70cc723300b322ae40feca696b34dfb3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

70cc723300b322ae40feca696b34dfb3_JaffaCakes118
Size

708KB
MD5

70cc723300b322ae40feca696b34dfb3
SHA1

f300650ee4e80bda8549eb9bc86a531304f15902
SHA256

d5584183edc8a9344467ccfe54121da40af138e5ebb073105874f7566ad4dc22
SHA512

890082704a66f62f25c5f01e351c67bae6ba8f46113ffc40545ef97922a406689f964751876b262464c23ac2bccd2bc89f1c66a3e5e39f99daf13c4a94fe734e
SSDEEP

12288:DuYG19tn+7hlCS3Pjg6L3tfQSfEuZsXjhJEJd5QKPw0yUHkBpxyd8Vdv4:ig9fQ+LZsXjhadBtyiCpjVdQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70cc723300b322ae40feca696b34dfb3_JaffaCakes118

Files

70cc723300b322ae40feca696b34dfb3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f23761315c6a3809166e83e695792cf2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutGetNumDevs

version

VerLanguageNameA
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetTimeZoneInformation
GlobalFlags
GetLocalTime
GetStartupInfoA
GetCommandLineA
GetACP
HeapReAlloc
HeapSize
GetSystemTime
ExitProcess
HeapCreate
VirtualFree
VirtualAlloc
LocalReAlloc
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateProcessA
GetPrivateProfileSectionNamesA
EnterCriticalSection
SetErrorMode
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
GetCurrentThread
GetCurrentProcess
GetWindowsDirectoryA
GetSystemDirectoryA
GetDriveTypeA
MulDiv
InterlockedIncrement
FindNextFileA
FindFirstFileA
FindClose
RemoveDirectoryA
SetCurrentDirectoryA
CreateDirectoryA
GetFileAttributesA
SetFileAttributesA
WriteFile
ReadFile
CreateFileA
GetFileSize
SetFilePointer
SetEndOfFile
DeleteFileA
GetTempPathA
GetTempFileNameA
lstrcpyA
lstrlenA
lstrcpynA
ExpandEnvironmentStringsA
GetProcessVersion
GetModuleFileNameA
OpenProcess
CloseHandle
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentProcessId
FreeLibrary
GetVersionExA
GetLastError
SetLastError
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetVersion
GlobalAddAtomA
GetCurrentThreadId
GlobalGetAtomNameA
LockResource
GlobalFindAtomA
GlobalDeleteAtom
SystemTimeToFileTime
FindResourceA
LoadResource
FileTimeToSystemTime
GetFileTime
WideCharToMultiByte
InterlockedDecrement
MoveFileA
GetFullPathNameA
FlushFileBuffers
UnlockFile
LockFile
LocalFileTimeToFileTime
DuplicateHandle
DosDateTimeToFileTime
IsBadStringPtrA
SetFileTime
GetTickCount
lstrcmpiA
FileTimeToLocalFileTime
FileTimeToDosDateTime
LocalUnlock
LocalAlloc
LocalLock
lstrcatA
GlobalReAlloc
IsDBCSLeadByte
TlsFree
TlsGetValue
IsBadReadPtr
TlsSetValue
TlsAlloc
GetPrivateProfileIntA
MultiByteToWideChar
GlobalMemoryStatus
GetSystemDefaultLangID
GetComputerNameA
GetVolumeInformationA
GetPrivateProfileStringA
MoveFileExA
WritePrivateProfileStringA
GetDiskFreeSpaceA
TerminateProcess
Sleep
GetLogicalDriveStringsA
lstrcmpA
GetCurrentDirectoryA
FormatMessageA
GetShortPathNameA
CopyFileA
GetPrivateProfileSectionA
LocalFree
GlobalAlloc
SetUnhandledExceptionFilter
HeapDestroy
IsBadWritePtr

