8afb712f62e1d04135b86bd56dc51a50_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8afb712f62e1d04135b86bd56dc51a50_JaffaCakes118
Size

1.4MB
MD5

8afb712f62e1d04135b86bd56dc51a50
SHA1

1e1aac86856aa6d3f6ffd7c00debda441bd1f744
SHA256

2d2a94304f392eef5fe81acb2d0fc6dafcbfebdc483bec33cefa30980e26355c
SHA512

7b79ae21985af4d01a152f84c19103972394d77edb2fcca565e3d65e1829bd85b415a243a5d13f6ff1ebd25496e6ac896e13e5e20908bef7a21e1b74bdfde489
SSDEEP

6144:61t0GGlIjE3gUspTr1jDv5dHSWcrSaR/6zMJ8:BXlIgZmTr1jDveWcd/6zMJ8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8afb712f62e1d04135b86bd56dc51a50_JaffaCakes118

Files

8afb712f62e1d04135b86bd56dc51a50_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46d759a204369874750582c5ef67a835

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mumsg

??1CMsg@@QAE@XZ
??0CMsg@@QAE@XZ
?LoadWTF@CMsg@@QAEXPAD@Z
?Get@CMsg@@QAEPADH@Z

winmm

timeGetTime
sndPlaySoundA

ws2_32

inet_ntoa
WSAAsyncSelect
WSACleanup
send
htons
inet_addr
gethostbyname
connect
WSAStartup
WSAGetLastError
socket
recv
closesocket

wz_zp

BZ2_bzDecompressInit
BZ2_bzDecompress
BZ2_bzDecompressEnd

kernel32

GlobalFlags
SizeofResource
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
SetErrorMode
GetTickCount
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
HeapFree
GetACP
TerminateProcess
HeapSize
HeapReAlloc
SetStdHandle
GetFileType
CompareStringA
CompareStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetExitCodeProcess
CreateProcessA
SetEnvironmentVariableA
GetProfileStringA
WritePrivateProfileStringA
GetPrivateProfileStringA
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
CreateEventA
GlobalAlloc
GetCurrentThread
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleFileNameA
GetCurrentDirectoryA
FreeEnvironmentStringsA
SetFileAttributesA
GetLastError
CreateMutexA
Sleep
CreateDirectoryA
RemoveDirectoryA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
lstrcpynA
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GetFileAttributesA
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GlobalFree
LockResource
FindResourceA
LoadResource
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleA
GetProcAddress
SetLastError
DeleteFileA
CopyFileA
CreateFileA
GetFileSize
ReadFile
WriteFile
CloseHandle
ResetEvent
WaitForSingleObject
lstrcmpA

user32

GetMessageA
SetWindowContextHelpId
MapDialogRect
CharNextA
LoadStringA
PtInRect
LoadCursorA
GetSysColorBrush
DestroyMenu
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
GetCursorPos
WindowFromPoint
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
SetWindowTextA
IsDialogMessageA
CheckRadioButton
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetFocus
AdjustWindowRectEx
CopyRect
IsWindowVisible
ValidateRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
IsWindowEnabled
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
LoadImageA
GetDesktopWindow
IsChild
GetClassNameA
PeekMessageA
TranslateMessage
DispatchMessageA
KillTimer
PostQuitMessage
SetRect
DrawIcon
FindWindowA
SetTimer
LoadIconA
MessageBoxA
GrayStringA
DrawTextA
TabbedTextOutA
RedrawWindow
IsWindow
SetCursor
CharUpperA
InflateRect
GetSysColor
GetParent
InvalidateRect
EnableWindow
PostMessageA
IsIconic
GetSystemMetrics
GetClientRect
LoadBitmapA
GetDlgItem
MoveWindow
wsprintfA
SendMessageA
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
GetMessageTime

gdi32

RestoreDC
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetStretchBltMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
IntersectClipRect
SetTextAlign
SaveDC
DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
CreateSolidBrush
CreateBitmap
PatBlt
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
DeleteDC
SetDIBitsToDevice
StretchDIBits
GetDIBits
CreatePalette
RealizePalette
GetStockObject
CreateFontA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateCompatibleBitmap
CreateCompatibleDC
CreateRectRgn
BitBlt
GetCurrentObject
CreateFontIndirectA
GetTextExtentPointA
CreateDIBitmap
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey

shell32

SHFileOperationA
ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

OleFlushClipboard
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize

olepro32

ord253

oleaut32

VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
SysFreeString
VariantClear

wininet

FtpFindFirstFileA
InternetFindNextFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpGetFileA
InternetOpenA
InternetConnectA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetSetStatusCallback
FtpOpenFileA
InternetReadFile

Sections

.text
Size: 228KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

46d759a204369874750582c5ef67a835

Headers

File Characteristics

Imports

mumsg

winmm

ws2_32

wz_zp

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Sections

.text Size: 228KB - Virtual size: 226KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 24KB - Virtual size: 218KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 228KB - Virtual size: 226KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 24KB - Virtual size: 218KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB