b547b5feb475f732e6a1578b52e55510_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b547b5feb475f732e6a1578b52e55510_JaffaCakes118
Size

3.7MB
MD5

b547b5feb475f732e6a1578b52e55510
SHA1

7edc91f2691cffd466125616e6284a1fe4d0b04b
SHA256

0aeb3fa8ba8d3ebeba331d4f92c08ab9ba94106f6280aeaa84cb359a3496c1ca
SHA512

5866e62573eee1a0fdd19fec53736db982828197e35b15f130fe69b1c1ba0cf43dbf1a458a5dea0ac6e94a02d12b0a4b357584731105d86dc2202bedd30f4e64
SSDEEP

49152:9N3mVr8uVKYvhgzIhc7eOLyJT5lvO3AjTgRQwR/wa6XCI0:X3wVKYptagLlvO3zQQ6Xz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b547b5feb475f732e6a1578b52e55510_JaffaCakes118

Files

b547b5feb475f732e6a1578b52e55510_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6532d5cb6e66c1847181c5e837227bc2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\liveu\Release\liveu.pdb

Imports

kernel32

GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
LCMapStringW
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCPInfo
GetCurrentDirectoryA
GetDriveTypeA
SetEnvironmentVariableA
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
VirtualProtect
HeapSize
GetFileType
SetStdHandle
RaiseException
RtlUnwind
ExitProcess
ExitThread
GetSystemTimeAsFileTime
GetStartupInfoW
GetCurrentDirectoryW
GetFileSizeEx
LocalFileTimeToFileTime
SystemTimeToFileTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalReAlloc
TlsGetValue
GlobalFlags
GlobalGetAtomNameW
GetDiskFreeSpaceW
FindResourceExW
GetProfileIntW
GetExitCodeThread
EnumResourceTypesW
EnumResourceNamesW
GetTempFileNameW
GetFileTime
SetFileTime
ResumeThread
SetThreadPriority
GetCurrentProcessId
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
lstrcmpA
GetModuleHandleA
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
GetThreadLocale
GetStringTypeExW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
GetVersionExA
FreeLibrary
CopyFileW
MulDiv
GlobalHandle
TerminateThread
CreateThread
VirtualAlloc
VirtualFree
LocalSize
LocalAlloc
GlobalSize
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FlushFileBuffers
IsBadWritePtr
VirtualQuery
GetLocalTime
SetUnhandledExceptionFilter
SetErrorMode
InterlockedExchange
CancelIo
InterlockedIncrement
OutputDebugStringW
InterlockedDecrement
GetQueuedCompletionStatus
GetSystemInfo
CreateIoCompletionPort
PostQueuedCompletionStatus
WaitForSingleObject
SetEvent
CreateEventW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
GetModuleFileNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
DeleteFileW
Sleep
FindClose
FindNextFileW
lstrcmpW
FindFirstFileW
lstrcpynW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileAttributesW
GetDiskFreeSpaceExW
lstrcmpiW
GetLogicalDriveStringsW
LocalFree
FormatMessageW
GetDriveTypeW
ReadFile
GetFileSize
SetFilePointer
HeapFree
WriteFile
CreateFileW
lstrcpyW
CloseHandle
GetProcAddress
GetModuleHandleW
LoadLibraryW
SetLastError
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
FreeResource
lstrlenA
lstrlenW
WideCharToMultiByte
GetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
HeapReAlloc
HeapAlloc
GetProcessHeap
CreateFileA

user32

GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
TrackPopupMenu
SetMenu
SetScrollRange
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
CopyRect
PtInRect
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
EndDeferWindowPos
SetFocus
UnhookWindowsHookEx
GetClassLongW
GetMenuItemID
InsertMenuW
InsertMenuItemW
LoadAcceleratorsW
ReuseDDElParam
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
KillTimer
EndPaint
BeginPaint
FillRect
SetTimer
CallNextHookEx
SetWindowsHookExW
GetCapture
IsChild
WinHelpW
SendDlgItemMessageA
GetSysColor
DispatchMessageW
BeginDeferWindowPos
GetLastActivePopup
GetForegroundWindow
RemovePropW
GetPropW
SetPropW
SetScrollPos
GetClassNameW
UnpackDDElParam
SetRect
SendMessageW
EnableWindow
LoadIconW
GetSystemMenu
GetMenuState
CheckMenuItem
GetWindowRect
GetClientRect
GetSystemMetrics
SendDlgItemMessageW
GetMenuStringW
ReleaseDC
AppendMenuW
CheckMenuRadioItem
GetDC
PostMessageW
IsWindowVisible
GetDesktopWindow
LoadCursorW
wsprintfW
MessageBoxW
GetWindow
SetCapture
ClientToScreen
WindowFromPoint
UpdateWindow
ScreenToClient
SetCursor
ReleaseCapture
GetParent
GetDlgCtrlID
SetWindowPos
GetCursorPos
SetDlgItemTextW
IsDialogMessageW
SetWindowTextW
MoveWindow
ShowWindow
CharUpperW
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetMenuItemInfoW
DestroyMenu
SystemParametersInfoW
TabbedTextOutW
DrawTextExW
GrayStringW
GetWindowDC
GetKeyNameTextW
MapVirtualKeyW
InvalidateRect
IsZoomed
SetRectEmpty
PostQuitMessage
RegisterClipboardFormatW
GetWindowThreadProcessId
MapDialogRect
SetWindowContextHelpId
ValidateRect
ShowOwnedPopups
TranslateAcceleratorW
BringWindowToTop
LockWindowUpdate
GetDCEx
UnionRect
SetParent
GetNextDlgGroupItem
InvalidateRgn
IsRectEmpty
TranslateMessage
GetMessageW
LoadImageW
RegisterWindowMessageW
GetClipboardData
CloseClipboard
SetClipboardData
EmptyClipboard
CopyAcceleratorTableW
PostThreadMessageW
UnregisterClassW
OpenClipboard
GetSysColorBrush
GetFocus
LoadMenuW
GetSubMenu
DeleteMenu
GetMenuItemCount
EnableMenuItem
CharNextW
CreatePopupMenu
GetAsyncKeyState
TranslateMDISysAccel
DrawMenuBar
DefFrameProcW
GetClipboardFormatNameW
SendMessageTimeoutW
IsWindowUnicode
GetWindowLongA
SetWindowLongA
GetDoubleClickTime
SetCursorPos
HideCaret
ShowCaret
GetWindowRgn
IsMenu
GetMenuDefaultItem
SetWindowRgn
GetCursor
CreateIconIndirect
CopyIcon
LookupIconIdFromDirectoryEx
CreateIconFromResourceEx
InvertRect
GetKeyboardLayout
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayoutList
GetKeyboardState
ToUnicodeEx
DrawTextW
ShowScrollBar
DrawIconEx
IntersectRect
GetIconInfo
SetClassLongW
DestroyIcon
DestroyCursor
GetKeyState
wvsprintfW
SetForegroundWindow
MessageBeep
OffsetRect
InflateRect
IsClipboardFormatAvailable
RedrawWindow
DrawStateW
DrawFocusRect
DrawFrameControl
DrawEdge
WaitMessage
SetMenuDefaultItem