user32

CheckMenuItem
EnableMenuItem
MapWindowPoints
GetSysColor
GetFocus
SetMenuItemBitmaps
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
GetTopWindow
GetCapture
WinHelpA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetKeyState
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SystemParametersInfoA
GetWindowPlacement
SetActiveWindow
CreateDialogIndirectParamA
GetParent
SetFocus
IsWindowEnabled
ShowWindow
SetWindowPos
MoveWindow
GetMenuState
IsDialogMessageA
LoadBitmapA
ModifyMenuA
ReleaseCapture
GetDlgItem
DrawFocusRect
FillRect
PtInRect
GetCursorPos
ValidateRect
GetMessageA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
UnhookWindowsHookEx
GetWindowTextLengthA
LoadStringA
WaitForInputIdle
SetDlgItemTextA
SetWindowTextA
SetForegroundWindow
EndDialog
DialogBoxParamA
GetActiveWindow
GetClassNameA
CharUpperA
OemToCharA
CharNextA
CharPrevA
CharUpperBuffA
SetCursor
IsIconic
DrawIcon
DestroyIcon
ExitWindowsEx
LoadCursorA
UpdateWindow
RedrawWindow
GetDesktopWindow
GetWindowTextA
EnumWindows
GetWindowThreadProcessId
PostMessageA
MessageBoxA
MsgWaitForMultipleObjects
GetSystemMetrics
EnableWindow
InvalidateRect
GetClientRect
GetDC
ReleaseDC
GetWindowRect
LoadIconA
TranslateMessage
DispatchMessageA
PeekMessageA
PostQuitMessage
IsWindow
BeginPaint
GetMenuCheckMarkDimensions
ClientToScreen
DrawTextA
EndPaint
TabbedTextOutA
GrayStringA
DestroyMenu
GetDlgCtrlID
GetWindowLongA
DefWindowProcA
SetWindowLongA
GetClassInfoA
RegisterClassA
CreateWindowExA
SendMessageA
DestroyWindow
wsprintfA
RegisterWindowMessageA
GetSysColorBrush
ShowOwnedPopups
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuA
SendDlgItemMessageA
GetNextDlgTabItem
UnregisterClassA

gdi32

DeleteObject
CreateFontIndirectA
GetObjectA
CreateSolidBrush
StretchDIBits
RealizePalette
CreatePalette
DeleteDC
CreateICA
GetTextMetricsA
SetBkMode
SetBkColor
GetStockObject
GetClipBox
GetBkColor
CreateBitmap
SetTextColor
RestoreDC
SelectObject
SaveDC
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
Rectangle
ScaleWindowExtEx
SelectPalette
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
CreateCompatibleDC
BitBlt
GetDeviceCaps
RemoveFontResourceA
AddFontResourceA

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

OpenServiceA
LookupPrivilegeValueA
AdjustTokenPrivileges
EnumServicesStatusA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumValueA
RegConnectRegistryA
RegCloseKey
LookupAccountSidA
CreateServiceA
CloseServiceHandle
DeleteService
StartServiceA
ControlService
QueryServiceStatus
GetServiceDisplayNameA
OpenSCManagerA
UnlockServiceDatabase
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
GetUserNameA

shell32

SHChangeNotify
DragFinish
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
DragQueryFileA

comctl32

ord17

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

LoadTypeLi
RegisterTypeLi

wsock32

WSAStartup
WSACleanup
getsockname
select
socket
gethostbyname
recv
bind
send
setsockopt
recvfrom
sendto
accept
inet_addr
listen
closesocket
shutdown
htonl
ntohs
inet_ntoa
ioctlsocket
connect
WSAGetLastError
htons

netapi32

Netbios

Sections

.text
Size: 524KB - Virtual size: 521KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f23761315c6a3809166e83e695792cf2

Headers

File Characteristics

Imports

winmm

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

wsock32

netapi32

Sections

.text Size: 524KB - Virtual size: 521KB

.rdata Size: 100KB - Virtual size: 97KB

.data Size: 48KB - Virtual size: 62KB

.rsrc Size: 32KB - Virtual size: 40KB

.text
Size: 524KB - Virtual size: 521KB

.rdata
Size: 100KB - Virtual size: 97KB

.data
Size: 48KB - Virtual size: 62KB

.rsrc
Size: 32KB - Virtual size: 40KB