96f6e6edeef8c7193ece2a9aaaee58c1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

96f6e6edeef8c7193ece2a9aaaee58c1_JaffaCakes118
Size

1.2MB
MD5

96f6e6edeef8c7193ece2a9aaaee58c1
SHA1

05ca5eb7d4da5e0689fbb8e576bf8091c8f51676
SHA256

e4561843eca12a537f11b5b1d2d10102461f7b9e77ff621ca87138875a956cdf
SHA512

0b7f5d75917393e63f727c95d0bd2816a755afb620e6be431250ec573bc77fa7a6b2b268b9e1b0aced61c4882cfbe3a020cd6f989d2669ead32d45f367fdf691
SSDEEP

24576:GELaiHwU2MoWrEGuTX7n5avlzRtMRavxeVAo9jR/TM1NWP:jLaiCXlgfvxMpT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96f6e6edeef8c7193ece2a9aaaee58c1_JaffaCakes118

Files

96f6e6edeef8c7193ece2a9aaaee58c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c8239ecfb6b6d5344f426323bf86635

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
WSACleanup
gethostbyname
socket
connect
htons
send
recv
closesocket
WSAGetLastError
bind
ioctlsocket
__WSAFDIsSet
listen
select
accept
inet_ntoa

comctl32

ord17
_TrackMouseEvent
ord6
ImageList_Create
ImageList_Destroy
ImageList_Add

kernel32

GetStartupInfoA
SetErrorMode
GetCommandLineA
SetLastError
MultiByteToWideChar
GetCurrentThreadId
FreeLibrary
LoadLibraryA
GetProcAddress
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LocalFree
LocalAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
GetLastError
GlobalFree
CreateMutexA
CloseHandle
CreateSemaphoreA
ReleaseSemaphore
InterlockedDecrement
TlsSetValue
SetThreadPriority
TerminateThread
Sleep
GetExitCodeThread
InterlockedIncrement
ResumeThread
TlsFree
TlsAlloc
FormatMessageA
GetACP
GetModuleFileNameA
GetModuleHandleA
GetVersionExA
GetCPInfo
IsValidCodePage
GetTempPathA
ExitProcess
GetFileAttributesA
CopyFileA
SetCurrentDirectoryA
GetWindowsDirectoryA
GetFileType
WideCharToMultiByte
GetTempFileNameA
FindClose
FindFirstFileA
GetStdHandle
OutputDebugStringA

user32

DdeUninitialize
DdeInitializeA
MessageBeep
PostThreadMessageA
MsgWaitForMultipleObjects
SetTimer
KillTimer
SetClipboardData
RegisterClipboardFormatA
wsprintfA
DrawStateA
DrawEdge
MapWindowPoints
GetMenuStringA
DefMDIChildProcA
TranslateMDISysAccel
DefFrameProcA
ChildWindowFromPoint
CreateMenu
AppendMenuA
RemoveMenu
SetMenuItemInfoA
InsertMenuA
DestroyMenu
CreatePopupMenu
DdeNameService
ModifyMenuA
CheckMenuRadioItem
CheckMenuItem
GetMenuState
GetWindowDC
DdeFreeStringHandle
CopyRect
InflateRect
DrawFocusRect
OffsetRect
GetMessageA
ValidateRect
GetClassNameA
GetWindowTextA
GetUpdateRect
BeginPaint
DrawIcon
EndPaint
SetMenu
DrawIconEx
DrawFrameControl
DestroyCursor
HideCaret
OpenClipboard
IsClipboardFormatAvailable
CloseClipboard
keybd_event
GetWindowTextLengthA
CreateIconIndirect
GetIconInfo
LoadIconA
LoadImageA
DdeConnect
DdeDisconnect
DdeClientTransaction
DdeFreeDataHandle
DdeGetData
DdePostAdvise
DdeCreateDataHandle
DdeCreateStringHandleA
UnionRect
DdeQueryStringA
GetSystemMetrics
LoadBitmapA
DestroyIcon
TranslateAcceleratorA
CreateAcceleratorTableA
DestroyAcceleratorTable
GetDlgItem
CreateDialogParamA
UnregisterHotKey
RegisterHotKey
CallNextHookEx
DdeGetLastError
DrawTextA
SetWindowsHookExA
UnhookWindowsHookEx
GetActiveWindow
GetMenuItemCount
GetMenuItemInfoA
SystemParametersInfoA
GetMessageTime
GetWindow
BeginDeferWindowPos
EndDeferWindowPos
FillRect
GetUpdateRgn
GetSysColor
IsWindowEnabled
IsWindowVisible
IsDialogMessageA
CallWindowProcA
TranslateMessage
DispatchMessageA
PostQuitMessage
TrackPopupMenu
GetDC
ReleaseDC
DeferWindowPos
ClientToScreen
ScreenToClient
UpdateWindow
RedrawWindow
SetParent
WindowFromPoint
GetParent
ScrollWindow
SetScrollInfo
GetScrollInfo
SetCursorPos
GetCursorPos
PtInRect
GetCapture
ReleaseCapture
SetCapture
EnableWindow
GetFocus
SetFocus
DefWindowProcA
CreateWindowExA
DestroyWindow
FlashWindow
SetWindowRgn
GetClientRect
AdjustWindowRectEx
GetSystemMenu
EnableMenuItem
DrawMenuBar
GetWindowLongA
GetDesktopWindow
GetWindowRect
IsIconic
IsZoomed
ShowWindow
BringWindowToTop
CreateDialogIndirectParamA
SetWindowLongA
SetWindowPos
SendMessageA
MoveWindow
SetWindowTextA
SetCursor
InvalidateRect
IsWindow
SetForegroundWindow
GetForegroundWindow
MessageBoxA
PeekMessageA
PostMessageA
GetKeyState
UnregisterClassA
LoadCursorA
RegisterClassA
GetSubMenu