gdi32

SelectClipRgn
GetClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
PatBlt
GetTextMetricsW
GetCharWidthW
CreateFontW
GetBkColor
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetTextColor
GetRgnBox
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
RestoreDC
GetTextExtentPoint32W
CreateFontIndirectW
CreateBitmap
GetClipBox
CopyMetaFileW
GetDeviceCaps
LineTo
MoveToEx
CreateCompatibleBitmap
CreatePen
GetObjectW
ExtTextOutW
SetBkColor
SetPixel
Polygon
GetTextAlign
StretchBlt
GetCurrentObject
GetWindowOrgEx
EnumFontFamiliesExW
GetDIBits
GetBitmapBits
ExtCreateRegion
PtInRegion
Polyline
GetViewportOrgEx
Ellipse
ExtFloodFill
CreatePolygonRgn
RoundRect
BitBlt
StretchDIBits
CreateDIBSection
CreateCompatibleDC
DeleteDC
DeleteObject
SelectObject
CreateSolidBrush
TextOutW
SetTextColor
CreateRectRgnIndirect
SaveDC
SetBkMode

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegSetValueW
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
SetFileSecurityW
RegSetValueExW
RegDeleteValueW
RegCreateKeyW
RegCreateKeyExW
GetFileSecurityW

shell32

Shell_NotifyIconW
ExtractIconW
DragQueryFileW
DragFinish
ShellExecuteW
SHGetFileInfoW

comctl32

InitCommonControlsEx
_TrackMouseEvent
PropertySheetW
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Destroy
ImageList_AddMasked
ImageList_Draw
ImageList_Create

shlwapi

PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathRemoveFileSpecW
SHAutoComplete
PathFindFileNameW

oledlg

OleUIBusyW
OleUIAddVerbMenuW

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
StgOpenStorageOnILockBytes
CoInitializeEx
CoCreateInstance
StgCreateDocfileOnILockBytes
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoUninitialize
CoInitialize
CreateILockBytesOnHGlobal
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleDuplicateData

oleaut32

OleLoadPicturePath
SysAllocString
OleCreateFontIndirect
VarDateFromStr
SafeArrayDestroy
VariantCopy
LoadTypeLi
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime

avifil32

AVIFileOpenW
AVIFileExit
AVIFileInit
AVIFileCreateStreamW
AVIStreamSetFormat
AVIStreamWrite
AVIFileRelease
AVIStreamRelease

msvfw32

DrawDibClose
DrawDibDraw
DrawDibOpen

ws2_32

ioctlsocket
WSACloseEvent
WSASend
connect
socket
WSAIoctl
setsockopt
WSAGetLastError
accept
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
listen
bind
htons
WSACreateEvent
WSASocketW
WSACleanup
WSAStartup
closesocket
getpeername
inet_ntoa
gethostbyname
gethostname
select
send
recv
WSAEventSelect
WSARecv

winmm

PlaySoundW
waveOutOpen
waveOutGetNumDevs
waveInStart
waveInOpen
waveInGetNumDevs
waveOutPrepareHeader
waveInAddBuffer
waveInPrepareHeader
waveOutWrite
waveOutClose
waveOutUnprepareHeader
waveOutReset
waveInClose
waveInUnprepareHeader
waveInReset

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 394KB - Virtual size: 394KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 550KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6532d5cb6e66c1847181c5e837227bc2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

avifil32

msvfw32

ws2_32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rodata Size: 11KB - Virtual size: 10KB

.rdata Size: 394KB - Virtual size: 394KB

.data Size: 52KB - Virtual size: 550KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.reloc Size: 164KB - Virtual size: 164KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rodata
Size: 11KB - Virtual size: 10KB

.rdata
Size: 394KB - Virtual size: 394KB

.data
Size: 52KB - Virtual size: 550KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

.reloc
Size: 164KB - Virtual size: 164KB