848019674bce6bea6389b2d8c8f7adb9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

848019674bce6bea6389b2d8c8f7adb9_JaffaCakes118
Size

2.7MB
MD5

848019674bce6bea6389b2d8c8f7adb9
SHA1

099d42b69bf404ea0d2d2d2c9bff10caa480128d
SHA256

0c2f40698171f12f87f7ba966580a83211d32242ae32a9a4c0df7189500cc371
SHA512

385442c2d7c954d8c557c5a47dc530f65d5232b322318123914e5f70c3565dbec55c5058389202187e97a971cd2c4fc3e86b23d28f77cfe787fe13333c7df851
SSDEEP

49152:y76zcbVG7s+mowqYjZU10fCoLbDMLWTOvH3N8ShCqwaybwCk:OR+moNYdUFvH3N8ShCqwaybwCk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
848019674bce6bea6389b2d8c8f7adb9_JaffaCakes118

Files

848019674bce6bea6389b2d8c8f7adb9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

49185c7a29bc7c6eb53e5367c872a047

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
HeapFree
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapReAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
GetTimeFormatA
GetFullPathNameA
GetProcessHeap
GetStartupInfoA
GetFileInformationByHandle
PeekNamedPipe
GetFileType
ExitProcess
SetStdHandle
HeapSize
GetACP
IsValidCodePage
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
GetTimeZoneInformation
LCMapStringA
LCMapStringW
SetHandleCount
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
GetThreadLocale
GetCurrentProcessId
ResumeThread
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameW
GlobalAlloc
FormatMessageA
GlobalLock
GlobalUnlock
GlobalFree
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LocalFree
LocalAlloc
RaiseException
GetWindowsDirectoryA
SetFileAttributesA
GetPrivateProfileIntA
GetSystemTime
UnmapViewOfFile
CreateFileMappingA
MapViewOfFileEx
GetCurrentDirectoryA
OutputDebugStringA
ExitThread
CreateProcessA
CopyFileA
GetDriveTypeA
GetFileAttributesA
FreeResource
lstrcmpA
InterlockedCompareExchange
FindResourceExW
FindResourceW
FindResourceExA
VirtualProtect
GetCurrentProcess
WriteProcessMemory
GetLocaleInfoA
GetCurrentThreadId
GetModuleHandleA
SetLastError
InterlockedIncrement
InterlockedDecrement
MulDiv
LoadLibraryA
GetProcAddress
FreeLibrary
SetFilePointer
FlushFileBuffers
GetStringTypeExA
lstrcmpiA
CompareFileTime
CompareStringW
CompareStringA
GetVersion
InterlockedExchange
SetEvent
GetFileSize
ReadFile
lstrlenW
CreateFileA
WriteFile
GetSystemDirectoryA
GetTickCount
ReleaseMutex
TerminateThread
WaitForSingleObject
lstrlenA
GetVersionExA
GetVolumeInformationA
SuspendThread
ResetEvent
CreateThread
GetTempPathA
GetExitCodeThread
CreateEventA
FindFirstFileA
FindNextFileA
FindClose
GetPrivateProfileSectionNamesA
lstrcmpW
Sleep
RemoveDirectoryA
DeleteFileA
CloseHandle
WritePrivateProfileStructA
GetPrivateProfileStructA
lstrcpyA
lstrcatA
GetCommandLineA
CreateMutexA
GetLastError
GetPrivateProfileStringA
CreateDirectoryA
lstrcpynA
GetLocalTime
WritePrivateProfileStringA
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA
GetComputerNameA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
CreateFileW
GetDateFormatA

