75fc24334f62afb04f5df7d76197a6e7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

75fc24334f62afb04f5df7d76197a6e7_JaffaCakes118
Size

704KB
MD5

75fc24334f62afb04f5df7d76197a6e7
SHA1

d1ea1bf218f4304b3632a7a7577ce48834e63f13
SHA256

c4c1fb6edecac5688152746d72cadb93b831b9919c6427a8869d5fa3c2931301
SHA512

9af79de922573d2af384d6983283405d7a1b61aa5c91b932deb16e363ef636ea31cf5a1635f84186520c7ea3da90cab2a7a49dac2069e1584d6d6e989b95b57b
SSDEEP

12288:1P06ms1U4fuHY+BL200r8M2e+0CMPIR0J0KfG0lP06cTkU9P0ZKIulfINTlSzzlg:1P06ms1U4fuHY+BL200r8M2e+0CMPIRQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75fc24334f62afb04f5df7d76197a6e7_JaffaCakes118

Files

75fc24334f62afb04f5df7d76197a6e7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

81272ee372c67ad7cddd6265dcdce04f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CryptReleaseContext
RegDeleteValueA
RegOpenKeyA
CloseServiceHandle
ControlService
QueryServiceStatus
OpenServiceA
OpenSCManagerA
StartServiceA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
RegFlushKey
ChangeServiceConfigA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegQueryValueExA
RegCreateKeyA
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
RegCloseKey
CryptAcquireContextA

kernel32

GlobalUnlock
WideCharToMultiByte
GetDateFormatA
FormatMessageA
CompareStringA
CompareFileTime
SystemTimeToFileTime
CreateMutexA
ResumeThread
ReleaseMutex
FlushInstructionCache
GetCurrentProcess
GlobalAlloc
MultiByteToWideChar
GetSystemDirectoryA
FreeResource
LockResource
FindNextFileA
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
DuplicateHandle
FindClose
GlobalLock
GlobalHandle
LocalReAlloc
IsDBCSLeadByte
InterlockedIncrement
HeapDestroy
LoadResource
LoadLibraryExA
FindResourceA
GetShortPathNameA
SizeofResource
GetModuleFileNameA
EnterCriticalSection
WinExec
GetVersionExA
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetSystemInfo
GetComputerNameA
HeapCreate
GetUserDefaultLCID
OpenEventA
GetCurrentThreadId
FileTimeToSystemTime
GetSystemDefaultLCID
LoadLibraryA
SetEndOfFile
lstrcatA
lstrcmpiA
GetLocalTime
SetFilePointer
ReadFile
lstrlenA
MulDiv
lstrcpynA
OpenProcess
GetTickCount
ResetEvent
Sleep
CreateThread
lstrcmpA
lstrcpyA
SetEvent
WriteFile
GetTempPathA
GetTempFileNameA
CreateFileA
GetLastError
WaitForSingleObject
CloseHandle
DeleteFileA
CreateEventA
FreeLibrary
GetProcAddress
LocalAlloc
LocalFree
InterlockedDecrement
HeapFree
lstrlenW
GlobalFree
DebugBreak
HeapReAlloc
HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
FindFirstFileA
GetModuleHandleA
TerminateThread
GetTimeFormatA
SetLastError
SetErrorMode
GetStringTypeExA
GetPriorityClass
SetPriorityClass
CreateDirectoryA
QueryPerformanceCounter
QueryPerformanceFrequency
RtlUnwind
GetFileAttributesA

gdi32

GetSystemPaletteEntries
GetSystemPaletteUse
PatBlt
StretchBlt
SetBkColor
GetMapMode
CreatePalette
CreatePen
ExtTextOutA
LineTo
SelectPalette
MoveToEx
SetBkMode
SetTextColor
RealizePalette
GetTextExtentPoint32A
GetObjectA
GetTextMetricsA
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
LPtoDP
SaveDC
CreateDCA
SetWindowOrgEx
SetViewportOrgEx
SetMapMode
RestoreDC
CreateRectRgnIndirect
DeleteDC
CreateFontIndirectA
CreateSolidBrush
GetDeviceCaps
SelectObject
DeleteObject
GetStockObject
GetTextExtentPointA
CreateDIBSection

user32

MoveWindow
InvalidateRgn
IsWindowVisible
SetCursor
MessageBeep
IsDialogMessageA
LoadBitmapA
SetTimer
KillTimer
GetLastActivePopup
GetDoubleClickTime
CharUpperBuffA
IsDlgButtonChecked
ReleaseCapture
SetCapture
CreateDialogParamA
SetForegroundWindow
DrawTextA
SetRect
LoadImageA
EndDeferWindowPos
GetSystemMetrics
DeferWindowPos
BeginDeferWindowPos
GetWindowPlacement
IsWindowEnabled
GetDlgCtrlID
GetScrollPos
CheckDlgButton
SystemParametersInfoA
RemoveMenu
CharLowerA
InSendMessage
ModifyMenuA
GetMenuItemID
GetMenuItemCount
DrawIconEx
FindWindowExA
DrawEdge
GetTopWindow
SetParent
CheckRadioButton
ExitWindowsEx
LoadStringW
CheckMenuItem
TrackPopupMenuEx
GetForegroundWindow
GetSystemMenu
SetWindowPlacement
SendMessageTimeoutA
GetMenu
DeleteMenu
InsertMenuItemA
CloseClipboard
SetClipboardData
GetDesktopWindow
GetClassNameA
PostThreadMessageA
AppendMenuA
DefWindowProcA
DestroyWindow
RegisterClassA
RegisterWindowMessageA
CreateWindowExA
GetMessageA
GetWindowTextLengthA
GetDlgItemTextA
GetWindowLongA
DestroyIcon
LoadMenuA
GetSubMenu
GetMenuItemInfoA
SetMenuItemInfoA
EnableMenuItem
InsertMenuA
MapWindowPoints
GetWindowRect
TrackPopupMenu
SetCursorPos
MessageBoxA
SetFocus
TranslateAcceleratorA
CopyAcceleratorTableA
LoadAcceleratorsA
CharUpperA
CharToOemA
wsprintfA
ShowWindow
PeekMessageA
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageA
GetClientRect
InvalidateRect
UpdateWindow
GetDC
FrameRect
FillRect
ReleaseDC
LoadIconA
LoadStringA
SetDlgItemTextA
GetParent
PostMessageA
SetWindowLongA
EndDialog
SendMessageA
DialogBoxParamA
GetDlgItem
EnableWindow
SendDlgItemMessageA
CharNextA
RedrawWindow
BeginPaint
EndPaint
GetSysColor
GetWindowTextA
SetWindowTextA
GetWindow
GetClassInfoExA
CreateAcceleratorTableA
FindWindowA
EqualRect
RegisterClassExA
IntersectRect
SetWindowPos
OffsetRect
SetWindowRgn
IsChild
IsWindow
GetFocus
PtInRect
CallWindowProcA
UnionRect
EmptyClipboard
GetKeyState
OpenClipboard
GetCursorPos
DestroyMenu
LoadCursorA
GetIconInfo
GetSysColorBrush
GetMessagePos
AdjustWindowRectEx
GetClassInfoA
WinHelpA

winmm

waveOutReset
waveInReset
waveInUnprepareHeader
waveOutPrepareHeader
waveInGetNumDevs
waveOutGetDevCapsA
waveInGetDevCapsA
waveOutClose
waveOutOpen
waveInClose
waveInOpen
PlaySoundA
mixerGetLineInfoA
mixerGetDevCapsA
mixerOpen
mixerGetNumDevs
mixerGetID
mixerGetLineControlsA
mixerSetControlDetails
mixerGetControlDetailsA
mmioClose
mmioAscend
mmioRead
mmioDescend
mmioOpenA
waveInStart
mmioSeek
waveOutWrite
mixerClose
waveInPrepareHeader
waveOutUnprepareHeader
waveInAddBuffer
waveOutGetNumDevs

wsock32

gethostbyname
gethostname
inet_addr
ioctlsocket
WSAStartup
WSACleanup
getsockname

comctl32

ImageList_Create
InitCommonControlsEx
ImageList_AddMasked
ord6
ord8
CreateToolbarEx
PropertySheetA
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_DrawEx

ole32

IsAccelerator
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitializeEx
CoRegisterMessageFilter
CoTaskMemRealloc
CoRegisterClassObject
CoRevokeClassObject
WriteClassStm
OleSaveToStream
OleRegEnumVerbs
OleRegGetUserType
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CLSIDFromProgID
CLSIDFromString
StringFromCLSID
OleLockRunning
OleRegGetMiscStatus
CreateOleAdviseHolder

oleaut32

SysAllocString
RegisterTypeLi
LoadTypeLi
SysAllocStringLen
SysFreeString
VarUI4FromStr
VariantChangeType
SysStringByteLen
VariantClear
SysStringLen
OleCreatePropertyFrame
LoadRegTypeLi

shlwapi

StrChrA
StrCmpNIA

shell32

SHGetMalloc
SHGetPathFromIDListA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetFileInfoA
Shell_NotifyIconA

crypt32

CertFindCertificateInStore
CertNameToStrA
CertOpenSystemStoreA
CertGetIssuerCertificateFromStore
CertCreateCertificateContext
CertEnumCertificatesInStore
CertGetSubjectCertificateFromStore
CertOpenStore
CertFreeCertificateContext
CertCloseStore

nmas

StartStopOldWB
CreateASObject

mst120

T120_CreatePluggableTransport
T120_CreateAppletSAP
T120_CloseApplet
T120_QueryApplet
T120_LoadApplet

netapi32

Netbios

Sections

.text
Size: 310KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

81272ee372c67ad7cddd6265dcdce04f

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

winmm

wsock32

comctl32

ole32

oleaut32

shlwapi

shell32

crypt32

nmas

mst120

netapi32

Sections

.text Size: 310KB - Virtual size: 309KB

.data Size: 2KB - Virtual size: 6KB

.CRT Size: 512B - Virtual size: 8B

.rsrc Size: 330KB - Virtual size: 329KB

.fdata Size: 60KB - Virtual size: 60KB

.text
Size: 310KB - Virtual size: 309KB

.data
Size: 2KB - Virtual size: 6KB

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 330KB - Virtual size: 329KB

.fdata
Size: 60KB - Virtual size: 60KB