b3b292312642edf20c10799a7396beb4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b3b292312642edf20c10799a7396beb4_JaffaCakes118
Size

2.6MB
MD5

b3b292312642edf20c10799a7396beb4
SHA1

f2067fdf0013e4082af74490792ceccff3485cb7
SHA256

c92b708cd860fd3957c220bb5c8657a74485b2fa2dc444afa0062c5f58294149
SHA512

c85d9b435dc48f4cbb74af3904bda1eac5ee880b6d0e72ff3c256f65666a19832f55b0b5b306da248bf6b0867c36164af533a8b8848d16d907eb4d84ee1a5251
SSDEEP

49152:z2BYDgYLCnujaMULb2DJT1JRWp1N9RoHxPhLniyOyhIhAMqvI:QYDgY2Yef2TXCHoHuyOyhICpI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3b292312642edf20c10799a7396beb4_JaffaCakes118

Files

b3b292312642edf20c10799a7396beb4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e02f6df9332fe99ce17da2b92e902068

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\buildserver\1\work-tools-sc2-gm\core-repository\branches\tools-sc2-gm\downloader\release\Blizzard Downloader.pdb

Imports

wininet

InternetReadFileExA
HttpQueryInfoA
InternetSetOptionA
InternetConnectA
InternetSetStatusCallbackA
InternetOpenA
HttpSendRequestA
HttpOpenRequestA
InternetCrackUrlA
InternetSetCookieW
InternetCrackUrlW
InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetReadFile
InternetSetStatusCallbackW
InternetSetOptionW
HttpQueryInfoW
InternetReadFileExW
InternetCloseHandle
InternetGetConnectedState

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

comctl32

InitCommonControlsEx

kernel32

GetModuleHandleW
GetCurrentThreadId
DeleteFileW
GetUserDefaultLangID
CreateThread
LoadLibraryW
GetProcAddress
FreeLibrary
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetDriveTypeA
GetCurrentDirectoryA
CreateFileA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
SetStdHandle
GetConsoleMode
GetConsoleCP
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetSystemInfo
GetCurrentProcessId
GetCommandLineW
LocalFree
OpenMutexW
CreateMutexW
CreateFileW
GetLastError
CreateEventW
WaitForSingleObject
SetEvent
WriteFile
CloseHandle
GetModuleFileNameW
GetComputerNameA
GetExitCodeProcess
CreateProcessA
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
GetACP
GetFileType
SetHandleCount
HeapSize
GetStdHandle
GetCPInfo
LCMapStringW
LCMapStringA
SetConsoleCtrlHandler
ExitThread
GetFullPathNameW
HeapReAlloc
GetStartupInfoA
GetProcessHeap
HeapAlloc
HeapFree
GetCommandLineA
ExitProcess
RtlUnwind
RaiseException
UnhandledExceptionFilter
TerminateProcess
InterlockedExchange
FindResourceW
LoadResource
LockResource
SizeofResource
FreeResource
VirtualFree
VirtualAlloc
LocalAlloc
MulDiv
GlobalAlloc
GlobalFree
SetLastError
GetVersionExA
SetFileTime
SetFileAttributesW
SetEndOfFile
RemoveDirectoryW
SetFilePointer
GetShortPathNameW
GetDiskFreeSpaceExW
FlushFileBuffers
FindFirstFileW
FindNextFileW
FindClose
ReadFile
TlsSetValue
DuplicateHandle
VirtualQuery
IsDebuggerPresent
SetUnhandledExceptionFilter
GetCurrentProcess
LoadLibraryA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleHandleA
GlobalMemoryStatus
Sleep
SetThreadPriority
GetThreadPriority
TlsGetValue
TlsFree
SignalObjectAndWait
QueryPerformanceCounter
GetTickCount
GetCurrentThread
FileTimeToLocalFileTime
FileTimeToSystemTime
TlsAlloc
QueryPerformanceFrequency
GetModuleFileNameA
GetCurrentDirectoryW
GetComputerNameW
GetTempPathW
MultiByteToWideChar
WideCharToMultiByte
GetVersionExW
GetFileAttributesA
GetDiskFreeSpaceW
InterlockedDecrement
InterlockedIncrement
GetFileAttributesExW
GetFileSize
SetCurrentDirectoryW
GetFileAttributesW
CreateDirectoryW
MoveFileW
GetTempFileNameW
GetSystemTimeAsFileTime
SetThreadAffinityMask