user32

GetMenuCheckMarkDimensions
ModifyMenuA
CheckMenuItem
GetMenuStringA
CreateDialogIndirectParamA
GetNextDlgTabItem
SendDlgItemMessageA
WinHelpA
IsChild
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetLastActivePopup
SetActiveWindow
GetTopWindow
GetMessageTime
GetMessagePos
GetMenu
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
EqualRect
GetScrollInfo
IntersectRect
DestroyWindow
DefWindowProcA
RegisterClassExA
CreateWindowExA
EndDialog
GetForegroundWindow
EnumWindows
GetWindowPlacement
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
wsprintfA
GetActiveWindow
GetDlgItem
SetFocus
LoadMenuA
BeginPaint
EndPaint
GetAsyncKeyState
DestroyCursor
GetKeyState
IsWindowEnabled
GetCapture
EnableScrollBar
SetScrollPos
GetSysColorBrush
IsZoomed
GetMenuItemID
SetMenuDefaultItem
SetRect
GetClassInfoA
DestroyMenu
IsRectEmpty
GetSubMenu
WindowFromPoint
MapWindowPoints
CallWindowProcA
GetFocus
LoadImageW
LoadImageA
LoadCursorW
LoadIconW
LoadBitmapW
LoadStringW
LoadStringA
ClientToScreen
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
SetCapture
CopyRect
DrawFocusRect
ReleaseCapture
SetCursor
GetDlgCtrlID
LoadCursorA
GetMenuDefaultItem
InflateRect
GetMenuState
SetRectEmpty
GetMenuItemRect
UnionRect
OffsetRect
TrackPopupMenuEx
TrackPopupMenu
IsMenu
FrameRect
RegisterClipboardFormatA
SetMenuItemInfoA
InsertMenuItemA
SetMenuItemBitmaps
GetMenuItemCount
GetMenuItemInfoA
SystemParametersInfoA
GetDesktopWindow
LookupIconIdFromDirectoryEx
CreateIconFromResourceEx
CopyImage
GetSysColor
ValidateRect
DrawTextA
InvalidateRect
ScreenToClient
SetWindowRgn
DrawStateA
LoadBitmapA
ShowWindow
GetClassNameA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
UnregisterClassA
CharNextA
MapVirtualKeyA
GetSystemMenu
GetDC
FindWindowExA
PtInRect
GetWindowDC
ReleaseDC
IsWindow
DestroyIcon
GetKeyNameTextA
GetWindowThreadProcessId
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
GrayStringA
DrawTextExA
TabbedTextOutA
MoveWindow
SetWindowTextA
IsDialogMessageA
EnableMenuItem
CharUpperA
PeekMessageA
GetMessageA
PostThreadMessageA
GetWindowTextA
RedrawWindow
GetParent
CharLowerBuffA
RegisterWindowMessageA
SetWindowPos
GetCursorPos
SetForegroundWindow
SetParent
AppendMenuA
CreatePopupMenu
IsWindowVisible
UpdateWindow
GetWindowRect
FillRect
wsprintfW
SetTimer
FindWindowA
GetWindow
PostMessageA
LoadAcceleratorsA
MessageBoxA
KillTimer
TranslateAcceleratorA
GetWindowLongA
SetWindowLongA
GetSystemMetrics
EnableWindow
LoadIconA
GetClientRect
IsIconic
SendMessageA
DrawIcon
GetComboBoxInfo

gdi32

GetWindowExtEx
PtVisible
RectVisible
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetViewportExtEx
CreateRectRgnIndirect
GetTextMetricsA
GetTextColor
SelectClipRgn
PatBlt
ExcludeClipRect
RestoreDC
SaveDC
GetClipBox
GetTextExtentPoint32A
SelectObject
CreateFontA
SetPixel
GetRgnBox
GetDeviceCaps
DPtoLP
CreateBitmap
GetMapMode
SetMapMode
SetStretchBltMode
GetPixel
CreateBrushIndirect
CreateSolidBrush
GetBitmapBits
SetBitmapBits
MoveToEx
LineTo
StretchBlt
CreateDIBitmap
GetBkColor
GetBkMode
SetBkColor
SetBkMode
SetTextColor
TextOutA
Rectangle
CreateCompatibleBitmap
CreateFontIndirectA
ExtCreatePen
CreatePen
BitBlt
CreateRectRgn
CreateEllipticRgn
CombineRgn
CreateCompatibleDC
DeleteDC
GetObjectA
GetDIBits
DeleteObject
GetStockObject

msimg32

AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
GetUserNameA
RegCreateKeyA

shell32

ShellExecuteA
Shell_NotifyIconA
SHGetSpecialFolderPathA
SHGetFolderPathA
ord18
SHGetPathFromIDListA
ord155
ord21
ord25
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage

comctl32

ImageList_DrawEx
ImageList_GetImageInfo
_TrackMouseEvent
ImageList_GetImageCount
ImageList_GetIconSize
ord17
ImageList_Draw

shlwapi

StrStrA
PathAddBackslashA
PathRemoveFileSpecA
StrStrIA
PathAppendA
StrCmpNIW
PathStripPathA
PathFindExtensionA
PathRemoveExtensionA
PathFileExistsA
PathIsDirectoryA
PathIsDirectoryEmptyA
PathCombineA
StrToIntA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleRun

oleaut32

SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SafeArrayUnlock
SafeArrayLock
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetVartype
VariantChangeType
VariantCopy
SysStringByteLen
SysAllocStringByteLen
VariantClear
VariantInit
VarBstrCmp
SysStringLen
SysAllocString
SysFreeString

urlmon

ObtainUserAgentString

dbghelp

ImageDirectoryEntryToData

wininet

InternetSetOptionA
InternetOpenUrlA
InternetCloseHandle
InternetCanonicalizeUrlA
HttpOpenRequestA
InternetOpenA
InternetReadFile
InternetCrackUrlA
FindFirstUrlCacheEntryExA
InternetSetCookieA
FindNextUrlCacheEntryExA
InternetConnectA
HttpAddRequestHeadersA
HttpSendRequestA
InternetGetConnectedState
InternetQueryOptionA
FindCloseUrlCache
InternetGetCookieA
HttpQueryInfoA

rpcrt4

UuidCreate
UuidToStringA
RpcStringFreeA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 232KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 541B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49185c7a29bc7c6eb53e5367c872a047

Headers

File Characteristics

Imports

iphlpapi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

dbghelp

wininet

rpcrt4

version

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 232KB - Virtual size: 230KB

.data Size: 24KB - Virtual size: 43KB

.tls Size: 4KB - Virtual size: 541B

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 232KB - Virtual size: 230KB

.data
Size: 24KB - Virtual size: 43KB

.tls
Size: 4KB - Virtual size: 541B

.rsrc
Size: 1.2MB - Virtual size: 1.2MB