b4599f372b4f98097836b88823bdc9ca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b4599f372b4f98097836b88823bdc9ca_JaffaCakes118
Size

1.1MB
MD5

b4599f372b4f98097836b88823bdc9ca
SHA1

01b64504b07c71df0ba4f22bd1f5121ef23ac9c4
SHA256

afb2036a61af121c4b81d42a7b83bea881b4ed54069e54117596da2a8d63af2d
SHA512

a0012a8834f7e19d6b51f2873d40ae692c323d164ca50f2867d32d6d7f3497a01ec0346093df521f4988486d523493f17f1e1d68bb0863e65d6567b47b3e1fe0
SSDEEP

24576:3/4fntNO3ILel9b/Q4e+fBPoAQDY114xAt/kMT50t/0/q:3/4fntIYLi1N/ZTb/q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4599f372b4f98097836b88823bdc9ca_JaffaCakes118

Files

b4599f372b4f98097836b88823bdc9ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

76c20400795cb0a63f4f768e9cd0a296

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Create
ord6
CreateToolbarEx
InitCommonControlsEx
ImageList_ReplaceIcon
ord17

winmm

timeKillEvent
timeGetTime
PlaySoundA
timeSetEvent

kernel32

FileTimeToSystemTime
SetErrorMode
GetModuleHandleA
ReadFile
SetFilePointer
FileTimeToLocalFileTime
MoveFileA
lstrlenA
GetLogicalDriveStringsA
GetDriveTypeA
lstrcpyA
GetComputerNameA
MulDiv
CreateEventA
DeleteCriticalSection
TlsSetValue
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateSemaphoreA
TlsGetValue
GetSystemTime
ReleaseSemaphore
SetThreadPriority
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
DuplicateHandle
TlsAlloc
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetStringTypeW
GetStringTypeA
SetEnvironmentVariableA
GetOEMCP
GetACP
GetFileTime
CompareStringA
GetCPInfo
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
InterlockedIncrement
InterlockedDecrement
GetCurrentDirectoryA
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
SetUnhandledExceptionFilter
SetLastError
TlsFree
SetHandleCount
FatalAppExitA
ExitThread
GetVersion
GetCommandLineA
GetStartupInfoA
GetLocalTime
GetTimeZoneInformation
WideCharToMultiByte
GetFileType
SetStdHandle
GetFileAttributesA
GetFullPathNameA
TerminateProcess
ExitProcess
HeapAlloc
HeapFree
RaiseException
RtlUnwind
QueryPerformanceFrequency
QueryPerformanceCounter
SearchPathA
GlobalFree
SystemTimeToFileTime
SetFileTime
FlushFileBuffers
WaitForSingleObject
CreateDirectoryA
GetTickCount
WriteConsoleA
OutputDebugStringA
WriteFile
GlobalUnlock
GlobalLock
GlobalAlloc
Beep
SetEvent
AllocConsole
GetStdHandle
CloseHandle
CreateFileA
SetEndOfFile
WritePrivateProfileStringA
FormatMessageA
GetLastError
LocalFree
ResumeThread
CreateThread
CopyFileA
GetProcAddress
FreeLibrary
GetPrivateProfileIntA
GetVersionExA
GetPrivateProfileStringA
FindNextFileA
GetSystemTimeAsFileTime
FindFirstFileA
DeleteFileA
FindClose
GetModuleFileNameA
LoadLibraryA
Sleep
GetUserDefaultLCID
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringW

