a787860f65ab1c144ea507c52f9dc563_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a787860f65ab1c144ea507c52f9dc563_JaffaCakes118
Size

960KB
MD5

a787860f65ab1c144ea507c52f9dc563
SHA1

526b3473c6083b1c91c47c8f6fbdcd1774d1064d
SHA256

8741d6dc2ec51a192aec51c584558654a3813744743532e179bea6937222f2b3
SHA512

b9769172443e5c72de2c5b836e567e14bbd75f82d27b2475c20329982a7485c958907cab826a9876eec4bbc7edf9a03efd8c7b3a27a2add4a32ea56b8e6fccd8
SSDEEP

12288:h/zACrkzLAU31mNbnbuzUAY6+HbROwfLy3JoUnUKkzGkzBcLorFxX:iXAgCGUAY6OfLUoyUlz9OLoZxX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a787860f65ab1c144ea507c52f9dc563_JaffaCakes118

Files

a787860f65ab1c144ea507c52f9dc563_JaffaCakes118
.exe windows:4 windows x86 arch:x86

682ca3218bdb3efa462760eb3b5aff4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

recvfrom
WSAAccept
WSAConnect
WSARecvFrom
sendto
gethostbyname
setsockopt
WSARecv
WSASend
select
__WSAFDIsSet
listen
WSASocketA
WSAGetLastError
htons
bind
socket
closesocket
WSASendTo
ntohs
shutdown
connect
ntohl
inet_addr
getsockname
send
inet_ntoa
htonl
recv

kernel32

GetThreadLocale
GetFileAttributesA
GetFileTime
SetErrorMode
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
GetACP
TerminateProcess
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
SizeofResource
GlobalFlags
WaitForSingleObject
GlobalAlloc
lstrcmpA
GetCurrentThread
lstrcpynA
MulDiv
SetLastError
FormatMessageA
FileTimeToLocalFileTime
WideCharToMultiByte
InterlockedIncrement
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalDeleteAtom
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
LocalAlloc
LocalFree
HeapAlloc
HeapFree
MultiByteToWideChar
RemoveDirectoryA
CreateEventA
SetEvent
WriteFile
GetTimeZoneInformation
FindFirstFileA
FindNextFileA
FindClose
lstrcatA
lstrlenA
WinExec
TerminateThread
GetModuleFileNameA
CreateFileA
GetFileSize
ReadFile
FileTimeToSystemTime
GetComputerNameA
GetLastError
SleepEx
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersionExA
GetCurrentProcess
DeleteFileA
lstrcpyA
GetTickCount
GlobalAddAtomA
GlobalFindAtomA
GetLocalTime
CreateDirectoryA
CreateThread
CloseHandle
GetWindowsDirectoryA
GetPrivateProfileIntA
DeleteCriticalSection
InitializeCriticalSection
GetLocaleInfoA
Sleep
CreateMailslotA
GetSystemTime
InterlockedDecrement
CopyFileA
EnterCriticalSection
LeaveCriticalSection
WritePrivateProfileStringA
GetPrivateProfileStringA
GetProfileStringA
GetDriveTypeA

user32

RegisterClipboardFormatA
PostThreadMessageA
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
MapDialogRect
GetAsyncKeyState
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
wvsprintfA
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
EnableMenuItem
MoveWindow
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
CopyRect
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetCapture
GetClassInfoA
GetMenu
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
WindowFromPoint
UnhookWindowsHookEx
CallWindowProcA
GetMessagePos
GetForegroundWindow
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
RegisterClassExA
GetMenuItemCount
GetMenuStringA
GetMenuItemID
ModifyMenuA
LoadStringA
LoadBitmapA
UpdateWindow
wsprintfA
PostQuitMessage
FillRect
DefWindowProcA
RegisterClassA
LoadCursorA
CopyIcon
GetDC
ReleaseDC
InflateRect
GetSysColor
InvalidateRect
SetCursor
ReleaseCapture
RedrawWindow
SetCapture
MessageBeep
GetWindow
GetDesktopWindow
GetClassNameA
SetActiveWindow
GetPropA
SetWindowLongA
RemovePropA
GetWindowThreadProcessId
EnumThreadWindows
ExitWindowsEx
ScreenToClient
LoadMenuA
GetSubMenu
CheckMenuItem
GetCursorPos
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
CharUpperA
GetSysColorBrush
WinHelpA
RegisterHotKey
UnregisterHotKey
GetSystemMetrics
DrawIcon
GetSystemMenu
AppendMenuA
LoadIconA
LoadImageA
IsIconic
ShowWindow
SetForegroundWindow
GetLastActivePopup
SetWindowTextA
PostMessageA
FindWindowA
RegisterWindowMessageA
SetTimer
IsWindow
GetWindowRect
GetClientRect
PtInRect
GetKeyState
EnableWindow
GetParent
SendMessageA
SetPropA
DestroyMenu
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
GetMessageTime

gdi32

RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
DPtoLP
GetTextColor
PtVisible
LPtoDP
CreateHatchBrush
CreateSolidBrush
CreatePen
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
DeleteObject
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
RestoreDC
SaveDC
DeleteDC
PatBlt
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetTextExtentPointA
CreateDIBitmap
GetTextExtentPoint32A
GetObjectA
CreateFontIndirectA
GetBkColor
GetStockObject
LineTo
MoveToEx
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegQueryValueA
RegOpenKeyExA
CloseServiceHandle
CreateServiceA
OpenSCManagerA
DeleteService
QueryServiceStatus
ControlService
RegCreateKeyExA
AdjustTokenPrivileges
RegQueryValueExA
RegCreateKeyA
RegSetValueExA
RegDeleteValueA
StartServiceA
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
SetServiceStatus
OpenServiceA

shell32

Shell_NotifyIconA
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA

comctl32

ord17
ImageList_Destroy
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoCreateInstance
CoUninitialize
CoGetClassObject
CoInitialize
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize

olepro32

ord253

oleaut32

VariantChangeType
SysAllocString
VariantCopy
SysStringLen
VariantClear
VariantTimeToSystemTime
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysFreeString

wininet

HttpOpenRequestA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile
HttpSendRequestA
HttpAddRequestHeadersA
InternetConnectA
InternetOpenA
HttpQueryInfoA
GetUrlCacheEntryInfoA

wsock32

WSAStartup
WSACleanup

netapi32

Netbios

rpcrt4

UuidCreate

iphlpapi

GetIpNetTable

Sections

.text
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 28KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 464KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nkh
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

682ca3218bdb3efa462760eb3b5aff4b

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

wsock32

netapi32

rpcrt4

iphlpapi

Sections

.text Size: 396KB - Virtual size: 393KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 28KB - Virtual size: 217KB

.rsrc Size: 464KB - Virtual size: 460KB

.nkh Size: - Virtual size: 4KB

.text
Size: 396KB - Virtual size: 393KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 28KB - Virtual size: 217KB

.rsrc
Size: 464KB - Virtual size: 460KB

.nkh
Size: - Virtual size: 4KB