8b2dc991d78144b61f3a06d9e2b8d9c8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8b2dc991d78144b61f3a06d9e2b8d9c8_JaffaCakes118
Size

580KB
MD5

8b2dc991d78144b61f3a06d9e2b8d9c8
SHA1

629fb870e32bc8a3e7d2c5396d02d672529451ed
SHA256

496287147a0053fbb97a4cd493e6253f17566723f08173c03fffb87cfdda5dbe
SHA512

93a88452fe6093ac9e634bf3877262f2f9890bd805149bd3649c27e72889d18b7cfc4a23008c38902c4aca6c922073183dbd77dc09a8a98f54c176b9cb580a30
SSDEEP

12288:383WtWAZe1k0f85JkUU7Efn9nx2BoTRjFysD79s:3I1BnUcan9oBURV9s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b2dc991d78144b61f3a06d9e2b8d9c8_JaffaCakes118

Files

8b2dc991d78144b61f3a06d9e2b8d9c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5405e2ec34d821c8bbe8fc78ea3bb513

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA
SHGetValueA

gdiplus

GdipFree
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipLoadImageFromFile
GdipGetImageHeight
GdipDisposeImage
GdipGetImageWidth
GdipAlloc

wininet

GetUrlCacheEntryInfoA
InternetCrackUrlA
InternetGetConnectedState
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
DeleteUrlCacheEntry
FindFirstUrlCacheEntryExA
FindCloseUrlCache
FindNextUrlCacheEntryExA

kernel32

GetCommandLineA
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
SetLastError
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
InterlockedIncrement
GetThreadLocale
SystemTimeToFileTime
GetFileAttributesA
SetFileTime
GetFullPathNameA
GetDiskFreeSpaceA
lstrcmpA
EnumResourceLanguagesA
ConvertDefaultLocale
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
FormatMessageA
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
MoveFileA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
LocalFileTimeToFileTime
WritePrivateProfileStringA
GetTickCount
SetErrorMode
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoA
ExitProcess
RtlUnwind
RaiseException
ExitThread
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
OpenMutexA
OpenEventA
GetPrivateProfileSectionNamesA
GetVolumeInformationA
OutputDebugStringA
TerminateProcess
SuspendThread
SetFileAttributesA
GetModuleFileNameA
GetWindowsDirectoryA
CreateFileW
FreeLibrary
LoadLibraryA
SetFilePointer
GetModuleFileNameW
lstrcpynA
GetShortPathNameA
GetLocaleInfoA
GetTimeZoneInformation
CreateDirectoryA
HeapSize
CopyFileA
GetSystemDirectoryA
GetModuleHandleA
FindFirstFileA
FileTimeToLocalFileTime
CreateFileMappingA
CreateEventA
WaitForMultipleObjects
GetVersionExA
FileTimeToSystemTime
GetSystemTime
FindClose
CreateMutexA
InterlockedDecrement
GetProcAddress
ResumeThread
FindNextFileA
ReleaseMutex
LockResource
CancelWaitableTimer
CreateWaitableTimerA
SizeofResource
WaitForSingleObject
SetThreadPriority
LoadResource
FindResourceA
SetEvent
Sleep
ResetEvent
OpenFileMappingA
GetThreadPriority
GetCurrentThread
SetWaitableTimer
UnmapViewOfFile
MapViewOfFile
GetFileSize
HeapReAlloc
ReadFile
LocalFree
LocalAlloc
DeleteFileA
GetPrivateProfileIntA
GetCurrentProcessId
GetPrivateProfileStringA
GetTempPathA
GetTempFileNameA
WriteFile
CreateThread
lstrlenW
HeapFree
lstrcmpiA
WideCharToMultiByte
GetSystemTimeAsFileTime
CloseHandle
GetFileTime
MultiByteToWideChar
EnterCriticalSection
InterlockedExchange
CompareStringA
lstrlenA
GetStringTypeExA
GetLastError
HeapAlloc
LeaveCriticalSection
CompareStringW
CreateFileA
DeleteCriticalSection
GetVersion
InitializeCriticalSection
GetProcessHeap
LocalReAlloc

