adf1d86dbe4bc29cd8b87d3cacbe39d4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

adf1d86dbe4bc29cd8b87d3cacbe39d4_JaffaCakes118
Size

452KB
MD5

adf1d86dbe4bc29cd8b87d3cacbe39d4
SHA1

16b36498ecb1e938c9fdea2eadf3ef2bc125ade2
SHA256

e53ce7dc4ae8d5081a3115f76a752b407d4c179e77a3066011ca30c00b30f0c0
SHA512

8b86948418c733237ea0f9fa244c5e0bfd2ccd50b566c7f6cd48454d94f4c6088eb81fa04fa85d9330dfa92a3647acb9cea81311f12676e5224f29437ac9fe50
SSDEEP

6144:HSjUU+u4/MvLI553r+/X7lh/ybPL12gsmYJw9FtHwdo4lG9iC5RjFK/vrkPn6:AZDIb6h/ybT12grYw9FZgGMC5RmTg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adf1d86dbe4bc29cd8b87d3cacbe39d4_JaffaCakes118

Files

adf1d86dbe4bc29cd8b87d3cacbe39d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f73cb1b9390a6cbaa7a22f2420c61bcf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

shlwapi

PathRemoveFileSpecA

netapi32

Netbios

user32

GetDC
ReleaseDC
SystemParametersInfoA
InvalidateRect
OffsetRect
IsWindowVisible
TrackMouseEvent
RegisterWindowMessageA
EnableWindow
KillTimer
IsWindow
DefDlgProcA
IsWindowUnicode
PostThreadMessageA
RegisterClipboardFormatA
GetWindowRect
SetWindowRgn
SetRect
GetSystemMetrics
DrawIcon
ScreenToClient
GetClientRect
PtInRect
SetForegroundWindow
SendMessageA
PostMessageA
SetTimer
PostQuitMessage
TranslateMessage
DispatchMessageA
LoadIconA
LoadImageA
GetParent
SetFocus
GetFocus
GetSysColor
InflateRect
UnionRect
SetRectEmpty
CopyRect
DestroyMenu
DestroyCursor
LoadBitmapA
FindWindowA
GetLastActivePopup
BringWindowToTop
MessageBeep
CopyAcceleratorTableA
GetWindowLongA
GetNextDlgTabItem
IsIconic
DestroyIcon
GetSysColorBrush
GetClassNameA
GetDesktopWindow
CharUpperA
LoadStringA
CharNextA
MapWindowPoints
AdjustWindowRectEx
GetTopWindow
IsChild
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
SetCursor
GetActiveWindow
WindowFromPoint
ClientToScreen
TrackPopupMenuEx
GetSubMenu
DrawFocusRect
FrameRect
DrawStateA
FillRect
TabbedTextOutA
DrawTextA
GrayStringA
GetCursorPos
IsRectEmpty
DefWindowProcA
EndPaint
BeginPaint
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassExA
LoadCursorA
GetMessageA
UnregisterClassA
DestroyWindow
SetWindowLongA
TrackPopupMenu
SetMenuDefaultItem
DrawEdge
GetCapture
ReleaseCapture
GetNextDlgGroupItem
SetWindowTextA
GetMenuItemID
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
IntersectRect
GetWindowPlacement
MoveWindow
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
GetWindowDC
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetKeyState
ExcludeUpdateRgn
ShowCaret
HideCaret
LoadMenuA
MessageBoxA
IsWindowEnabled
SetWindowsHookExA
PeekMessageA
ValidateRect
CallNextHookEx

