b1aca1df20e553be57956329405c7898_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b1aca1df20e553be57956329405c7898_JaffaCakes118
Size

2.6MB
MD5

b1aca1df20e553be57956329405c7898
SHA1

2a196648e3378f92dbbe6860f38665a2fc73d034
SHA256

1f8b7121db5a4396204d59e4f32c4587d3918a017250678eb8c5f67fb3906c49
SHA512

02e70afcf18375981c980a7057337c864276fbbfc1cc969c918d9181431856a480a34260bc847362584f63632735dedf5c783ebb5a1227e51c5a49f53f8a9f8c
SSDEEP

49152:Bj6YEJSEbE4sHxJVRmxnox488jiUGr5pF:FkEvHtRKnox488jiH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1aca1df20e553be57956329405c7898_JaffaCakes118

Files

b1aca1df20e553be57956329405c7898_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a345eb99854ec8b704b69ed68429749b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
RegEnumKeyA
GetUserNameA
RegCloseKey
RegQueryValueA
RegOpenKeyA
RegSetValueExA
RegDeleteKeyA
SetFileSecurityA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueA
RegCreateKeyA
GetFileSecurityA

mpr

WNetGetUserA

widge32

ord295
ord99
ord30
ord43
ord33
ord75

implode

implode
explode

kernel32

RaiseException
GetSystemTime
GetLocalTime
ExitProcess
RtlUnwind
GetTimeZoneInformation
ExitThread
GetCPInfo
TlsGetValue
GetOEMCP
GetStartupInfoA
SetStdHandle
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
LocalReAlloc
GlobalFlags
TlsSetValue
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
IsBadCodePtr
VirtualFree
VirtualAlloc
VirtualLock
VirtualQuery
EnterCriticalSection
LeaveCriticalSection
GetCurrentDirectoryA
FindResourceA
GlobalGetAtomNameA
GlobalDeleteAtom
lstrcpynA
Sleep
GetCommandLineA
HeapCreate
InterlockedExchange
GetFileInformationByHandle
PeekNamedPipe
TlsAlloc
SystemTimeToFileTime
SizeofResource
FindNextFileA
LocalFileTimeToFileTime
GetFileSize
CreateEventA
FileTimeToLocalFileTime
FileTimeToSystemTime
ResumeThread
SuspendThread
SetThreadPriority
lstrcmpA
SetEvent
GetCurrentThread
GetStringTypeExA
lstrcmpiA
GetThreadLocale
MoveFileA
FindFirstFileA
FindClose
DuplicateHandle
SetEndOfFile
FlushFileBuffers
GetTempFileNameA
SetLastError
GetFullPathNameA
lstrcpyA
GetFileTime
SetFileTime
InterlockedIncrement
lstrcatA
InterlockedDecrement
LocalAlloc
_lopen
GetVolumeInformationA
_lread
TerminateThread
_lclose
GetModuleHandleA
GetPrivateProfileIntA
CreateThread
DeviceIoControl
SetFilePointer
WriteFile
ReadFile
LockFile
DeleteFileA
UnlockFile
FreeResource
WideCharToMultiByte
lstrlenW
LocalFree
GetFileAttributesA
SetCurrentDirectoryA
MultiByteToWideChar
GlobalHandle
MulDiv
FreeLibrary
SearchPathA
DebugBreak
GetLocaleInfoA
GlobalAddAtomA
GetUserDefaultLCID
GlobalUnlock
GlobalReAlloc
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
OutputDebugStringA
LoadResource
LockResource
GetPrivateProfileStringA
lstrlenA
CreateFileA
GetShortPathNameA
WritePrivateProfileStringA
FormatMessageA
GetDriveTypeA
SetErrorMode
GetModuleFileNameA
GetVersionExA
GetDiskFreeSpaceA
WinExec
GetProfileStringA
LoadLibraryA
GetProcAddress
GetTickCount
TerminateProcess
GetVersion
GetExitCodeProcess
GetProcessVersion
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSection
WaitForSingleObject
GetLastError
CreateMutexA
MapViewOfFile
GetCurrentProcessId
ReleaseMutex
HeapAlloc
OpenMutexA
VirtualQueryEx
GetSystemInfo
GetCurrentProcess
OpenProcess
OpenFileMappingA
GetProcessHeap
HeapFree
UnmapViewOfFile
CreateFileMappingA
MapViewOfFileEx
SetUnhandledExceptionFilter
CloseHandle
GetStringTypeA
GetACP
GetFileType

user32

ShowOwnedPopups
GetWindowDC
TabbedTextOutA
GrayStringA
wvsprintfA
WaitMessage
SetParent
GetSystemMenu
DrawFocusRect
GetSysColorBrush
DestroyIcon
GetTabbedTextExtentA
GetDCEx
LockWindowUpdate
InsertMenuA
GetMenuStringA
IsRectEmpty
IntersectRect
GetNextDlgGroupItem
InvertRect
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetForegroundWindow
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetNextDlgTabItem
EndDialog
CharNextA
CopyAcceleratorTableA
GetActiveWindow
SetWindowPos
DestroyWindow
BringWindowToTop
MapWindowPoints
UnionRect
DrawTextExA
LoadBitmapA
SetRectEmpty
WinHelpA
GetLastActivePopup
DefWindowProcA
LoadIconA
EmptyClipboard
SetClipboardData
IsClipboardFormatAvailable
RegisterClipboardFormatA
HideCaret
IsChild
DdeDisconnect
DdeCreateStringHandleA
DdeClientTransaction
DdeFreeStringHandle
DdeUninitialize
BeginPaint
EndPaint
FrameRect
OpenClipboard
GetClipboardData
CloseClipboard
GetUpdateRect
DrawEdge
GetScrollPos
MapDialogRect
CreateWindowExA
UnpackDDElParam
DestroyCursor
CreatePopupMenu
CopyRect
ShowScrollBar
TranslateAcceleratorA
DrawMenuBar
PtInRect
GetMessageA
SetCursor
ClientToScreen
GetIconInfo
DrawIcon
SetScrollRange
SetScrollPos
EnumChildWindows
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetWindowLongA
GetSysColor
FillRect
CallWindowProcA
SetFocus
SendDlgItemMessageA
SetDlgItemInt
GetDlgItemInt
SetDlgItemTextA
GetWindowTextLengthA
GetDlgItemTextA
GetWindowTextA
SetWindowTextA
GetCapture
ClipCursor
GetCursorPos
WindowFromPoint
DispatchMessageA
TranslateMessage
PostQuitMessage
GetDesktopWindow
MoveWindow
GetSystemMetrics
PeekMessageA
SetCursorPos
ShowCursor
GetTopWindow
FindWindowA
PostThreadMessageA
GetWindowThreadProcessId
IsWindowEnabled
WaitForInputIdle
IsWindow
MessageBeep
MessageBoxA
GetWindow
GetClassNameA
GetDC
DrawTextA
ReleaseDC
InvalidateRect
SetForegroundWindow
ScreenToClient
IsWindowVisible
DeleteMenu
GetMenuItemCount
GetMenuItemID
IsMenu
GetMenuState
AppendMenuA
wsprintfA
GetAsyncKeyState
GetFocus
RegisterWindowMessageA
ReleaseCapture
SetCapture
GetKeyState
GetClientRect
PostMessageA
SetMenu
LoadMenuA
DestroyMenu
LoadAcceleratorsA
RedrawWindow
DefMDIChildProcA
CharUpperA
ValidateRect
ReuseDDElParam
RemoveMenu
ChildWindowFromPoint
InflateRect
TranslateMDISysAccel
GetParent
IsIconic
IsZoomed
SetWindowLongA
SetActiveWindow
SendMessageA
UpdateWindow
GetWindowRect
GetDlgItem
ShowWindow
KillTimer
SetTimer
EnableWindow
DefFrameProcA
LoadStringA
GetMenuCheckMarkDimensions
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
IsDialogMessageA
SystemParametersInfoA
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
GetClassInfoA
RegisterClassA
GetSubMenu
GetMenu
TrackPopupMenu
SetWindowPlacement
GetWindowPlacement
LoadCursorA
OffsetRect
SetRect
CreateDialogIndirectParamA
UnregisterClassA
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode

gdi32

EndPage
StartPage
CreateDIBitmap
AbortDoc
SelectObject
TextOutA
Escape
GetObjectA
GetTextMetricsA
BitBlt
SetAbortProc
CreateCompatibleBitmap
SetBkMode
DeleteObject
GetTextExtentPointA
GetStockObject
PatBlt
Polyline
SetPixel
Rectangle
Polygon
CreatePen
Ellipse
CreateRectRgn
Arc
CreateSolidBrush
MoveToEx
RoundRect
LineTo
GetEnhMetaFileDescriptionA
GetEnhMetaFileHeader
DeleteEnhMetaFile
GetEnhMetaFileBits
EnumEnhMetaFile
SetEnhMetaFileBits
CreatePenIndirect
GetCurrentObject
SetTextColor
PlayEnhMetaFileRecord
RestoreDC
CreateBrushIndirect
CopyEnhMetaFileA
DeleteMetaFile
SaveDC
GetMetaFileBitsEx
GetMetaFileA
SetWinMetaFileBits
GetEnhMetaFileA
CreateEnhMetaFileA
DeleteDC
CloseMetaFile
CloseEnhMetaFile
CreateMetaFileA
SetWindowOrgEx
CopyMetaFileA
SetWindowExtEx
ExtTextOutA
SetBkColor
CreateICA
StartDocA
CreateDCA
GetTextExtentPoint32A
SetTextAlign
GetCharWidthA
EndDoc
CreateFontIndirectA
GetMapMode
GetCharABCWidthsA
CreateBitmap
DPtoLP
GetTextCharacterExtra
LPtoDP
CreatePatternBrush
GetViewportOrgEx
CombineRgn
CreateRectRgnIndirect
SetRectRgn
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
SetStretchBltMode
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
IntersectClipRect
SelectClipRgn
GetCurrentPositionEx
GetWindowExtEx
GetViewportExtEx
PtVisible
StretchDIBits
GetBkColor
RectVisible
GetTextColor
GetStretchBltMode
GetNearestColor
GetTextAlign
GetBkMode
GetPolyFillMode
GetTextFaceA
GetWindowOrgEx
GetROP2
GetDeviceCaps
CreateCompatibleDC

comdlg32

PrintDlgA
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA
CommDlgExtendedError
ChooseColorA
ChooseFontA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

shell32

ExtractIconA
DragFinish
DragAcceptFiles
DragQueryFileA
SHGetFileInfoA
ShellExecuteA

comctl32

ord17
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_Add
ImageList_Destroy
ImageList_Create

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CreateILockBytesOnHGlobal
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree
CoTaskMemAlloc
CoRegisterMessageFilter
CoRevokeClassObject
CLSIDFromProgID
WriteClassStm
WriteClassStg
ReadClassStg
CLSIDFromString
OleInitialize
CoCreateInstance
StgCreateDocfile
StgIsStorageFile
StgOpenStorage
ReadClassStm

oleaut32

SysAllocStringLen
SysFreeString
OleCreateFontIndirect
VariantClear
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a345eb99854ec8b704b69ed68429749b

Headers

File Characteristics

Imports

advapi32

mpr

widge32

implode

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

comctl32

oledlg

ole32

oleaut32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 240KB - Virtual size: 240KB

.data Size: 96KB - Virtual size: 266KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 240KB - Virtual size: 240KB

.data
Size: 96KB - Virtual size: 266KB

.rsrc
Size: 3KB - Virtual size: 3KB