b01abe9d6f7c3af366d0c808ad5324f4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b01abe9d6f7c3af366d0c808ad5324f4_JaffaCakes118
Size

182KB
MD5

b01abe9d6f7c3af366d0c808ad5324f4
SHA1

4536acd410b17b465fc805cc181977c000f97bb1
SHA256

3bfce7abbe15a6dc2ba9a401e025a9bdac38e666d7a9fb5b6ad4931ce74715a4
SHA512

6146dc9da155f71a657f10afde6a8c2f8f3c654dad7eb3a8b0a410fd8f8598b6efe37e239014c7f98d73abadb0afd6cd24e4987d66381257ae9f66dceed0a735
SSDEEP

3072:QZVUq/0sjRvVJ7uyBAKeVHJGPZMVC3H71uLMZeHdBEia67RpNqkUuwgvM095hYz3:QZ9/xVJ7uI/+HJGPmVCrcfHTEi37RarN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/netlab.exe

Files

b01abe9d6f7c3af366d0c808ad5324f4_JaffaCakes118
.zip
netlab.exe
.exe windows:1 windows x86 arch:x86

521a9b7e5f2cf51636df9ffa3ef2c288

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA
waveOutGetNumDevs

advapi32

AbortSystemShutdownA
GetUserNameA
InitiateSystemShutdownA

shell32

DragAcceptFiles
DragFinish
DragQueryFileA
DragQueryPoint
ExtractAssociatedIconA
ExtractIconA
FindExecutableA
SHAddToRecentDocs
SHFileOperationA
SHGetFileInfoA
ShellExecuteA

comctl32

ord16
ord17
ImageList_Add
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_Draw
ImageList_DrawEx
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetIcon
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_Merge
ImageList_Remove
ImageList_ReplaceIcon
ImageList_Replace
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetOverlayImage

gdi32

AbortDoc
ArcTo
Arc
BitBlt
Chord
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDIBitmap
CreateEllipticRgn
CreateFontIndirectA
CreateHatchBrush
CreateICA
CreatePalette
CreatePatternBrush
CreatePen
CreatePolyPolygonRgn
CreatePolygonRgn
CreateRectRgn
CreateRoundRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
Ellipse
EndDoc
EndPage
EqualRgn
ExtFloodFill
ExtTextOutA
FillRgn
FrameRgn
GetArcDirection
GetBkColor
GetBkMode
GetBrushOrgEx
GetClipBox
GetCurrentObject
GetCurrentPositionEx
GetDIBits
GetDeviceCaps
GetMapMode
GetObjectA
GetPolyFillMode
GetROP2
GetRgnBox
GetStockObject
GetTextAlign
GetTextColor
GetTextExtentExPointA
GetTextExtentPoint32A
GetTextExtentPointA
GetTextFaceA
GetTextMetricsA
InvertRgn
LineTo
MoveToEx
OffsetRgn
PaintRgn
PatBlt
Pie
PolyBezierTo
PolyBezier
PolyPolygon
Polygon
PolylineTo
Polyline
PtInRegion
RealizePalette
RectInRegion
Rectangle
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetArcDirection
SetBkColor
SetBkMode
SetBrushOrgEx
SetMapMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
SetTextCharacterExtra
SetTextColor
StartDocA
StartPage
StretchBlt
TextOutA
UpdateColors

user32

AttachThreadInput
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcA
CharLowerBuffA
CharUpperBuffA
CheckMenuItem
CheckRadioButton
ChildWindowFromPoint
ClientToScreen
ClipCursor
CloseClipboard
CopyAcceleratorTableA
CopyImage
CreateAcceleratorTableA
CreateDialogIndirectParamA
CreateDialogParamA
CreateIconIndirect
CreateMenu
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DeferWindowPos
DestroyAcceleratorTable
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxIndirectParamA
DialogBoxParamA
DispatchMessageA
DrawFocusRect
DrawIcon
DrawIconEx
DrawMenuBar
DrawTextA
DrawTextExA
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EnumChildWindows
EnumThreadWindows
EnumWindows
FillRect
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassNameA
GetClientRect
GetClipCursor
GetClipboardData
GetCursor
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDialogBaseUnits
GetDlgCtrlID
GetDlgItem
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyState
GetMenu
GetMenuCheckMarkDimensions
GetMenuContextHelpId
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuState
GetMenuStringA
GetMessageA
GetNextDlgGroupItem
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetWindowContextHelpId
GetWindowDC
GetWindowLongA
GetWindow
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowThreadProcessId
InSendMessage
InsertMenuA
InvalidateRect
InvalidateRgn
InvertRect
IsClipboardFormatAvailable
IsDialogMessageA
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
LoadMenuA
LoadStringA
LockWindowUpdate
MapWindowPoints
MessageBeep
MessageBoxA
ModifyMenuA
MoveWindow
MsgWaitForMultipleObjects
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ReplyMessage
ScreenToClient
ScrollWindow
SendMessageA
SetActiveWindow
SetCapture
SetClassLongA
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetMenu
SetMenuContextHelpId
SetMenuItemBitmaps
SetMenuItemInfoA
SetParent
SetPropA
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowContextHelpId
SetWindowLongA
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowCursor
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateAcceleratorA
TranslateMessage
UnhookWindowsHookEx
UpdateWindow
ValidateRect
ValidateRgn
WaitMessage
WinHelpA
WindowFromPoint
wsprintfA

kernel32

AddAtomA
CloseHandle
CopyFileA
CreateEventA
CreateFileA
CreateMutexA
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DeleteFileA
DosDateTimeToFileTime
DuplicateHandle
EnterCriticalSection
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FormatMessageA
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetComputerNameA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetCurrentThread
GetDateFormatA
GetDiskFreeSpaceA
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeThread
GetFileAttributesA
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetProcAddress
GetProfileStringA
GetStdHandle
GetSystemDefaultLCID
GetSystemDefaultLangID
GetSystemDirectoryA
GetSystemTime
GetThreadPriority
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetVersionExA
GetVersion
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAlloc
GlobalFlags
GlobalFree
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LocalFileTimeToFileTime
LocalFree
LockResource
MoveFileA
MulDiv
MultiByteToWideChar
OpenEventA
OpenFile
OpenMutexA
OpenSemaphoreA
OutputDebugStringA
PulseEvent
ReadFile
ReleaseMutex
ReleaseSemaphore
ResetEvent
ResumeThread
SearchPathA
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetEnvironmentVariableA
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetLastError
SetLocaleInfoA
SetStdHandle
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
WriteProfileStringA
_hread
_hwrite
_lclose
_llseek
lstrcpyA
lstrcpynA

Sections

AUTO
Size: 271KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 11KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 61KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 16KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 26KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

521a9b7e5f2cf51636df9ffa3ef2c288

Headers

File Characteristics

Imports

winmm

advapi32

shell32

comctl32

gdi32

user32

kernel32

Sections

AUTO Size: 271KB - Virtual size:

.idata Size: 11KB - Virtual size:

DGROUP Size: 61KB - Virtual size:

.bss Size: 16KB - Virtual size:

.reloc Size: 26KB - Virtual size:

.rsrc Size: 15KB - Virtual size:

AUTO
Size: 271KB - Virtual size:

.idata
Size: 11KB - Virtual size:

DGROUP
Size: 61KB - Virtual size:

.bss
Size: 16KB - Virtual size:

.reloc
Size: 26KB - Virtual size:

.rsrc
Size: 15KB - Virtual size: