
SelectObject
CreateDIBSection
PatBlt
GetTextMetricsA
GetNearestColor
GetDIBColorTable
DPtoLP
GetStockObject
StartDocA
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
GetMapMode
SetRectRgn
CombineRgn
CreateRectRgnIndirect
StretchDIBits
GetCharWidthA
CreateFontA
CreateDCA
Rectangle
GetViewportOrgEx
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
LPtoDP
GetBkColor
GetTextColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetROP2
GetTextFaceA
GetWindowOrgEx
CopyMetaFileA
CreateFontIndirectA
CreatePalette

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
PrintDlgA
ChooseFontA
ChooseColorA
CommDlgExtendedError
ReplaceTextA
FindTextA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

AdjustTokenPrivileges
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
GetUserNameA
RegEnumValueA
OpenProcessToken
LookupPrivilegeValueA
RegOpenKeyA
InitiateSystemShutdownA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegSetValueA
RegCreateKeyA
RegQueryValueA
RegCloseKey

shell32

ExtractIconA
Shell_NotifyIconA
SHChangeNotify
DragAcceptFiles
SHGetDesktopFolder
SHBrowseForFolderA
SHGetMalloc
DragQueryFileA
SHFileOperationA
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteA
SHGetSpecialFolderLocation
DragFinish

comctl32

DestroyPropertySheetPage
CreatePropertySheetPageA
PropertySheetA
ImageList_Draw
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_SetBkColor
ord17
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA

oledlg

ord8
ord11
ord4
ord3

ole32

OleCreateLinkFromData
OleSetMenuDescriptor
OleCreateFromData
OleSetContainedObject
CreateGenericComposite
OleCreateStaticFromData
OleCreateLinkToFile
CreateItemMoniker
OleSaveToStream
WriteClassStm
OleGetIconOfClass
GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleSave
OleLoad
OleCreate
OleLockRunning
OleCreateFromFile
CreateFileMoniker
CoRevokeClassObject
CoRegisterMessageFilter
CreateStreamOnHGlobal
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
CoTaskMemAlloc
OleDuplicateData
CoDisconnectObject
OleRegGetUserType
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
OleGetClipboard
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoTaskMemFree
ReleaseStgMedium
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop

oleaut32

LoadTypeLi
SysStringLen
SysAllocStringLen
VarBstrFromDate
VarDateFromStr
SysAllocStringByteLen
SysFreeString
VariantClear
VariantCopy
SysAllocString
VariantChangeType

wininet

InternetCrackUrlA
InternetGetLastResponseInfoA
HttpSendRequestA
HttpOpenRequestA
FtpOpenFileA
InternetSetFilePointer
InternetWriteFile
InternetCanonicalizeUrlA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
InternetOpenA
InternetSetStatusCallback

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c8488c14652332ca91b6167798464c4

Headers

File Characteristics

Imports

winmm

wsock32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.sdata Size: 4KB - Virtual size: 8B

.rdata Size: 200KB - Virtual size: 196KB

.data Size: 36KB - Virtual size: 55KB

.rsrc Size: 344KB - Virtual size: 343KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.sdata
Size: 4KB - Virtual size: 8B

.rdata
Size: 200KB - Virtual size: 196KB

.data
Size: 36KB - Virtual size: 55KB

.rsrc
Size: 344KB - Virtual size: 343KB