8d9c469adcc87478cccd23dab6dc5056_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8d9c469adcc87478cccd23dab6dc5056_JaffaCakes118
Size

5.7MB
MD5

8d9c469adcc87478cccd23dab6dc5056
SHA1

7219c08fc0d1bc6bb06fe0de30d4857dff13414f
SHA256

6318221ba3beea12cc0d6ed523c0120b32063cc239d2546ca51d0fcc6689016c
SHA512

200bfbb84ec16cffbd328d052336e455236717ba812f496d4f6f2529dcf9ec7bd1b2323082305ddbb5ab7902c6872d1e6d39dde12f7dda304154ad514a549685
SSDEEP

98304:KeDBUGjdPIH627f7WzwF9AO/2ja/jv1/k7En4mNWlZoOMiAGk6:ptUGjdNCTWzeFamjt/kg4mN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d9c469adcc87478cccd23dab6dc5056_JaffaCakes118

Files

8d9c469adcc87478cccd23dab6dc5056_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ecc633e88097d79de705be59d31431a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLocalTime
SetCommState
GetCommTimeouts
SetCommTimeouts
SetupComm
EscapeCommFunction
GetCommState
SetCommMask
WaitCommEvent
CompareFileTime
PurgeComm
CreateThread
ExpandEnvironmentStringsA
QueryPerformanceCounter
QueryPerformanceFrequency
DeviceIoControl
ExitProcess
HeapFree
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
VirtualProtect
VirtualQuery
HeapReAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
RaiseException
ExitThread
HeapSize
GetSystemTimeAsFileTime
GetTimeZoneInformation
IsValidCodePage
TerminateProcess
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetDriveTypeA
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
TryEnterCriticalSection
GetTempFileNameA
GetTempPathA
GetSystemInfo
VirtualFree
VirtualAlloc
GetSystemTime
InterlockedCompareExchange
GetLocalTime
LoadLibraryExA
GetDiskFreeSpaceExA
GetSystemPowerStatus
GetTimeFormatA
GetDateFormatA
GetCurrentDirectoryA
SetErrorMode
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WritePrivateProfileStringA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
SuspendThread
GetCurrentProcessId
GetModuleFileNameW
FindNextFileA
GlobalAlloc
MulDiv
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
MoveFileA
GetFileTime
SetFileAttributesA
CreateFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetModuleHandleA
GetVersion
MultiByteToWideChar
CompareStringW
CompareStringA
SetEndOfFile
lstrlenW
WinExec
CreateProcessA
lstrlenA
GetExitCodeThread
FreeLibrary
SetLastError
LoadLibraryA
LocalFree
FormatMessageA
GetProcAddress
WriteFile
ResumeThread
SetThreadPriority
TerminateThread
CopyFileA
GetVersionExA
FileTimeToSystemTime
SystemTimeToFileTime
GetFileAttributesA
GetLogicalDriveStringsA
DeleteFileA
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
GetCurrentThreadId
SetEvent
WaitForSingleObject
GetLastError
LockResource
SizeofResource
WideCharToMultiByte
SetFilePointer
CreateDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GlobalMemoryStatus
GetFileSize
ReadFile
CloseHandle
CreateEventA
FindResourceA
LoadResource
Sleep
lstrcmpiA
GetTickCount
InterlockedExchange
InterlockedDecrement
lstrcmpA
InterlockedIncrement
GetStringTypeExA
GetACP
GetThreadLocale