user32

EndDialog
InvalidateRect
SetDlgItemTextW
SetWindowLongW
GetDlgItem
SetWindowTextW
ReleaseDC
GetWindowRect
GetDC
GetWindowTextLengthW
IsWindowVisible
SetTimer
ModifyMenuW
GetMenu
MoveWindow
ScreenToClient
SetFocus
LoadImageW
LoadIconW
SendMessageW
BringWindowToTop
KillTimer
GetWindowTextW
ShowWindow
GetDesktopWindow
DialogBoxParamW
MessageBoxW
FindWindowW
IsWindow
FillRect
TrackPopupMenu
PostMessageW
SetForegroundWindow
DefWindowProcW
GetWindowDC
OffsetRect
ClientToScreen
SetRect
DrawTextW
InflateRect
LoadMenuW
LoadAcceleratorsW
SetWindowsHookExW
GetMenuItemCount
GetSubMenu
IsIconic
DrawIcon
DestroyMenu
UnhookWindowsHookEx
TranslateAcceleratorW
CallNextHookEx
GetDlgCtrlID
GetClientRect
GetSystemMetrics
SetWindowPos
GetScrollInfo
CheckDlgButton
IsDlgButtonChecked
DestroyWindow
MsgWaitForMultipleObjects
CopyImage
CallWindowProcW
GetWindowLongW
TrackMouseEvent
SetWindowRgn
IsWindowEnabled
DrawIconEx
CreateWindowExW
PtInRect
IsZoomed
CreateDialogParamW
SetMenuDefaultItem
EnableMenuItem
RemoveMenu
GetSystemMenu
DestroyIcon
EndPaint
BeginPaint
DrawFocusRect
GetParent
GetFocus
SetCapture
ReleaseCapture
GetClassNameW
IsMenu
GetMenuItemID
GetMenuStringW
GetMenuItemInfoW
RemovePropW
GetPropW
SetCursor
LoadCursorW
GetCapture
SetPropW
EnumChildWindows
SystemParametersInfoW
GetWindowPlacement
SetWindowPlacement
EnableWindow
EnumWindows

gdi32

CreateFontIndirectW
GetDeviceCaps
RestoreDC
SaveDC
GetTextColor
SelectClipRgn
CreateRectRgnIndirect
GetObjectW
SetPixel
DeleteDC
CreatePolygonRgn
SelectObject
StretchBlt
CreateCompatibleBitmap
CreateCompatibleDC
SetTextColor
SetBkColor
SetBkMode
GetStockObject
LineTo
MoveToEx
DeleteObject
CreateEllipticRgn
CreatePen
Rectangle
ExcludeClipRect
CreateSolidBrush
CreateRectRgn
GetPixel
BitBlt
GetTextExtentPoint32W

comdlg32

GetSaveFileNameW

shell32

Shell_NotifyIconW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
CommandLineToArgvW
SHGetSpecialFolderPathW
ShellExecuteW

ole32

OleSetContainedObject
OleInitialize
CoInitialize
CoUninitialize
OleCreate
CoCreateInstance
CreateStreamOnHGlobal

msimg32

TransparentBlt

iphlpapi

GetTcpTable
GetAdaptersInfo

rpcrt4

UuidCreate

ws2_32

connect
sendto
inet_addr
ntohl
getpeername
getsockname
ntohs
inet_ntoa
send
WSACleanup
accept
ioctlsocket
select
WSAGetLastError
WSASetLastError
WSAStartup
setsockopt
getsockopt
socket
closesocket
__WSAFDIsSet
listen
bind
recv
gethostname
gethostbyname
htonl
htons

advapi32

RegDeleteKeyA
RegCloseKey
RegEnumKeyExW
GetUserNameW
MapGenericMask
AccessCheck
OpenThreadToken
OpenProcessToken
DuplicateToken
GetFileSecurityW
RegOpenKeyExA
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExA
RegQueryValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorW

oleaut32

SysStringLen
SysFreeString
VariantInit
SysAllocString
VariantClear
OleLoadPicture

Sections

.text
Size: 800KB - Virtual size: 799KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e02f6df9332fe99ce17da2b92e902068

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

version

comctl32

kernel32

user32

gdi32

comdlg32

shell32

ole32

msimg32

iphlpapi

rpcrt4

ws2_32

advapi32

oleaut32

Sections

.text Size: 800KB - Virtual size: 799KB

.rdata Size: 284KB - Virtual size: 280KB

.data Size: 28KB - Virtual size: 80KB

.rsrc Size: 132KB - Virtual size: 131KB

.text
Size: 800KB - Virtual size: 799KB

.rdata
Size: 284KB - Virtual size: 280KB

.data
Size: 28KB - Virtual size: 80KB

.rsrc
Size: 132KB - Virtual size: 131KB