7908b31ca44a2b707b1b69677a8803f4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7908b31ca44a2b707b1b69677a8803f4_JaffaCakes118
Size

1.6MB
MD5

7908b31ca44a2b707b1b69677a8803f4
SHA1

36850539fb612ae4d7cecb56a34f0ec4f2dc047f
SHA256

92623fcbca41b124c5d42e795e852e5109d6cafa1d691080c255377c8901327a
SHA512

a9d6bbbfd0d869b9eaafabb19c063a1b20cf5be9c5dbc123e6e7177f6f5d8192a59e7ae15d720a2c286eae2ef4a4f992bf63ae613bf260e600f6a7156fbcb176
SSDEEP

49152:Hz9jiNc9SrWCPlHRUBPIdI9tLASvJJJJJJJ5eIm:Bj+c9+W6RUpIOxvJJJJJJJ5eB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7908b31ca44a2b707b1b69677a8803f4_JaffaCakes118

Files

7908b31ca44a2b707b1b69677a8803f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30608065f751d552e9d96f249b6c99d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

sndPlaySoundA

ws2_32

WSAGetLastError
gethostbyname
gethostname
WSACleanup
WSAStartup
inet_ntoa
htonl
setsockopt
send
WSACloseEvent
htons
WSAResetEvent
WSACreateEvent
bind
shutdown
WSAGetOverlappedResult
WSAWaitForMultipleEvents
WSASend
WSARecv
connect
inet_addr
socket
WSASocketA
closesocket
sendto

kernel32

LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetErrorMode
GlobalSize
RtlUnwind
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RaiseException
GetStartupInfoA
ExitProcess
ExitThread
TerminateProcess
SetStdHandle
GetFileType
GetACP
HeapReAlloc
HeapSize
FatalAppExitA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetFileTime
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
GetVersionExA
GetVersion
lstrlenA
lstrlenW
GetCPInfo
LockResource
LoadResource
FindResourceA
FreeResource
lstrcmpiA
MultiByteToWideChar
WideCharToMultiByte
DeleteFileA
CreateEventA
ReleaseMutex
GetLastError
CreateMutexA
CopyFileA
Sleep
GetCommandLineA
GetModuleFileNameA
CloseHandle
WriteFile
CreateFileA
SizeofResource
SetFileAttributesA
CreateDirectoryA
FindClose
FindFirstFileA
CreateThread
GetTempFileNameA
GetTempPathA
GetProcessHeap
VirtualProtect
FlushInstructionCache
VirtualQuery
GetWindowsDirectoryA
InterlockedExchange
CreateFileW
GetFileSize
GetFileAttributesA
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetOEMCP
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
IsBadStringPtrW
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
FindNextFileA
GlobalAlloc
GetCurrentThread
lstrcmpA
SuspendThread
ResumeThread
FormatMessageA
LocalFree
lstrcpynA
InterlockedDecrement
InterlockedIncrement
MulDiv
FreeLibrary
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
MoveFileA
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
CreateToolhelp32Snapshot
Process32First
Module32First
GetFullPathNameA
Module32Next
Process32Next
SetThreadPriority
WaitForMultipleObjects
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DeviceIoControl
SetLastError
GlobalMemoryStatus
GetDriveTypeA
GetDiskFreeSpaceExA
RemoveDirectoryA
GetVolumeInformationA
ResetEvent
GetTickCount
SetEvent
WaitForSingleObject
LoadLibraryA
GetProcAddress
CreateProcessA
WinExec
GetEnvironmentStrings

user32

SetParent
IsRectEmpty
InvertRect
RegisterClipboardFormatA
LoadStringA
LoadCursorA
GetDialogBaseUnits
IsZoomed
CharNextA
CharUpperA
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
WindowFromPoint
PtInRect
InvalidateRect
SetRectEmpty
GetMessageA
TranslateMessage
ValidateRect
DestroyMenu
SetCursor
ShowOwnedPopups
wvsprintfA
InflateRect
OemToCharA
CharToOemA
EndPaint
BeginPaint
ClientToScreen
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
TrackPopupMenu
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
MessageBeep
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
RegisterWindowMessageA
OffsetRect
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
DestroyCursor
CharLowerA
DrawMenuBar
IsMenu
GetWindowWord
SetWindowWord
DrawStateA
DrawFrameControl
CharUpperBuffA
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
MessageBoxExA
GetClassNameA
GetWindowThreadProcessId
GetWindow
GetTopWindow
ShowWindow
PeekMessageA
PostThreadMessageA
GetNextDlgGroupItem
CopyAcceleratorTableA
WaitMessage
SetCapture
LockWindowUpdate
GetDCEx
UnpackDDElParam
ReuseDDElParam
SetMenu
ReleaseCapture
GetSystemMenu
EnableMenuItem
SetForegroundWindow
BringWindowToTop
IsIconic
PostMessageA
LoadMenuA
GetWindowTextA
DrawIcon
RegisterHotKey
EnumWindows
UnregisterHotKey
GetCursorPos
LoadIconA
GetParent
IsWindow
GetCursor
GetIconInfo
EnableScrollBar
UnregisterClassA
RegisterClassExA
GetWindowInfo
SetWindowRgn
RedrawWindow
SetWindowLongA
GetDesktopWindow
ReleaseDC
GetDC
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuStringA
GetMenuState
GetMenuItemID
DeleteMenu
CreateMenu
GrayStringA
TabbedTextOutA
DrawEdge
LoadBitmapA
GetSysColorBrush
FillRect
CopyRect
SetRect
GetSystemMetrics
DrawTextA
DrawIconEx
DestroyIcon
SystemParametersInfoA
GetSysColor
GetMenuItemInfoA
SetWindowPos
GetWindowRect
TranslateAcceleratorA
DefWindowProcA
RemoveMenu
GetMenuItemCount
AppendMenuA
CreatePopupMenu
SendMessageA
EnableWindow
KillTimer
SetTimer
GetWindowDC
GetClientRect
LoadImageA
CopyIcon
FrameRect
WindowFromDC
DrawTextExA
CreateIconIndirect
LoadAcceleratorsA
SetWindowPlacement

