75ecd81316ec3c49265531a56b314e07_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

75ecd81316ec3c49265531a56b314e07_JaffaCakes118
Size

557KB
MD5

75ecd81316ec3c49265531a56b314e07
SHA1

d06da7a359b0bfe073354e1a730bc143b551f572
SHA256

735ae8e203b2a60d44e78b1f0b52a33fdc049175d8832ae25ccff238b1718496
SHA512

75812c30fa97767d5e0829d5dc8dbd42e0ba4224dff866069661d70a29e4614a9836fd0938b583bced119204b39c636b490106d4185d0d35d03fa2fca445c294
SSDEEP

12288:lnaFw6eKEsG+TaxzCaBvQKwMbOpYyb4TQcKSi39IBQ:AvG+TwnBvfb7yJczUIS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75ecd81316ec3c49265531a56b314e07_JaffaCakes118

Files

75ecd81316ec3c49265531a56b314e07_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b38334adb16ac340723d939894fdfe9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mime32

??1CMIMEEngine@@QAE@XZ
?Pack@CMIMEEngine@@QAE?AW4_CME_RC@@PAVCInputBlock@@PADKH@Z
??0CMIMEEngine@@QAE@XZ
?FreeBlocks@CMIMEEngine@@QAEHPAVCBlock@@@Z
?AddInputBlock@CMIMEEngine@@QAEPAVCInputBlock@@PAV2@PBD1W4_CONTENT_TYPE@CMIMEPart@@W4_ENCODE_TYPE@4@11H1@Z
?StartCreate@CMIMEEngine@@QAEPAVCInputBlock@@PBD0W4_CONTENT_TYPE@CMIMEPart@@W4_ENCODE_TYPE@4@00H0@Z
?Unpack@CMIMEEngine@@QAEPAVCOutputBlock@@AAVCString@@PBDHAAW4_CME_RC@@@Z

dccutili

?duGetFullAccessSecurityAttribute@@YGPAU_SECURITY_ATTRIBUTES@@XZ
duIsLeadByte
duIsDBCSWindows
ord1816
duIsLastCharBackSlash
ord3942
?GetLength@DString@@QBEHXZ
duGetDccResourceHandle
ord1200
duLoadHardCodedString
ord1808
??4DString@@QAEABV0@PBD@Z
ord1802
?GetLength@DBuffer@@QBEHXZ
?SetLength@DBuffer@@QAEXH@Z
SetForegroundWindowExt
ord10007
??1DGetString@@QAE@XZ
??BDGetString@@QAEPBDXZ
??1DString@@QAE@XZ
??0DGetString@@QAE@IPAUHINSTANCE__@@H@Z
?faxitoa@@YAXHPADH@Z
?IsEmpty@DString@@QBEHXZ
duCharNext
??YDString@@QAEABV0@D@Z
ord1807
ord1803
??0DBuffer@@QAE@H@Z
??BDString@@QBEPBDXZ
??0DFileFind@@QAE@PBD@Z
?GetPointer@DBuffer@@QBEPAXXZ
??1DBuffer@@QAE@XZ
ord3906
??4DString@@QAEABV0@ABV0@@Z
??YDString@@QAEABV0@ABV0@@Z
??0DString@@QAE@PBD@Z
?FindNext@DFileFind@@QAEHXZ
?GetFullname@DFileFind@@QAEPBDXZ
??1DFileFind@@QAE@XZ
??0DString@@QAE@XZ
?LoadStringA@DString@@QAEHPAUHINSTANCE__@@I@Z
??YDString@@QAEABV0@PBD@Z

filedb

?createDLogFolder@@YAJPAPAVDLogFolder@@PAVDLogStore@@@Z

olfcover

?SetTStrData@CGeneralString@@QAEXPBDI@Z
?SetUnicodeData@CGeneralString@@QAEXPBGII@Z
??1CGeneralString@@QAE@XZ
??1CCoverPage@@UAE@XZ
?CreateCoverFXM@CCoverPage@@QAEJPAPAX@Z
??4CGeneralString@@QAEAAV0@AAV0@@Z
??0CCoverPage@@QAE@XZ
??0CGeneralString@@QAE@XZ

