96ec20fbad2c047a0254d05cc20d5054_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

96ec20fbad2c047a0254d05cc20d5054_JaffaCakes118
Size

820KB
MD5

96ec20fbad2c047a0254d05cc20d5054
SHA1

436bb55ace751a098159fccae55df2ea6c890855
SHA256

5c47fd660c3d4d6334705062cbb2067708e8f03113bc687d905b67c927e103a7
SHA512

9eb5088e6ee7099693fb4ee3a131cd977e67ab39e6af02a324944b4afd7a8ad90ddda16a3a15fb70852f0bfebd35c526ecd6bceba791575244b47e4ec7c7255b
SSDEEP

12288:sPNqH1OXnnWf1o3OkcRC8O5sD1AdFGagYEkQ0e9e:s1qH1OXmoejRCjsDoFGahNe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96ec20fbad2c047a0254d05cc20d5054_JaffaCakes118

Files

96ec20fbad2c047a0254d05cc20d5054_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f47266263080bb1dfc3153648d0e0dbf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

connect
gethostbyname
gethostbyaddr
inet_addr
socket
send
WSAStartup
WSACleanup
WSAGetLastError
inet_ntoa
WSAIoctl
WSASocketA
ioctlsocket
recv
htons
closesocket
gethostname

kernel32

RtlUnwind
RaiseException
GetTimeZoneInformation
GetLocalTime
HeapReAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
GetACP
TerminateProcess
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetSystemTimeAsFileTime
GetProfileStringA
InterlockedExchange
GetVersionExA
GetVersion
lstrlenA
lstrlenW
FindResourceExA
SetErrorMode
GetOEMCP
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFlags
GetCurrentThread
GetDiskFreeSpaceA
GetTempFileNameA
GlobalFree
FileTimeToLocalFileTime
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
IsBadReadPtr
IsBadWritePtr
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
FindFirstFileA
FindClose
MoveFileA
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpynA
LocalFree
GetCPInfo
LockResource
LoadResource
FindResourceA
lstrcmpiA
GetTickCount
Sleep
GlobalUnlock
GlobalLock
GetStringTypeW
GlobalReAlloc
GlobalAlloc
GetLastError
SetLastError
InterlockedDecrement
InterlockedIncrement
GetLogicalDriveStringsA
GetDriveTypeA
GetDiskFreeSpaceExA
GetSystemInfo
GlobalMemoryStatus
Module32First
Module32Next
Process32Next
Process32First
CreateToolhelp32Snapshot
OpenProcess
GetProcAddress
CreateRemoteThread
HeapAlloc
HeapFree
SetFileAttributesA
IsDebuggerPresent
CreateThread
WaitForSingleObject
GetExitCodeThread
MoveFileExA
SetEvent
CopyFileA
GetFileAttributesA
CreateProcessA
OpenFile
EnumResourceNamesA
GetSystemDirectoryA
lstrcatA
WinExec
CreateEventA
OpenEventA
GetSystemTime
FileTimeToSystemTime
GetFileTime
GetComputerNameA
GetVolumeInformationA
GetFileSize
SetEndOfFile
GetModuleFileNameA
GetWindowsDirectoryA
LoadLibraryA
FormatMessageA
GetCurrentProcess
SetFileTime
CreateDirectoryA
LocalFileTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
SetFilePointer
MulDiv
GetTempPathA
DeleteFileA
LoadLibraryExA
FreeLibrary
SizeofResource
CreateFileA
CloseHandle
WriteFile
lstrcpyA
lstrcmpA
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleA

user32

GetClassNameA
CreateDialogIndirectParamA
LoadStringA
LockWindowUpdate
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
CharUpperA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CheckRadioButton
CheckDlgButton
GetMessageA
GetActiveWindow
ValidateRect
SendDlgItemMessageA
MapWindowPoints
SetActiveWindow
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetScrollPos
GetTopWindow
WinHelpA
RegisterClassA
SetWindowPlacement
GetDlgItem
GetWindowTextLengthA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowPos
IsIconic
GetWindowPlacement
EndPaint
BeginPaint
UnionRect
DestroyMenu
RegisterWindowMessageA
IsMenu
GetMenu
SetMenu
ExitWindowsEx
PostQuitMessage
SetWindowTextA
PeekMessageA
TranslateMessage
DispatchMessageA
DrawIcon
LookupIconIdFromDirectory
CreateIconFromResource
CopyIcon
MessageBeep
MessageBoxA
SetWindowLongA
GetSystemMenu
SetParent
wsprintfA
GetDCEx
GetWindow
BeginDeferWindowPos
EndDeferWindowPos
KillTimer
WindowFromPoint
IsRectEmpty
EqualRect
SetTimer
GetDoubleClickTime
IsWindowVisible
GetKeyState
ShowScrollBar
IsChild
GetWindowTextA
PostMessageA
GetFocus
SetFocus
IntersectRect
DrawFrameControl
DrawFocusRect
RedrawWindow
UpdateWindow
IsWindow
OffsetRect
LoadImageA
EnableWindow
PtInRect
GetWindowLongA
SetCapture
GetCapture
ReleaseCapture
GetClipCursor
GetCursorPos
ClipCursor
SetCursor
ScreenToClient
ClientToScreen
InvertRect
GetParent
GetWindowRect
SendMessageA
InvalidateRect
SetRectEmpty
SetWindowRgn
GetClientRect
InflateRect
GetClassInfoA
DefWindowProcA
LoadCursorA
IsZoomed
ShowOwnedPopups
MapDialogRect
GetAsyncKeyState
wvsprintfA
GetWindowDC
EndDialog
GetMenuStringA
GetSubMenu
GrayStringA
TabbedTextOutA
DeleteMenu
LoadBitmapA
GetSysColorBrush
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
ModifyMenuA
GetMenuItemCount
InsertMenuA
AppendMenuA
GetSystemMetrics
GetDesktopWindow
GetDC
DrawTextA
ReleaseDC
DrawIconEx
DestroyIcon
SystemParametersInfoA
GetSysColor
CopyRect
FillRect
DrawEdge
SetRect
GetMenuItemInfoA
IsWindowUnicode
CharNextA
DefDlgProcA
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
LoadIconA

gdi32

SetBkColor
SetBkMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
SelectPalette
CreatePatternBrush
CreateBitmap
SetRectRgn
DPtoLP
StretchDIBits
GetCharWidthA
CreateFontA
EnumFontFamiliesExA
RestoreDC
SaveDC
CreateRectRgnIndirect
GetBitmapDimensionEx
GetTextColor
EnumFontFamiliesA
RealizePalette
GetBkColor
GetDIBColorTable
CreatePalette
CreateHalftonePalette
GetTextMetricsA
GetStockObject
CreatePolygonRgn
CreateRectRgn
CombineRgn
GetCurrentObject
Escape
ExtTextOutA
TextOutA
RectVisible
PatBlt
PtVisible
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetBkMode
GetTextExtentPointA
CreateDIBitmap
GetDeviceCaps

comdlg32

FindTextA
ReplaceTextA
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegEnumValueA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegDeleteKeyA
RegEnumKeyExA
RegDeleteValueA
RegOpenKeyA
SetFileSecurityA
RegSetValueA
RegCreateKeyA
RegEnumKeyA
GetFileSecurityA
RegCloseKey

shell32

DragFinish
SHGetFileInfoA
DragAcceptFiles
ExtractIconA
ShellExecuteA
DragQueryFileA

comctl32

ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetImageInfo
ImageList_Add
ImageList_Destroy
ImageList_Create
ord17
ImageList_DrawIndirect
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_Draw

Sections

.text
Size: 496KB - Virtual size: 493KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f47266263080bb1dfc3153648d0e0dbf

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 496KB - Virtual size: 493KB

.rdata Size: 116KB - Virtual size: 113KB

.data Size: 40KB - Virtual size: 59KB

.rsrc Size: 164KB - Virtual size: 163KB

.text
Size: 496KB - Virtual size: 493KB

.rdata
Size: 116KB - Virtual size: 113KB

.data
Size: 40KB - Virtual size: 59KB

.rsrc
Size: 164KB - Virtual size: 163KB