gdi32

GetDeviceCaps
GetBkMode
PtVisible
RectVisible
Ellipse
PatBlt
GetPixel
SetPixel
TextOutA
ExtTextOutA
Escape
CreateHatchBrush
Rectangle
EnumFontFamiliesExA
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
StartDocA
SaveDC
RestoreDC
GetStockObject
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
GetObjectA
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetViewportExtEx
GetWindowExtEx
ExtCreatePen
CreatePatternBrush
CreateDIBPatternBrushPt
GetMapMode
SetRectRgn
CombineRgn
CreateRectRgnIndirect
DPtoLP
StretchDIBits
GetCharWidthA
CreateFontA
GetTextColor
GetBkColor
GetTextMetricsA
LPtoDP
CopyMetaFileA
CreateDCA
CreateCompatibleDC
CreateDIBSection
BitBlt
DeleteObject
DeleteDC
CreateCompatibleBitmap
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetTextExtentPoint32W
OffsetRgn
GetTextExtentPointA
ExtCreateRegion
GetRegionData
GetDIBits
CreateICA
RealizePalette
StretchBlt
Polygon
CreateDIBitmap
SetDIBitsToDevice
PtInRegion
ExtFloodFill
GetRgnBox
UnrealizeObject
SetBrushOrgEx
PlayEnhMetaFile
GetTextExtentPoint32A
IntersectClipRect
SelectObject

comdlg32

ChooseColorA
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegSetValueA
RegQueryValueA
RegEnumKeyA
RegCreateKeyA
RegQueryValueExA

shell32

ExtractIconA
DragQueryFileA
DragFinish
SHGetFileInfoA
DragAcceptFiles
SHChangeNotify
Shell_NotifyIconA
SHGetSpecialFolderPathA
ShellExecuteA
ExtractIconExA

comctl32

ImageList_Draw
ImageList_GetIcon
ord17
ImageList_AddMasked
ImageList_GetImageCount
ImageList_GetIconSize
ord13
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write
ImageList_DrawEx
_TrackMouseEvent
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Remove

oledlg

ord8

ole32

CoGetClassObject
CLSIDFromString
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
CoInitialize
CreateBindCtx
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleRun
CoDisconnectObject
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
OleDuplicateData
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CLSIDFromProgID

olepro32

ord253

oleaut32

LoadTypeLi
SysStringLen
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantChangeType
SysAllocString
VariantCopy
SysReAllocStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SysAllocStringByteLen
SysStringByteLen

wininet

FtpOpenFileA
FtpGetCurrentDirectoryA
InternetGetLastResponseInfoA
GopherFindFirstFileA
InternetFindNextFileA
FtpFindFirstFileA
HttpQueryInfoA
HttpSendRequestExA
HttpEndRequestA
HttpSendRequestA
HttpAddRequestHeadersA
InternetErrorDlg
HttpOpenRequestA
GopherOpenFileA
GopherGetAttributeA
GopherCreateLocatorA
FtpGetFileA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetSetOptionExA
InternetSetStatusCallback
InternetSetCookieA
InternetGetCookieA
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
InternetConnectA
FtpDeleteFileA
FtpRenameFileA
FtpCreateDirectoryA
FtpRemoveDirectoryA
FtpSetCurrentDirectoryA
FtpPutFileA

netapi32

Netbios

Sections

.text
Size: 992KB - Virtual size: 990KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 368KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30608065f751d552e9d96f249b6c99d9

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

netapi32

Sections

.text Size: 992KB - Virtual size: 990KB

.rdata Size: 172KB - Virtual size: 168KB

.data Size: 92KB - Virtual size: 187KB

.rsrc Size: 368KB - Virtual size: 366KB

.text
Size: 992KB - Virtual size: 990KB

.rdata
Size: 172KB - Virtual size: 168KB

.data
Size: 92KB - Virtual size: 187KB

.rsrc
Size: 368KB - Virtual size: 366KB