956c246792d7e78fbea7485b06330a86_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

956c246792d7e78fbea7485b06330a86_JaffaCakes118
Size

612KB
MD5

956c246792d7e78fbea7485b06330a86
SHA1

ca0f6810e3b1df04dd94215d73e33005c6325947
SHA256

ba91f1002c0f7c9013265adc0363d72ea45016aaff39cd848b588bb6022cbed7
SHA512

24b08686563a5a9da827344358ebf226002d4b899944bb1ed995718ebac12e3376d37cbf02e103e3c3f0b43326a32afa518cb3eae7bb0fee26427f5a019331e0
SSDEEP

12288:BlG5lH69fUlu05GrgJLQC+CAbILrapiJIMUYvzLO0yt3:BQfkEJk3dGrapiJDUY76Vt3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
956c246792d7e78fbea7485b06330a86_JaffaCakes118

Files

956c246792d7e78fbea7485b06330a86_JaffaCakes118
.exe windows:4 windows x86 arch:x86

497bbf521718e780e09b20031cafa7d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
HeapFree
HeapAlloc
ExitProcess
HeapReAlloc
TerminateProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetStartupInfoW
IsBadWritePtr
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
WritePrivateProfileStringW
GetFileTime
GetFileAttributesW
SetErrorMode
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
LocalAlloc
FileTimeToLocalFileTime
LoadLibraryW
GetModuleFileNameW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiW
InterlockedDecrement
SetLastError
MulDiv
GlobalLock
GlobalUnlock
FormatMessageW
lstrcpynW
LocalFree
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleA
LoadLibraryA
FreeLibrary
GetModuleHandleW
GetProcAddress
GetVersionExA
GetTempPathA
SetEvent
CreateEventW
CreateDirectoryW
lstrcmpW
ReadFile
GetFileSize
WideCharToMultiByte
GlobalAlloc
CreateFileW
WriteFile
CloseHandle
GlobalFree
Sleep
LeaveCriticalSection
EnterCriticalSection
CreateThread
GetTempPathW
GetTickCount
FileTimeToSystemTime
lstrlenA
MultiByteToWideChar
WaitForSingleObject
FindResourceW
LoadResource
LockResource
SizeofResource
GetLastError
lstrlenW
lstrcatW
FindFirstFileW
FindNextFileW
FindClose
GetDriveTypeW
lstrcpyW
GetDiskFreeSpaceExW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
ReleaseCapture
SetCapture
LoadCursorW
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
ValidateRect
SetCursor
PostQuitMessage
CharUpperW
wsprintfW
DestroyMenu
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetMenuItemBitmaps
ModifyMenuW
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
GetMenuState
RegisterWindowMessageW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
IsChild
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
MessageBoxW
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
PostMessageW
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
EqualRect
PostThreadMessageW
RegisterClipboardFormatW
GetScrollInfo
SetScrollInfo
GetClassInfoW
RegisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetSystemMetrics
IsIconic
DrawIcon
GetParent
InvalidateRect
SetTimer
GetSystemMenu
AppendMenuW
GetCursorPos
TrackPopupMenu
LoadIconW
GetWindowRect
LoadMenuW
GetSubMenu
EnableMenuItem
UnregisterClassW
SendMessageW
EnableWindow
RedrawWindow
GetClientRect
WinHelpW

gdi32

CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetWindowExtEx
GetViewportExtEx
GetStockObject
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateSolidBrush
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetDeviceCaps
SetBkColor
SetTextColor
GetClipBox
CreateDCW
CreateDIBitmap
DeleteDC
DeleteObject
StretchBlt
BitBlt
CreateCompatibleDC
GetObjectW
Rectangle

comdlg32

GetSaveFileNameW
GetOpenFileNameW
GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
ExtractIconW
ShellExecuteW
DragQueryFileW
DragAcceptFiles

comctl32

ImageList_ReplaceIcon
ord17
ImageList_Destroy
ImageList_Create

shlwapi

PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysStringLen
SysFreeString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

ws2_32

accept
socket
bind
closesocket
ntohl
ntohs
getpeername
inet_ntoa
htonl
select
send
recv
WSACleanup
WSAStartup
htons
listen

wininet

InternetConnectW
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
FtpPutFileW

iphlpapi

GetBestInterface
GetIpAddrTable

Sections

.text
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

497bbf521718e780e09b20031cafa7d9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

wininet

iphlpapi

Sections

.text Size: 260KB - Virtual size: 257KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 268KB - Virtual size: 266KB

.text
Size: 260KB - Virtual size: 257KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 268KB - Virtual size: 266KB