kernel32

FindFirstFileA
MoveFileA
ExitProcess
GetVersionExA
WinExec
Sleep
MulDiv
SetFileAttributesA
TerminateThread
GetProcAddress
MultiByteToWideChar
GetTickCount
GetModuleHandleA
GetVersion
GetShortPathNameA
MoveFileExA
LeaveCriticalSection
GetLocalTime
EnterCriticalSection
ExpandEnvironmentStringsA
FindClose
FindNextFileA
InitializeCriticalSection
DeleteCriticalSection
ResumeThread
CreateEventA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
SizeofResource
LoadResource
FindResourceA
WaitForSingleObject
ResetEvent
SetEvent
GetPriorityClass
LocalFree
FormatMessageA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
GetProfileStringA
QueryPerformanceCounter
QueryPerformanceFrequency
HeapFree
HeapAlloc
WriteFile
ReadFile
GetFileSize
CreateFileA
GetCurrentThreadId
GetCurrentThread
lstrcmpA
GlobalDeleteAtom
InterlockedIncrement
InterlockedDecrement
lstrlenA
WideCharToMultiByte
SetLastError
lstrcpyA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcatA
GetThreadLocale
lstrcpynA
DuplicateHandle
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFullPathNameA
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
WritePrivateProfileStringA
GetProcessVersion
GetCPInfo
GetOEMCP
GetFileAttributesA
GetFileTime
SetErrorMode
RtlUnwind
CreateThread
ExitThread
GetStartupInfoA
GetCommandLineA
RaiseException
GetTimeZoneInformation
GetSystemTime
GetACP
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetCurrentDirectoryA
FreeLibrary
GetModuleFileNameA
LoadLibraryA
GetSystemDirectoryA
Process32First
lstrcmpiA
OpenProcess
GetExitCodeProcess
TerminateProcess
Process32Next
DeleteFileA
GetCurrentProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateProcessA
CreateMutexA
GetLastError
ReleaseMutex
CreateToolhelp32Snapshot
Module32First
CloseHandle

gdi32

SetViewportOrgEx
GetTextExtentPointA
PatBlt
GetTextColor
CreatePen
GetWindowExtEx
GetViewportExtEx
PolyBezierTo
GetCurrentPositionEx
LineTo
MoveToEx
IntersectClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
CreateDIBitmap
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateRectRgn
SelectClipRgn
StretchBlt
Escape
TextOutA
RectVisible
PtVisible
LPtoDP
GetMapMode
DPtoLP
CreateSolidBrush
BeginPath
EndPath
StrokeAndFillPath
PathToRegion
CombineRgn
GetPixel
CreateBitmap
SetBkColor
SetTextColor
CreateCompatibleBitmap
SelectObject
GetStockObject
DeleteObject
ExtTextOutA
CreateFontIndirectA
CreateDCA
DeleteDC
GetObjectA
GetDeviceCaps
CreateFontA
GetBkColor
CreateRoundRectRgn
CreateCompatibleDC
BitBlt

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyA
RegEnumValueA
RegCloseKey

shell32

ShellExecuteA
SHFileOperationA
SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteExA

comctl32

ord17
_TrackMouseEvent
ImageList_Destroy

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
CoInitialize
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253
ord251

oleaut32

SysFreeString
SysStringLen
SysAllocStringByteLen
SysAllocStringLen
VariantCopy
SysAllocString
VariantChangeType
VariantTimeToSystemTime
VariantClear

urlmon

URLDownloadToFileA

wininet

InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetOpenUrlA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetOpenA
InternetSetOptionA
InternetConnectA
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
DeleteUrlCacheEntry
InternetGetLastResponseInfoA
InternetQueryDataAvailable

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

Sections

.text
Size: 276KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f73cb1b9390a6cbaa7a22f2420c61bcf

Headers

File Characteristics

Imports

iphlpapi

shlwapi

netapi32

user32

kernel32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

wininet

rpcrt4

Sections

.text Size: 276KB - Virtual size: 273KB

.rdata Size: 132KB - Virtual size: 131KB

.data Size: 16KB - Virtual size: 36KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 276KB - Virtual size: 273KB

.rdata
Size: 132KB - Virtual size: 131KB

.data
Size: 16KB - Virtual size: 36KB

.rsrc
Size: 24KB - Virtual size: 23KB