b57665eeac527c530aa9d1d1006d2f7b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b57665eeac527c530aa9d1d1006d2f7b_JaffaCakes118
Size

712KB
MD5

b57665eeac527c530aa9d1d1006d2f7b
SHA1

119dc9c5c22d708a8dfe0623f272e435f565ab88
SHA256

f865d3c2d2857d593d01e26d1ef30459f82e6c74100aebb7fad0518b3ac65778
SHA512

c20b76962abc767ab501f929ad1c3cae960bf8d0d2f8293992fef89ee2856747096fe9c9ca8b1e5771eb68edac2a034888c0861357080530f7521ff8e9294c0c
SSDEEP

12288:2V2oxKjOGdPEtZPxkj9jNbA2bK7VdnwVGQfXHEBOJP17foknOMxe:75Z1j127VlE3EI19nT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b57665eeac527c530aa9d1d1006d2f7b_JaffaCakes118

Files

b57665eeac527c530aa9d1d1006d2f7b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8410ae8612ecb76c11dda4b7a450baf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
GetACP
HeapSize
HeapReAlloc
UnhandledExceptionFilter
FatalAppExitA
SetUnhandledExceptionFilter
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetComputerNameA
GetModuleFileNameA
FindFirstFileA
MoveFileA
FindClose
ExitProcess
GetCurrentProcess
CreateEventW
CreateFileW
CreateFileMappingA
CreateFileMappingW
CreateMutexW
CreatePipe
CreateProcessW
DeleteFileW
GetCurrentDirectoryW
GetExitCodeThread
GetFileAttributesW
GetModuleFileNameW
GetModuleHandleW
GetSystemDirectoryW
GetTimeZoneInformation
GetVersionExW
LoadLibraryW
LoadLibraryExA
MapViewOfFile
OpenEventA
OpenEventW
OpenFileMappingA
OpenFileMappingW
OpenMutexA
OpenMutexW
OpenProcess
ReadProcessMemory
ReleaseMutex
TerminateThread
UnmapViewOfFile
VirtualProtect
VirtualProtectEx
VirtualQueryEx
WriteProcessMemory
lstrcatW
lstrcmpiW
lstrcpyW
GetFileType
SetStdHandle
GetCommandLineA
GetStartupInfoA
GetProfileStringA
VirtualQuery
InterlockedExchange
TerminateProcess
HeapAlloc
CreateMutexA
GetExitCodeProcess
GetVersion
GetPrivateProfileIntA
GetPrivateProfileStringA
WriteFile
DeleteFileA
GlobalAlloc
WritePrivateProfileStringA
GlobalFree
CreateNamedPipeA
OutputDebugStringA
GetLastError
CreateFileA
GetCurrentProcessId
DeviceIoControl
GetSystemDirectoryA
CreateProcessA
Sleep
LoadLibraryA
GetProcAddress
FreeLibrary
PulseEvent
ResetEvent
WaitForMultipleObjects
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateEventA
SetEvent
WaitForSingleObject
HeapFree
RaiseException
ExitThread
CreateThread
RtlUnwind
GlobalSize
SetErrorMode
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
GetFileAttributesA
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
SizeofResource
GlobalFlags
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
FormatMessageA
LocalFree
lstrcpynA
lstrlenW
MulDiv
SetLastError
lstrcmpA
GetCurrentThread
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
lstrcatA
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GlobalLock
GlobalUnlock
LockResource
FindResourceA
LoadResource
SuspendThread
GetCurrentThreadId
SetThreadPriority
ResumeThread
CloseHandle
CreateDirectoryA
GetVersionExA
GetSystemDefaultLangID
GetLocalTime
CopyFileA
ReadFile
SetLocalTime
GetWindowsDirectoryA
GetThreadContext
GetTickCount