user32

EndPaint
RegisterClipboardFormatA
PostThreadMessageA
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuItemInfoA
InflateRect
UnregisterClassA
LoadCursorA
ClientToScreen
SetWindowRgn
DrawIcon
FillRect
FindWindowA
SetCapture
InvalidateRgn
ReleaseDC
GetDC
SetRect
IsRectEmpty
CopyAcceleratorTableA
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
MessageBeep
GetNextDlgGroupItem
PostQuitMessage
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
ValidateRect
UnpackDDElParam
ReuseDDElParam
GetActiveWindow
SetCursor
ReleaseCapture
LoadAcceleratorsA
InvalidateRect
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
GetDesktopWindow
CharNextA
IsWindowEnabled
MoveWindow
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetMenu
MessageBoxA
CreateWindowExA
CharUpperA
EnableWindow
GetSubMenu
GetCursorPos
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
DeferWindowPos
CopyRect
GetScrollInfo
SetScrollInfo
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
IsIconic
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetClientRect
GetSysColor
GetWindow
GetSysColorBrush
GetWindowRect
GetTopWindow
GetPropA
EnumChildWindows
EnumWindows
GetWindowThreadProcessId
IsWindowVisible
SetWindowLongA
SetWindowTextA
ShowWindow
GetWindowTextA
LoadImageA
UpdateWindow
KillTimer
SetTimer
GetWindowPlacement
TrackPopupMenu
SendMessageA
DestroyMenu
LoadMenuA
SetPropA
DestroyIcon
GetSystemMetrics
IsWindow
GetWindowLongA
SetWindowPos
SystemParametersInfoA
AnimateWindow
FlashWindowEx
PostMessageA
TranslateAcceleratorA

gdi32

ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateSolidBrush
GetMapMode
ScaleWindowExtEx
SetWindowExtEx
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32A
ExtTextOutA
BitBlt
CreateFontIndirectA
DeleteObject
Ellipse
LPtoDP
CreateEllipticRgn
GetRgnBox
CreateRectRgnIndirect
GetWindowExtEx
CreateCompatibleDC
CreateCompatibleBitmap
GetTextColor
GetBkColor
GetStockObject
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
GetPixel
GetViewportExtEx
SetMapMode

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegEnumKeyA
GetFileSecurityA
SetFileSecurityA
RegSetValueA
RegQueryInfoKeyA
RegDeleteKeyA
RegOpenKeyA
RegSetValueExA
RegEnumKeyExA
RegCreateKeyExA
SetNamedSecurityInfoA
SetSecurityDescriptorDacl
InitializeAcl
GetLengthSid
InitializeSecurityDescriptor
AllocateAndInitializeSid
RegQueryValueExA
CryptExportKey
CryptGetProvParam
CryptImportKey
CryptGenKey
CryptGetKeyParam
CryptDecrypt
CryptGenRandom
CryptReleaseContext
CryptDestroyKey
CryptAcquireContextA
RegDeleteValueA
RegOpenKeyExA
RegCloseKey
RegCreateKeyA

shell32

SHAppBarMessage
SHGetFileInfoA
ExtractIconA
DragQueryFileA
DragFinish
SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteA

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
OleUninitialize
CoTaskMemFree
OleRun
CoInitializeEx
GetClassFile
CoUninitialize
CoInitialize
CoCreateInstance
OleFlushClipboard
OleIsCurrentClipboard
CoDisconnectObject
CoGetClassObject
CLSIDFromProgID
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CLSIDFromString
CoTaskMemAlloc
StringFromCLSID

oleaut32

GetErrorInfo
LoadTypeLi
SysStringLen
SysFreeString
SysAllocString
VariantClear
VariantInit
SystemTimeToVariantTime
SysAllocStringLen
SysAllocStringByteLen
VariantTimeToSystemTime
SysStringByteLen
VarBstrCat
VariantChangeType
OleCreateFontIndirect
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
SafeArrayDestroy

urlmon

URLDownloadToCacheFileA

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 404KB - Virtual size: 402KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5405e2ec34d821c8bbe8fc78ea3bb513

Headers

File Characteristics

Imports

shlwapi

gdiplus

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

oledlg

ole32

oleaut32

urlmon

oleacc

Sections

.text Size: 404KB - Virtual size: 402KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 20KB - Virtual size: 135KB

.rsrc Size: 60KB - Virtual size: 56KB

.text
Size: 404KB - Virtual size: 402KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 20KB - Virtual size: 135KB

.rsrc
Size: 60KB - Virtual size: 56KB