gdi32

CreateFontIndirectA
GetDeviceCaps
SetBkMode
SetTextColor
GetPaletteEntries
SetBkColor
CreateCompatibleDC
BitBlt
DeleteDC
CreateCompatibleBitmap
CreateBitmap
DeleteObject
GetObjectA
CreateRectRgn
SelectPalette
RealizePalette
SelectObject
GetTextExtentPoint32A
GetTextMetricsA
GdiFlush
GetRegionData
ExtCreateRegion
OffsetRgn
Polygon
SetPolyFillMode
PolyPolygon
Polyline
Rectangle
RoundRect
Ellipse
PolyBezier
GetStockObject
GetBkColor
TextOutA
SetBrushOrgEx
SetROP2
GetTextExtentExPointA
StretchBlt
StretchDIBits
SetStretchBltMode
LineTo
MoveToEx
ExtCreatePen
CreatePen
CreateHatchBrush
CreatePatternBrush
CreatePalette
GetNearestPaletteIndex
CombineRgn
GetRgnBox
RectInRegion
SaveDC
RestoreDC
CreateRectRgnIndirect
PatBlt
CreateICA
CreateDIBSection
GetDIBits
GetDIBColorTable
CreateDIBitmap
GetSystemPaletteEntries
GetEnhMetaFileA
CopyEnhMetaFileA
DeleteEnhMetaFile
SetAbortProc
CreateDCA
StartDocA
EndDoc
StartPage
EndPage
GetTextColor
GetClipBox
ExtSelectClipRgn
SelectClipRgn
SetWindowOrgEx
SetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
CreateSolidBrush
SetMapMode
ExtFloodFill
GetPixel
Arc
MaskBlt
SetPixel
Pie

comdlg32

ChooseColorA
CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA
PrintDlgA
PageSetupDlgA
ChooseFontA

shell32

SHGetSpecialFolderLocation
SHGetMalloc
ExtractIconExA
ExtractIconA
DragQueryFileA
DragFinish
DragQueryPoint
DragAcceptFiles
SHGetPathFromIDListA

ole32

OleInitialize
OleUninitialize
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
ReleaseStgMedium
OleGetClipboard
CoCreateInstance

msvcrt

bsearch
_telli64
_lseeki64
_commit
_write
_read
_close
_open
fprintf
gmtime
_strdup
_ftime
_timezone
ftell
fseek
__CxxFrameHandler
??3@YAXPAX@Z
memcpy
sscanf
strncpy
strcat
sprintf
strcpy
memset
free
strlen
malloc
??2@YAPAXI@Z
_purecall
_CxxThrowException
atoi
fwrite
_ftol
calloc
longjmp
_setjmp3
__CxxLongjmpUnwind
toupper
strchr
time
strftime
localtime
_assert
memmove
strstr
tolower
isspace
isdigit
isalnum
_strnicmp
isalpha
realloc
memchr
strtol
strtoul
strtod
_vsnprintf
qsort
_beginthreadex
exit
abort
strncat
_snprintf
_iob
fflush
fputc
fputs
getenv
_stricmp
mktime
_except_handler3
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
rename
remove
_getcwd
_get_osfhandle
wcscmp
fopen
fclose
fread
__dllonexit
_onexit
?terminate@@YAXXZ
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_controlfp
clearerr
wcslen
_CIpow

Sections

.text
Size: 876KB - Virtual size: 874KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 108KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c8239ecfb6b6d5344f426323bf86635

Headers

File Characteristics

Imports

ws2_32

comctl32

kernel32

user32

gdi32

comdlg32

shell32

ole32

msvcrt

Sections

.text Size: 876KB - Virtual size: 874KB

.rdata Size: 204KB - Virtual size: 200KB

.data Size: 108KB - Virtual size: 203KB

.rsrc Size: 24KB - Virtual size: 21KB

.text
Size: 876KB - Virtual size: 874KB

.rdata
Size: 204KB - Virtual size: 200KB

.data
Size: 108KB - Virtual size: 203KB

.rsrc
Size: 24KB - Virtual size: 21KB