user32

OemToCharA
CharToOemA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
FindWindowA
SendMessageTimeoutA
PostMessageA
PeekMessageA
KillTimer
MessageBoxA
SetTimer
CloseDesktop
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
ShowOwnedPopups
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
SetCursor
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
DefWindowProcA
GetMessageTime
GetThreadDesktop
GetUserObjectInformationA
MsgWaitForMultipleObjects
OpenInputDesktop
GetKeyboardType
CloseWindow
EnableWindow
LoadIconA
SystemParametersInfoA
SendMessageA
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
PostQuitMessage
SetForegroundWindow
GetCursorPos
InsertMenuA
CreatePopupMenu
RegisterWindowMessageA
SetWindowsHookExA
IsWindowVisible
LoadAcceleratorsA
ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsWindowEnabled
GetDlgItem
GetWindowLongA
GetParent
DestroyWindow
CreateDialogIndirectParamA
IsWindow
TabbedTextOutA
DrawTextA
GrayStringA
SetWindowContextHelpId
MapDialogRect
DestroyMenu
CharUpperA
LoadCursorA
GetSysColorBrush
GetClassNameA
PtInRect
GetDesktopWindow
GetDialogBaseUnits
LoadStringA
SetCapture
ReleaseCapture
WaitMessage
GetWindowThreadProcessId
WindowFromPoint
DeleteMenu
GetMenuStringA
CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
AppendMenuA
RemoveMenu
wvsprintfA
SetRectEmpty
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
InvalidateRect
BringWindowToTop
InflateRect
SetActiveWindow
EndDialog
GetNextDlgTabItem
GetWindowRect
GetWindowPlacement
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongA
GetWindow
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
GetForegroundWindow
GetLastActivePopup
GetMessagePos
RegisterClipboardFormatA
PostThreadMessageA
GetDlgCtrlID
DestroyIcon

gdi32

SetTextColor
SetBkColor
GetObjectA
CreateBitmap
DeleteDC
StartDocA
SaveDC
RestoreDC
SelectObject
GetStockObject
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
GetClipBox
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPoint32A
GetTextMetricsA
GetTextColor
GetBkColor
DPtoLP
LPtoDP
CopyMetaFileA
CreateDCA
GetMapMode
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
PolylineTo
CreateFontIndirectA
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateDIBitmap
GetDCOrgEx

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

GetKernelObjectSecurity
CloseServiceHandle
StartServiceA
CreateServiceA
OpenSCManagerA
OpenServiceA
DeleteService
ControlService
QueryServiceStatus
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
FreeSid
EqualSid
GetTokenInformation
OpenProcessToken
AllocateAndInitializeSid
ChangeServiceConfigA
QueryServiceConfigA
GetServiceDisplayNameA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyA
RegDeleteKeyA
RegSetValueA
RegQueryValueA
RegEnumKeyA
RegCreateKeyA
SetSecurityDescriptorDacl
RegSetValueExW
LookupPrivilegeValueA
IsValidSid
InitializeSecurityDescriptor
GetLengthSid
AdjustTokenPrivileges

shell32

DragAcceptFiles
Shell_NotifyIconA
ExtractIconA
DragQueryFileA
DragFinish
SHGetFileInfoA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
OleRun
ReleaseStgMedium
CoTreatAsClass
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
OleDuplicateData
CoRegisterMessageFilter
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoUninitialize
CoInitializeEx
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
CoRegisterClassObject
CoDisconnectObject
OleSetClipboard
CoRevokeClassObject
StringFromCLSID

olepro32

ord253

oleaut32

SysFreeString
SafeArrayRedim
LoadTypeLi
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysReAllocStringLen
VariantChangeType
VariantClear
VariantCopy
SysAllocStringLen
SysAllocString

wininet

InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
InternetOpenUrlA
InternetOpenA

ws2_32

listen
send
recv
getsockname
inet_ntoa
WSAStartup
bind
WSACreateEvent
WSAEventSelect
inet_addr
htons
connect
WSAGetLastError
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
closesocket
htonl
WSACleanup
gethostname
gethostbyname
socket
accept

iphlpapi

GetAdaptersInfo
GetNetworkParams

shlwapi

PathFileExistsA
SHDeleteValueA

netapi32

Netbios

Sections

.text
Size: 440KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CODE
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e8410ae8612ecb76c11dda4b7a450baf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

ws2_32

iphlpapi

shlwapi

netapi32

Sections

.text Size: 440KB - Virtual size: 436KB

CODE Size: 104KB - Virtual size: 102KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 40KB - Virtual size: 55KB

DATA Size: 4KB - Virtual size: 3KB

BSS Size: 4KB - Virtual size: 1KB

.rsrc Size: 24KB - Virtual size: 40KB

.text
Size: 440KB - Virtual size: 436KB

CODE
Size: 104KB - Virtual size: 102KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 40KB - Virtual size: 55KB

DATA
Size: 4KB - Virtual size: 3KB

BSS
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 24KB - Virtual size: 40KB