a0705b3fa12aac3fb70c6dfacc4524ec_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a0705b3fa12aac3fb70c6dfacc4524ec_JaffaCakes118
Size

330KB
MD5

a0705b3fa12aac3fb70c6dfacc4524ec
SHA1

47bd0178cba96370dc8b4067ee964ad5d48ac7d2
SHA256

d234b8d2af33f85f62789316137eba894d1794b3346c1cc7212235dfd70d79ff
SHA512

9fd6b525f27bbba98e2ea16599571c5f337caa151e4c9bc681b84590d7d4bcb6c6a0f386a520f9d780ed0f11ddf3ef55d24ec4cc03c489466c37d4ed3622248b
SSDEEP

6144:0IDTg3B4APN8/l5nee3WX6Wln84eegKN0NVIegtqH/tM:ZC8/lZee3WX64ngegKNJeK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0705b3fa12aac3fb70c6dfacc4524ec_JaffaCakes118

Files

a0705b3fa12aac3fb70c6dfacc4524ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

62c5c5a193404484e23d86e022d6354b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
CreateThread
ExitThread
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
RaiseException
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetErrorMode
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetOEMCP
InterlockedExchange
GetCPInfo
SizeofResource
GetProcessVersion
GetCurrentDirectoryA
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
GetFileAttributesA
FindNextFileA
GetThreadLocale
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DuplicateHandle
GetLastError
MulDiv
FormatMessageA
LocalFree
SetLastError
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
InterlockedDecrement
InterlockedIncrement
GlobalUnlock
LockResource
FindResourceA
LoadResource
GlobalLock
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetDriveTypeA
GetShortPathNameA
lstrcmpA
GetModuleHandleA
WaitForSingleObject
GetCurrentProcess
GlobalMemoryStatus
GlobalAlloc
DeviceIoControl
GlobalFree
CreateFileA
lstrcpyA
GetACP
GetProcAddress
FreeLibrary
lstrcatA
LoadLibraryA
GetModuleFileNameA
lstrlenA
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
WriteProfileStringA
DeleteFileA
GetTickCount
WinExec
FindFirstFileA
FindClose
GetSystemDirectoryA
GetProfileStringA
GetProfileIntA
GlobalDeleteAtom
Sleep
WideCharToMultiByte
SetHandleCount
MultiByteToWideChar

user32

MessageBeep
InvalidateRect
RegisterClipboardFormatA
PostThreadMessageA
GetSubMenu
GetMenuItemID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SetFocus
ShowWindow
SetWindowPos
MoveWindow
SetWindowLongA
GetDlgCtrlID
GetWindowTextLengthA
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
EndDialog
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetActiveWindow
GetNextDlgGroupItem
ValidateRect
PeekMessageA
SetWindowsHookExA
GetLastActivePopup
SetCursor
PostQuitMessage
EnumWindows
EqualRect
ScreenToClient
CopyRect
OffsetRect
DrawTextA
InflateRect
GetAsyncKeyState
GetCursorPos
PtInRect
SetCursorPos
mouse_event
MapVirtualKeyA
VkKeyScanA
SetActiveWindow
keybd_event
GetParent
GetFocus
LoadBitmapA
MessageBoxA
GetForegroundWindow
IsWindowEnabled
GetWindowLongA
GetClassNameA
GetWindowTextA
GetWindowThreadProcessId
EnableWindow
PostMessageA
KillTimer
DispatchMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
UnregisterHotKey
GetSystemMenu
AppendMenuA
SendMessageA
IsWindow
IsWindowVisible
FindWindowExA
GetWindowRect
GetDC
ReleaseDC
SetForegroundWindow
SetTimer
LoadIconA
FindWindowA
SetRect
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
GetKeyState
GetDesktopWindow
GetMessageA
TranslateMessage
LoadCursorA
CharUpperA
DestroyMenu
GetMenuItemCount
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
MapDialogRect
SetWindowContextHelpId
UpdateWindow
MapWindowPoints
GetSysColor
AdjustWindowRectEx
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
CallNextHookEx
GetMenu
LoadStringA

gdi32

StretchBlt
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
PatBlt
DPtoLP
GetTextColor
GetBkColor
LPtoDP
CreateSolidBrush
SaveDC
GetClipBox
RestoreDC
DeleteDC
DeleteObject
CreateCompatibleDC
SetBkMode
CreateCompatibleBitmap
SelectObject
BitBlt
CreateDIBitmap
GetTextExtentPointA
GetPixel

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

comctl32

ord17

oledlg

ord8

ole32

CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CLSIDFromString
CoRegisterMessageFilter
CoRevokeClassObject
StgIsStorageFile
StgOpenStorage
CLSIDFromProgID
CoInitialize
OleFlushClipboard
OleIsCurrentClipboard
CoUninitialize

olepro32

ord253

oleaut32

VariantCopy
VariantClear
VariantChangeType
SysAllocString
VariantTimeToSystemTime
SysStringLen
SysAllocStringByteLen
SysAllocStringLen
SysFreeString

wsock32

inet_ntoa
ntohs
ioctlsocket
WSACleanup
WSAStartup
gethostbyname
closesocket
recv
send
getprotobyname
htons
connect
setsockopt
socket

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA

Sections

.text
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62c5c5a193404484e23d86e022d6354b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

wininet

Sections

.text Size: 224KB - Virtual size: 223KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 12KB - Virtual size: 24.0MB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 224KB - Virtual size: 223KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 12KB - Virtual size: 24.0MB

.rsrc
Size: 20KB - Virtual size: 18KB