user32

ShowCursor
AttachThreadInput
WindowFromPoint
UnionRect
MapVirtualKeyA
UnregisterClassA
GetMenuItemInfoA
GetSysColorBrush
ShowOwnedPopups
PostQuitMessage
GetMessageA
TranslateMessage
ValidateRect
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
GetCursor
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthA
SetWindowPos
SetFocus
IsWindowEnabled
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
MessageBeep
SetCursor
SetClassLongA
SetMenu
LoadCursorA
LoadIconA
DefWindowProcA
GetClassInfoA
FindWindowA
ReleaseCapture
GetCapture
GetNextDlgGroupItem
RedrawWindow
keybd_event
wsprintfA
HideCaret
GetCaretPos
GetKeyState
SetCapture
VkKeyScanA
GetLastInputInfo
SubtractRect
PostThreadMessageA
PeekMessageA
GetUpdateRect
SetWindowLongA
GetWindowLongA
GetDesktopWindow
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
InvalidateRgn
CopyAcceleratorTableA
SetWindowRgn
DrawIcon
FillRect
GetSysColor
ScreenToClient
GetCursorPos
EndPaint
GetClientRect
BeginPaint
IsIconic
SetForegroundWindow
GetWindowThreadProcessId
GetWindowTextA
GetForegroundWindow
ReleaseDC
GetDC
GetParent
GetWindowRect
UpdateWindow
GetAsyncKeyState
IsWindowVisible
InvalidateRect
CopyRect
PtInRect
SendMessageA
PostMessageA
IsWindow
GetSystemMetrics
CharUpperA
OffsetRect
IsRectEmpty
InflateRect
SetRect
IntersectRect
EqualRect
CharLowerA
EnableWindow
KillTimer
SetTimer
CharNextA
CreateWindowExA

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleBitmap
DPtoLP
CreateRectRgnIndirect
ScaleViewportExtEx
GetMapMode
GetTextMetricsA
GetBkColor
Ellipse
Polygon
RoundRect
SetBrushOrgEx
GetDIBits
CreateDIBSection
GetTextColor
SetMapMode
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateSolidBrush
GetRgnBox
LPtoDP
CreateEllipticRgn
SetBkMode
RestoreDC
SaveDC
SetBkColor
GetClipBox
CreateBitmap
GetObjectA
GetTextExtentPoint32A
AbortDoc
EndDoc
EndPage
StartPage
StartDocA
SetStretchBltMode
SelectClipRgn
SetTextColor
DeleteObject
CreateRectRgn
StretchBlt
GetCurrentObject
CreateFontIndirectA
GetTextExtentPointA
GetDeviceCaps
BitBlt
CreateCompatibleDC
GdiFlush
GetStockObject
CreatePen
SelectObject
Polyline
Rectangle

msimg32

TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyA
RegEnumKeyExA
RegFlushKey
RegDeleteValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOverridePredefKey
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteA
DragFinish
DragQueryFileA
SHGetSpecialFolderPathA

comctl32

ord17

shlwapi

PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

ole32

CoTaskMemFree
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc
CLSIDFromString

oleaut32

OleCreateFontIndirect
SysAllocString
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime

winmm

mixerSetControlDetails
waveOutGetNumDevs
waveOutGetDevCapsA
waveOutGetVolume
waveOutSetVolume
mixerGetNumDevs
mixerOpen
PlaySoundA
waveInStop
waveInReset
waveInUnprepareHeader
waveInClose
mixerGetDevCapsA
mixerClose
mixerGetLineInfoA
mixerGetLineControlsA
sndPlaySoundA
mixerGetControlDetailsA

ws2_32

WSAStartup
gethostname
gethostbyname
WSACleanup

wininet

HttpSendRequestA
HttpQueryInfoA
InternetReadFile
HttpEndRequestA
InternetWriteFile
HttpSendRequestExA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetCloseHandle
InternetAttemptConnect
InternetConnectA
InternetOpenA

oledlg

ord8

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 692KB - Virtual size: 690KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1ecc633e88097d79de705be59d31431a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

winmm

ws2_32

wininet

oledlg

Sections

.text Size: 4.9MB - Virtual size: 4.9MB

.rdata Size: 692KB - Virtual size: 690KB

.data Size: 104KB - Virtual size: 233KB

.rsrc Size: 34KB - Virtual size: 34KB

.text
Size: 4.9MB - Virtual size: 4.9MB

.rdata
Size: 692KB - Virtual size: 690KB

.data
Size: 104KB - Virtual size: 233KB

.rsrc
Size: 34KB - Virtual size: 34KB