user32

SetMenu
DefFrameProcA
CreateDialogParamA
SetPropA
GetSystemMetrics
IsWindowVisible
GetPropA
GetWindowThreadProcessId
CallNextHookEx
IsDlgButtonChecked
CreateAcceleratorTableA
LoadBitmapA
RegisterClassA
SetWindowRgn
GetDesktopWindow
DestroyIcon
SetWindowsHookExA
GetMenuStringA
MoveWindow
FindWindowA
CloseDesktop
EnumDesktopWindows
OpenDesktopA
GetClassNameA
GetWindowTextA
SetMenuDefaultItem
TrackPopupMenu
GetMenuItemID
GetSubMenu
PeekMessageA
EnableWindow
EndPaint
IsZoomed
GetClipboardData
GetClipboardOwner
GetKeyboardLayoutNameA
ToAscii
GetKeyboardState
GetKeyState
DefMDIChildProcA
GetWindow
GetParent
PtInRect
ScreenToClient
GetCursorPos
SetCursor
GetForegroundWindow
DrawMenuBar
GetMenu
GetFocus
ChangeClipboardChain
IsWindow
TranslateAcceleratorA
LoadStringA
TranslateMessage
DispatchMessageA
DefWindowProcA
SetScrollInfo
ScrollWindowEx
SetFocus
GetDlgItemInt
wsprintfA
SetWindowTextA
GetSystemMenu
RegisterWindowMessageA
GetScrollInfo
SendDlgItemMessageA
UnregisterHotKey
FillRect
ModifyMenuA
BeginPaint
GetMenuItemCount
GetMessageA
TranslateMDISysAccel
DestroyMenu
SendMessageA
CreateWindowExA
EnableMenuItem
RegisterClassExA
ShowWindow
SetTimer
KillTimer
MessageBoxA
LoadIconA
CheckMenuItem
LoadCursorA
LoadMenuA
RegisterHotKey
LoadImageA
GetClientRect
GetWindowRect
GetDlgItem
InvalidateRgn
AdjustWindowRectEx
ShowScrollBar
SetRect
DrawTextA
ReleaseDC
GetDC
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
RedrawWindow
InvalidateRect
IsIconic
UnhookWindowsHookEx
GetWindowLongA
GetDlgItemTextA
DestroyAcceleratorTable
SystemParametersInfoA
SetWindowPos
SetForegroundWindow
PostQuitMessage
LoadKeyboardLayoutA
PostMessageA
UpdateWindow
SetDlgItemInt
SetDlgItemTextA
DialogBoxParamA
SetClipboardViewer
DestroyWindow
SetWindowLongA
EndDialog

gdi32

CreateCompatibleBitmap
SetTextColor
CreateDIBSection
SetDIBColorTable
BitBlt
CombineRgn
CreateRectRgn
UpdateColors
ExtTextOutA
SetStretchBltMode
SetBrushOrgEx
GetClipBox
Rectangle
SetBkMode
GdiFlush
CreateSolidBrush
CreatePen
LineTo
MoveToEx
CreatePolygonRgn
CreateFontA
CreateRectRgnIndirect
SetBkColor
SelectPalette
SelectObject
RealizePalette
DeleteObject
DeleteDC
CreateFontIndirectA
GetStockObject
GetDeviceCaps
CreatePalette
StretchBlt
CreateCompatibleDC

comdlg32

CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA

advapi32

RegQueryValueExA
RegDeleteValueA
RegEnumValueA
RegQueryInfoKeyA
RegCloseKey
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegSetValueA
RegCreateKeyExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
Shell_NotifyIconA
ShellExecuteA

wsock32

shutdown
WSAAsyncSelect
listen
bind
closesocket
WSAStartup
send
accept
gethostbyname
socket
ioctlsocket
connect
WSACleanup
WSAGetLastError
select
inet_ntoa
recv
getpeername
setsockopt
htons

Sections

.text
Size: 620KB - Virtual size: 618KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 4KB - Virtual size: 394B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 392KB - Virtual size: 389KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.oli
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

76c20400795cb0a63f4f768e9cd0a296

Headers

File Characteristics

Imports

comctl32

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

wsock32

Sections

.text Size: 620KB - Virtual size: 618KB

.text1 Size: 12KB - Virtual size: 11KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 28KB - Virtual size: 54KB

.idata Size: 12KB - Virtual size: 10KB

.data1 Size: 28KB - Virtual size: 27KB

_RDATA Size: 4KB - Virtual size: 394B

.rsrc Size: 392KB - Virtual size: 389KB

.reloc Size: 32KB - Virtual size: 29KB

.oli Size: - Virtual size: 1B

.text
Size: 620KB - Virtual size: 618KB

.text1
Size: 12KB - Virtual size: 11KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 28KB - Virtual size: 54KB

.idata
Size: 12KB - Virtual size: 10KB

.data1
Size: 28KB - Virtual size: 27KB

_RDATA
Size: 4KB - Virtual size: 394B

.rsrc
Size: 392KB - Virtual size: 389KB

.reloc
Size: 32KB - Virtual size: 29KB

.oli
Size: - Virtual size: 1B