95f1d1599a2d41d37dd486450099cbc5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

95f1d1599a2d41d37dd486450099cbc5_JaffaCakes118
Size

872KB
MD5

95f1d1599a2d41d37dd486450099cbc5
SHA1

91cf14f7129efe7cd413d16696b4c9d04f0c9aed
SHA256

45e9c2847b63cc3b7024ccbf87c8928a4020b0e9af543c616750243fc5bc881a
SHA512

ab38e478975992abecc1df03477d5da23a25ad601ca35ce55dd63871523707a0ffb6927cd1a0b28d655c08f6ad25b4f15284565b47b75f2bab07aa147d296825
SSDEEP

12288:+SiA5fMrPGUuhSCcD/uuvk/buGoo4ncqZtj:HtkDGULCGvibuGj4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95f1d1599a2d41d37dd486450099cbc5_JaffaCakes118

Files

95f1d1599a2d41d37dd486450099cbc5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d010add8a6d22ecbe58a4938fa0f01d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\bak\ilab\ilab\Release\ilab.pdb

Imports

kernel32

SetFilePointer
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
Sleep
CloseHandle
TerminateProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
GetModuleFileNameA
GetFileAttributesA
MultiByteToWideChar
SetEnvironmentVariableA
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetDriveTypeA
GetTimeZoneInformation
LCMapStringW
LCMapStringA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrcpyA
GetTickCount
CreateDirectoryA
GetFileAttributesExA
FileTimeToSystemTime
GetLocalTime
DeleteFileA
GetLastError
GetSystemDirectoryA
lstrlenA
GetStdHandle
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualFree
FreeResource
GlobalFree
GlobalUnlock
GlobalLock
GetProcAddress
GetModuleHandleA
lstrcpynA
lstrcmpW
lstrcatA
FreeLibrary
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
LocalFree
FormatMessageA
GlobalAlloc
MulDiv
SetLastError
InterlockedDecrement
EnumResourceLanguagesA
ConvertDefaultLocale
lstrcmpA
GetCurrentThread
WaitForSingleObject
WritePrivateProfileStringA
ReadFile
WriteFile
InterlockedExchange
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
CreateFileA
FindNextFileA
FileTimeToLocalFileTime
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
GlobalFlags
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
GetFileTime
SetErrorMode
ExitProcess
RtlUnwind
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate

user32

GetSubMenu
GetMenu
UpdateWindow
IsWindowVisible
GetKeyState
TrackPopupMenu
MessageBoxA
MapWindowPoints
PeekMessageA
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
DispatchMessageA
GetLastActivePopup
GetForegroundWindow
GetWindowTextA
IsChild
SetFocus
GetFocus
SendDlgItemMessageA
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetCapture
WinHelpA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
TabbedTextOutA
DrawTextExA
GrayStringA
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
PostQuitMessage
SetCursor
ValidateRect
TranslateMessage
GetMessageA
wsprintfA
MapDialogRect
SetWindowContextHelpId
DestroyMenu
IsRectEmpty
GetMenuItemID
CopyAcceleratorTableA
InvalidateRect
InvalidateRgn
SetCapture
ReleaseCapture
CharNextA
GetSysColorBrush
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
CallWindowProcA
SetWindowPos
OffsetRect
IntersectRect
GetWindowPlacement
GetWindowRect
CopyRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
PostMessageA
PtInRect
LoadBitmapA
SendMessageA
GetClientRect
GetDC
IsWindow
ReleaseDC
SetTimer
KillTimer
EnableWindow
AnimateWindow
GetSystemMetrics
SetForegroundWindow
SetWindowRgn
DrawIcon
CreatePopupMenu
AppendMenuA
GetSystemMenu
IsIconic
LoadIconA
SetWindowLongA
GetWindowLongA
GetCursorPos
DrawTextA
LoadCursorA
SystemParametersInfoA
CharUpperA
UnregisterClassA
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
GetDlgCtrlID
SetRect
DefWindowProcA

gdi32

GetViewportExtEx
GetWindowExtEx
PtVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
SetMapMode
DeleteObject
CreateRectRgnIndirect
GetRgnBox
GetBkColor
GetTextColor
GetObjectA
CreateCompatibleDC
BitBlt
CreateRoundRectRgn
StretchBlt
SetBkMode
RestoreDC
SaveDC
GetMapMode
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
RectVisible

advapi32

RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA

shell32

SHGetSpecialFolderPathA
Shell_NotifyIconA

ole32

OleUninitialize
CoInitialize
CoCreateInstance
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CoTaskMemAlloc
CoTaskMemFree
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CLSIDFromProgID
CoFreeUnusedLibraries

oleaut32

OleCreateFontIndirect
SafeArrayDestroy
SafeArrayCreate
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringByteLen
SysStringLen
LoadRegTypeLi
DispCallFunc
VariantChangeType
VariantCopy
VariantInit
VariantClear
SystemTimeToVariantTime
SysAllocString
SysFreeString
SysAllocStringLen

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
UrlUnescapeA

oledlg

ord8

urlmon

URLDownloadToFileA

ws2_32

WSAStartup
WSACleanup

wininet

InternetQueryDataAvailable
HttpAddRequestHeadersA
HttpQueryInfoA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenA
HttpOpenRequestA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetCanonicalizeUrlA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetCrackUrlA
DeleteUrlCacheEntry

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

Sections

.text
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 600KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d010add8a6d22ecbe58a4938fa0f01d4

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

oledlg

urlmon

ws2_32

wininet

oleacc

winspool.drv

comdlg32

Sections

.text Size: 200KB - Virtual size: 196KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 600KB - Virtual size: 596KB

.text
Size: 200KB - Virtual size: 196KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 600KB - Virtual size: 596KB