wfxut32i

?initModem@DModemMessage@@UAEXPBD@Z
LGDeinitNoMAPINoWaste
_InitThePaths@16
?terminateModem@DModemMessage@@UAEXPAXK@Z
?modemBusy@DModemMessage@@UAEXPAX@Z
LGInitNoMAPINoWaste
?abortFax@DModemMessage@@UAEXPAXK@Z
?startReceive@DModemMessage@@UAEXPAXK@Z
ord2000
??0DModemMessage@@QAE@PBD0K@Z
?getError@DMessage@@UAEJXZ
?getHeader@DMessageBuffer@@QAEPAU_DMessageHeader@@XZ
?getData@DMessageBuffer@@QAEPAXXZ
??1DModemMessage@@UAE@XZ

kernel32

ReleaseSemaphore
RemoveDirectoryA
GetACP
UnmapViewOfFile
MapViewOfFile
WaitForSingleObject
CreateFileMappingA
lstrcpynA
CreateProcessA
FindClose
FindNextFileA
lstrcmpiA
FindFirstFileA
DeleteFileA
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTimeZoneInformation
CreateMutexA
CreateSemaphoreA
Sleep
OpenMutexA
WideCharToMultiByte
MultiByteToWideChar
FormatMessageA
DuplicateHandle
GetCurrentProcess
GetLocalTime
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
MoveFileA
GetVolumeInformationA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
GetShortPathNameA
GetModuleFileNameA
GlobalGetAtomNameA
GetCurrentThreadId
GetVersion
GlobalFree
GlobalUnlock
GlobalLock
SetLastError
MulDiv
SetEvent
ResumeThread
SetThreadPriority
SuspendThread
CreateEventA
GetCurrentThread
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetTickCount
GetFileAttributesA
OpenFile
GetSystemTime
GetWindowsDirectoryA
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
SetErrorMode
GetProcessVersion
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetVersionExA
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrlenW
CopyFileA
GlobalSize
GlobalAddAtomA
GetDiskFreeSpaceA
RaiseException
RtlUnwind
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
CreateThread
ExitThread
TerminateProcess
HeapSize
HeapReAlloc
GetCPInfo
GetOEMCP
FatalAppExitA
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetDriveTypeA
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
SetStdHandle
GetLocaleInfoW
CreateDirectoryA
CompareStringW
SetEnvironmentVariableA
lstrcatA
CreateFileA
WriteFile
CloseHandle
GetUserDefaultLangID
FindResourceA
LoadResource
LockResource
SizeofResource
GetTimeFormatA
GetDateFormatA
lstrlenA
GetTempPathA
GetTempFileNameA
_lcreat
_lclose
_llseek
_lopen
GetLastError
_lread
_lwrite
GetCurrentDirectoryA
lstrcpyA
LocalAlloc
LocalFree
FreeLibrary
LoadLibraryA
GetProcAddress
LocalFileTimeToFileTime
GetFileSize
GetProfileStringA
GetFileTime
ReadFile
CompareStringA

user32

ShowScrollBar
GetScrollInfo
ScrollWindow
IsWindowVisible
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
DeferWindowPos
EqualRect
AdjustWindowRectEx
IsWindow
SetActiveWindow
GetFocus
DispatchMessageA
PeekMessageA
GetSysColor
MapWindowPoints
SystemParametersInfoA
SendDlgItemMessageA
UpdateWindow
CreateDialogIndirectParamA
GetActiveWindow
GetNextDlgTabItem
CheckDlgButton
CheckRadioButton
GetDlgItemInt
SetDlgItemInt
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
MoveWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
WaitMessage
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
PostQuitMessage
MapDialogRect
RegisterClipboardFormatA
LoadStringA
GetSysColorBrush
GetClassNameA
PtInRect
ClientToScreen
GetDesktopWindow
GetScrollRange
SetScrollInfo
FillRect
IsRectEmpty
OffsetRect
GetDialogBaseUnits
InsertMenuA
AppendMenuA
GetMenuStringA
RemoveMenu
DeleteMenu
CharNextA
CopyAcceleratorTableA
SetRect
MessageBeep
GetNextDlgGroupItem
PostThreadMessageA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
wvsprintfA
IntersectRect
InflateRect
DestroyIcon
CharUpperA
OemToCharA
CharToOemA
LoadCursorA
LoadMenuA
GetSystemMetrics
GetClientRect
DrawIcon
LoadIconA
SetWindowTextA
EnableWindow
IsIconic
DialogBoxParamA
SetForegroundWindow
KillTimer
DestroyWindow
RegisterWindowMessageA
FindWindowA
CreateDialogParamA
SetTimer
wsprintfA
GetDlgItemTextA
MessageBoxA
ScreenToClient
GetWindowRect
ShowWindow
SetWindowPos
GetDlgItem
SendMessageA
SetDlgItemTextA
PostMessageA
SetFocus
EndDialog
SetScrollPos
ShowOwnedPopups
GetScrollPos
IsChild
GetTopWindow
IsWindowEnabled
WinHelpA
GetParent
GetCapture
GetMenuItemCount
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
GetWindowPlacement
TrackPopupMenu
SetWindowPlacement
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
CreateWindowExA
GetKeyState
DefWindowProcA
GetClassLongA
SetWindowsHookExA
CallNextHookEx
GetLastActivePopup
SetPropA
UnhookWindowsHookEx
CallWindowProcA
GetForegroundWindow
GetPropA
GetMessagePos
RemovePropA
GetMessageTime
SetWindowLongA
GetWindow
GetWindowLongA
DestroyMenu
SetCursor
InvalidateRect
SetScrollRange
DefDlgProcA
DrawFocusRect
HideCaret
IsWindowUnicode
WindowFromPoint
UnregisterClassA
ExcludeUpdateRgn
ShowCaret

