b0e8f7929cb46d3ff4b03ff25ca5847b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b0e8f7929cb46d3ff4b03ff25ca5847b_JaffaCakes118
Size

3.6MB
MD5

b0e8f7929cb46d3ff4b03ff25ca5847b
SHA1

cdd47abc8a43f673952fcbc357795711a5c6f07d
SHA256

40cbc8cd2e9280e1b000427e5dccc08ab31a15819a3f3fb142b108e8ad505fc6
SHA512

3164e96fb421d82d8b9a6493aa88d92236ef22ca00eec6047bf90e132a831cb86896de8ca74de36bd30bdbc7ccef42a9692b14f5214b9354fdf67b271bebc829
SSDEEP

98304:x/CI5jKkqScCWGLtrt6TKP7U4LcaMmCrqXcHtjyj:pr55qHiuKtrCrqXMw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0e8f7929cb46d3ff4b03ff25ca5847b_JaffaCakes118

Files

b0e8f7929cb46d3ff4b03ff25ca5847b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b5b4d57f37a266c3b2dbc5928de741a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winhttp

WinHttpGetIEProxyConfigForCurrentUser
WinHttpOpen
WinHttpGetProxyForUrl
WinHttpCloseHandle

kernel32

GetACP
IsValidCodePage
EnumSystemLocalesW
IsValidLocale
GetConsoleCP
ExitProcess
GetStdHandle
SetStdHandle
HeapQueryInformation
GetCommandLineW
GetCommandLineA
ReadConsoleW
GetConsoleMode
SetFilePointerEx
PeekNamedPipe
GetFileType
GetModuleHandleExW
RtlUnwind
LoadLibraryExA
ExpandEnvironmentStringsA
SetEnvironmentVariableW
InterlockedPushEntrySList
VirtualAlloc
FreeLibraryAndExitThread
GetThreadTimes
LCMapStringW
GetCPInfo
SwitchToThread
QueryPerformanceFrequency
GetStringTypeW
GetOEMCP
GetTimeZoneInformation
FindFirstFileExW
GetEnvironmentStringsW
IsDebuggerPresent
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead
WaitForSingleObjectEx
GetUserDefaultLCID
GetTempFileNameW
SearchPathW
GetProfileIntW
lstrcpyW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
lstrcmpiW
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GlobalFlags
GlobalFindAtomW
EncodePointer
GetThreadLocale
GlobalGetAtomNameW
CompareStringW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FreeResource
GlobalAddAtomW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GetModuleHandleA
OutputDebugStringA
MulDiv
GlobalUnlock
GlobalLock
GlobalSize
GetModuleFileNameA
GetFileAttributesA
FreeEnvironmentStringsW
GetCurrentDirectoryA
CreateFileA
VirtualQuery
VirtualProtect
GetTimeFormatW
GetCurrentThreadId
OpenFileMappingW
SetLastError
VerifyVersionInfoW
GetSystemInfo
VerSetConditionMask
GlobalFree
GlobalAlloc
GetStartupInfoW
TerminateProcess
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentThread
CreateMutexW
LoadLibraryA
SetFileAttributesW
LoadLibraryExW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetPrivateProfileSectionW
WideCharToMultiByte
GetFileAttributesExW
CreateDirectoryW
GetCurrentDirectoryW
Thread32Next
Thread32First
CreateToolhelp32Snapshot
OpenThread
GetFullPathNameW
GetFileInformationByHandle
GetSystemTime
InitializeCriticalSectionAndSpinCount
SystemTimeToFileTime
WritePrivateProfileStringW
MoveFileExW
lstrlenW
GetVersionExW
DeviceIoControl
SetErrorMode
Beep
QueryDosDeviceW
GetFileAttributesW
GetPriorityClass
GetPrivateProfileIntW
GetDriveTypeW
FlushFileBuffers
BackupRead
SuspendThread
ExitThread
OpenProcess
FindNextFileW
GetWindowsDirectoryW
GetTempPathW
RemoveDirectoryW
CreateSemaphoreW
ReleaseSemaphore
GetTickCount
CopyFileW
GetExitCodeProcess
GetDateFormatW
FileTimeToSystemTime
GetPrivateProfileStringW
FormatMessageW
GetProcAddress
GetSystemDirectoryW
CreateProcessW
QueryPerformanceCounter
WriteFile
SetFilePointer
GetVolumeInformationW
GetDiskFreeSpaceExW
FindFirstFileW
FindClose
ReadFile
GetFileSize
DeleteFileW
CreateFileW
MultiByteToWideChar
GetLocalTime
InitializeCriticalSection
LocalAlloc
OpenEventW
GetComputerNameW
LeaveCriticalSection
EnterCriticalSection
GetProcessAffinityMask
LocalFree
OutputDebugStringW
LoadLibraryW
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
FindResourceExW
SetPriorityClass
ResumeThread
TerminateThread
SetThreadPriority
CreateThread
GetCurrentProcessId
GetCurrentProcess
WaitForMultipleObjects
Sleep
CreateEventW
WaitForSingleObject
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
CloseHandle
DecodePointer
WriteConsoleW

user32

SendDlgItemMessageA
InflateRect
GetMenuItemInfoW
DestroyMenu
GetNextDlgTabItem
GetNextDlgGroupItem
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableW
ReleaseCapture
SetCapture
OffsetRect
CharNextW
CharUpperW
DestroyIcon
FillRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SystemParametersInfoW
CopyImage
RealChildWindowFromPoint
ClientToScreen
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EmptyClipboard
DrawStateW
SetClassLongW
SetRectEmpty
TranslateMessage
DispatchMessageW
PeekMessageW
UnregisterClassW
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetClientRect
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
SetActiveWindow
UpdateWindow
SetParent
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetWindowTextLengthW
LoadCursorW
GetSysColorBrush
GetSysColor
CreateDialogIndirectParamW
EndDialog
GetAsyncKeyState
RegisterClipboardFormatW
TrackMouseEvent
LoadImageW
PostThreadMessageW
WindowFromPoint
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
ReleaseDC
GetDC
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetWindowRgn
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
GetSystemMetrics
LoadStringW
ExitWindowsEx
IsWindow
MessageBeep
GetForegroundWindow
GetWindowTextW
wsprintfW
GetDesktopWindow
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
UnhookWindowsHookEx
SendMessageW
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetParent
LoadBitmapW
GetMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
PostMessageW
PostQuitMessage
ShowOwnedPopups
SetCursor
EnableWindow
IsWindowEnabled
MessageBoxW
GetWindowLongW
GetWindowThreadProcessId
GetLastActivePopup
SetWindowPos
SetWindowContextHelpId
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
GetWindow
MapDialogRect
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
WaitMessage
GetKeyboardLayout
SetClipboardData
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor

gdi32

MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetViewportOrgEx
GetTextFaceW
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateCompatibleDC
BitBlt
DeleteObject
GetObjectW
SetTextColor
SetBkColor
DeleteDC
CopyMetaFileW
CreateDCW
GetDeviceCaps
GetWindowOrgEx
CreateHatchBrush
CreateBitmap

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegQueryValueExA
RegQueryValueW
RegEnumKeyW
RegDisablePredefinedCache
ImpersonateLoggedOnUser
DuplicateTokenEx
SetThreadToken
ReportEventW
RegisterEventSourceW
DeregisterEventSource
TraceMessage
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
RevertToSelf
IsValidSecurityDescriptor
InitializeAcl
ImpersonateSelf
GetLengthSid
AddAccessAllowedAce
AccessCheck
OpenThreadToken
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumValueW
RegQueryValueExW
RegOpenKeyW
RegCloseKey
ConvertSidToStringSidW
LookupAccountSidW
LookupPrivilegeValueW
FreeSid
EqualSid
AllocateAndInitializeSid
AdjustTokenPrivileges
GetTokenInformation
OpenProcessToken
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameW
RegOpenKeyExA

shell32

ShellExecuteW
ShellExecuteExW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileW
SHAppBarMessage
SHBrowseForFolderW
DragFinish
ord680

comctl32

ord17

shlwapi

PathIsRelativeA
PathFindExtensionW
PathFindFileNameW
PathFileExistsW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText
GetThemePartSize

ole32

OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoInitializeEx
CoUninitialize
StringFromGUID2
CLSIDFromString
CoTaskMemFree
CoInitialize
CoCreateInstance
IsAccelerator

oleaut32

SysAllocStringLen
SysAllocString
SysFreeString
VariantClear
VariantCopy
LoadTypeLi
VarBstrFromDate
OleCreateFontIndirect
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
SafeArrayDestroy
VariantInit

oledlg

OleUIBusyW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

winmm

PlaySoundW
sndPlaySoundW

netapi32

NetWkstaGetInfo
NetApiBufferFree
DsEnumerateDomainTrustsW
NetServerEnum

activeds

ord3

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

Exports

Exports

??0IQuarantine@Quarantine@Avira@@QAE@ABV012@@Z
??0IQuarantine@Quarantine@Avira@@QAE@XZ
??4IQuarantine@Quarantine@Avira@@QAEAAV012@ABV012@@Z
??_7IQuarantine@Quarantine@Avira@@6B@

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 481KB - Virtual size: 481KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.xqsj
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b5b4d57f37a266c3b2dbc5928de741a

Headers

DLL Characteristics

File Characteristics

Imports

winhttp

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

version

winmm

netapi32

activeds

gdiplus

oleacc

imm32

Exports

Exports

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 481KB - Virtual size: 481KB

.data Size: 104KB - Virtual size: 135KB

.rsrc Size: 93KB - Virtual size: 92KB

.reloc Size: 214KB - Virtual size: 213KB

.xqsj Size: 1024B - Virtual size: 780B

.idata Size: 16KB - Virtual size: 15KB

.rsrc Size: 93KB - Virtual size: 92KB

.reloc Size: 214KB - Virtual size: 213KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 481KB - Virtual size: 481KB

.data
Size: 104KB - Virtual size: 135KB

.rsrc
Size: 93KB - Virtual size: 92KB

.reloc
Size: 214KB - Virtual size: 213KB

.xqsj
Size: 1024B - Virtual size: 780B

.idata
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 93KB - Virtual size: 92KB

.reloc
Size: 214KB - Virtual size: 213KB