gdi32

GetDeviceCaps
PlayMetaFile
EnumMetaFile
GetObjectType
GetViewportExtEx
GetWindowExtEx
CreatePen
SelectClipPath
TextOutA
ExtTextOutA
DeleteObject
PolyBezierTo
SetColorAdjustment
PolylineTo
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
PlayMetaFileRecord
ExtSelectClipRgn
Escape
PolyDraw
SetArcDirection
ArcTo
GetCurrentPositionEx
SetMapperFlags
SetTextCharacterExtra
LPtoDP
DPtoLP
GetTextExtentPointA
GetTextMetricsA
CreateFontIndirectA
CopyMetaFileA
CreateDCA
GetTextColor
GetBkColor
PatBlt
CreateDIBitmap
BitBlt
CreateCompatibleDC
CreateRectRgn
GetClipRgn
GetMapMode
SetBkColor
CombineRgn
SetRectRgn
SetTextColor
CreateBitmap
DeleteDC
StartDocA
SaveDC
RestoreDC
SelectObject
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
GetObjectA
CreateRectRgnIndirect
SetTextJustification
GetStockObject

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey
RevertToSelf
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegSetValueA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegEnumKeyA
RegCreateKeyA

shell32

ExtractIconA
DragQueryFileA
DragAcceptFiles
SHGetFileInfoA
DragFinish

comctl32

ord13
ord17
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write

oledlg

ord8

ole32

OleSetClipboard
CoRegisterClassObject
CoRegisterMessageFilter
OleIsCurrentClipboard
CreateStreamOnHGlobal
CoRevokeClassObject
ReadFmtUserTypeStg
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
OleDuplicateData
CoTaskMemAlloc
CoDisconnectObject
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
OleRun
CLSIDFromString
CLSIDFromProgID
CoTaskMemFree
CoCreateInstance
CreateILockBytesOnHGlobal
OleFlushClipboard

oleaut32

LoadTypeLi
OleCreateFontIndirect
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayDestroyDescriptor
SafeArrayLock
SafeArrayPutElement
SafeArrayUnlock
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayPtrOfIndex
SafeArrayCopy
VarBstrFromDate
SafeArrayAllocData
VarBstrFromCy
VarCyFromStr
VarDateFromStr
SafeArrayCreate
SafeArrayGetDim
SafeArrayRedim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayUnaccessData
SysStringByteLen
SafeArrayAccessData
VariantCopy
SysAllocStringByteLen
SysReAllocStringLen
SysAllocStringLen
VariantClear
SysStringLen
SysAllocString
SysFreeString
VariantChangeType

wsock32

WSAAsyncSelect
WSASetLastError
WSAStartup
recvfrom
socket
htons
listen
WSACleanup
inet_addr
ntohs
getpeername
getsockname
accept
ioctlsocket
bind
gethostbyname
htonl
WSAGetLastError
connect
sendto
recv
closesocket
inet_ntoa
send

Sections

.text
Size: 326KB - Virtual size: 325KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 23KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b38334adb16ac340723d939894fdfe9b

Headers

File Characteristics

Imports

mime32

dccutili

filedb

olfcover

wfxut32i

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

wsock32

Sections

.text Size: 326KB - Virtual size: 325KB

.rdata Size: 76KB - Virtual size: 76KB

.data Size: 23KB - Virtual size: 41KB

.rsrc Size: 96KB - Virtual size: 100KB

.text
Size: 326KB - Virtual size: 325KB

.rdata
Size: 76KB - Virtual size: 76KB

.data
Size: 23KB - Virtual size: 41KB

.rsrc
Size: 96KB - Virtual size: 100KB