b4a6864802bb5e0f8068ee3f57d30faa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b4a6864802bb5e0f8068ee3f57d30faa_JaffaCakes118
Size

548KB
MD5

b4a6864802bb5e0f8068ee3f57d30faa
SHA1

57da412df4450c20ae347be52468bf469c54c6a3
SHA256

b43b4b74d0256fe1a6aff8966044079310a04361830f36b18c5a71498c11e24b
SHA512

32c9e67eff705222f17dc7c88cddf8873eb7252391e96efaa16970e33840a4019417bfa409d5ec537c4ed6fc19c07b43416bacf66e5dd1485c828bf0de1cb437
SSDEEP

12288:RtNq6VCmFY2ShSW/SAeVJqvRLuVUgGMC5RK0:RC61RW/7eVIvRLuVUo+K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4a6864802bb5e0f8068ee3f57d30faa_JaffaCakes118

Files

b4a6864802bb5e0f8068ee3f57d30faa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ddb40f9cea858b70325986c5276d57c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

shlwapi

StrRetToStrA
PathRemoveFileSpecA
PathCompactPathA
SHDeleteKeyA

netapi32

Netbios

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

user32

DefWindowProcA
GetWindowDC
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MoveWindow
IsDialogMessageA
IsRectEmpty
GetCursorPos
GrayStringA
DrawTextA
TabbedTextOutA
SetWindowRgn
LoadMenuA
FillRect
DrawStateA
EndPaint
DrawFocusRect
GetSubMenu
TrackPopupMenuEx
ClientToScreen
WindowFromPoint
GetActiveWindow
GetNextDlgTabItem
GetWindowLongA
DestroyIcon
BeginPaint
UpdateWindow
ShowWindow
CreateWindowExA
GetMessageA
UnregisterClassA
DestroyWindow
SetWindowLongA
TrackPopupMenu
SetMenuDefaultItem
DrawEdge
GetCapture
ReleaseCapture
DestroyCursor
DestroyMenu
CopyRect
SetRectEmpty
UnionRect
InflateRect
GetSysColor
GetFocus
SetFocus
GetParent
IsIconic
DrawIcon
GetNextDlgGroupItem
LoadBitmapA
SetWindowTextA
FrameRect
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
PostThreadMessageA
RegisterClipboardFormatA
MessageBeep
CopyAcceleratorTableA
GetSysColorBrush
GetClassNameA
GetDesktopWindow
CharUpperA
LoadStringA
CharNextA
MapDialogRect
SetWindowContextHelpId
ValidateRect
MessageBoxExA
EnumDisplayDevicesA
ScreenToClient
GetClientRect
PtInRect
SetForegroundWindow
PostQuitMessage
TranslateMessage
DispatchMessageA
LoadIconA
FindWindowA
GetLastActivePopup
EnableWindow
PostMessageA
SetRect
GetDC
ReleaseDC
SetWindowPos
SystemParametersInfoA
GetSystemMetrics
IsWindow
InvalidateRect
SetCursor
OffsetRect
KillTimer
SetTimer
TrackMouseEvent
GetWindowRect
SendMessageA
LoadCursorA
RegisterWindowMessageA
wsprintfA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
AdjustWindowRectEx
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
GetWindow
BringWindowToTop
IsWindowEnabled
GetDlgItem
CreateDialogIndirectParamA
SetActiveWindow
EndDialog
GetWindowPlacement
IntersectRect

winmm

waveOutGetNumDevs
waveOutGetDevCapsA

crypt32

CryptUnprotectData

kernel32

GetModuleFileNameA
FreeLibrary
SetCurrentDirectoryA
FindFirstFileA
MoveFileA
ExitProcess
GetVersionExA
TerminateThread
GetProcAddress
SetFileAttributesA
LeaveCriticalSection
EnterCriticalSection
GetTickCount
MultiByteToWideChar
GetFileAttributesA
GetModuleHandleA
GetVersion
CreateFileA
ReadFile
SetFilePointer
GetFileSize
InitializeCriticalSection
DeleteCriticalSection
FindClose
FindNextFileA
GetShortPathNameA
MoveFileExA
ExpandEnvironmentStringsA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetLocalTime
WideCharToMultiByte
LocalFree
lstrcpynA
lstrcmpA
lstrcpyA
lstrlenA
SizeofResource
LockResource
LoadResource
FindResourceA
GlobalUnlock
LoadLibraryA
GlobalAlloc
CreateEventA
GlobalFree
WaitForSingleObject
ResetEvent
SetEvent
GetPriorityClass
FormatMessageA
GetComputerNameA
GlobalMemoryStatus
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
GetProfileStringA
QueryPerformanceCounter
QueryPerformanceFrequency
HeapFree
HeapAlloc
GetProcessHeap
WriteFile
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
SetLastError
InterlockedIncrement
InterlockedDecrement
GetCurrentThread
GetThreadLocale
DuplicateHandle
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFullPathNameA
LocalAlloc
GlobalFlags
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
GetCurrentDirectoryA
GetFileTime
SetErrorMode
RtlUnwind
CreateThread
ExitThread
GetTimeZoneInformation
GetSystemTime
GetStartupInfoA
GetCommandLineA
RaiseException
GetACP
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetSystemDirectoryA
Process32First
lstrcmpiA
OpenProcess
GetExitCodeProcess
TerminateProcess
Process32Next
DeleteFileA
GetCurrentProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateProcessA
Sleep
CreateMutexA
GetLastError
ReleaseMutex
CreateToolhelp32Snapshot
Module32First
CloseHandle
MulDiv
GlobalLock

gdi32

RectVisible
PtVisible
LPtoDP
GetMapMode
DPtoLP
GetBkColor
CreateSolidBrush
BeginPath
TextOutA
Escape
GetTextExtentPoint32A
GetTextMetricsA
StretchBlt
SelectClipRgn
CreateRectRgn
GetClipBox
SaveDC
RestoreDC
SetBkMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
MoveToEx
LineTo
GetTextExtentPointA
CreateDIBitmap
PatBlt
GetTextColor
CreatePen
GetWindowExtEx
GetViewportExtEx
PolyBezierTo
GetCurrentPositionEx
SetViewportOrgEx
EndPath
StrokeAndFillPath
PathToRegion
CombineRgn
GetPixel
CreateBitmap
SetBkColor
SetTextColor
CreateCompatibleBitmap
GetStockObject
ExtTextOutA
SelectObject
CreateDCA
DeleteDC
GetDeviceCaps
CreateFontA
CreateCompatibleDC
BitBlt
GetObjectA
CreateFontIndirectA
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyA
RegEnumValueA
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptReleaseContext

shell32

SHFileOperationA
ShellExecuteExA
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteA
SHGetSpecialFolderPathA
Shell_NotifyIconA
SHGetFileInfoA
SHGetMalloc

comctl32

ord17
_TrackMouseEvent
ImageList_Destroy
ImageList_LoadImageA

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoTaskMemFree
OleUninitialize
OleInitialize
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
CoTaskMemAlloc
CoInitialize

olepro32

ord253
ord251

oleaut32

VariantClear
VariantChangeType
SysAllocString
VariantTimeToSystemTime
SysStringLen
SysAllocStringByteLen
VariantCopy
SysAllocStringLen
SysFreeString

urlmon

URLDownloadToFileA

wininet

HttpSendRequestA
HttpOpenRequestA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
DeleteUrlCacheEntry
InternetGetConnectedState
InternetCheckConnectionA
InternetGetLastResponseInfoA
InternetConnectA

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

Sections

.text
Size: 348KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ddb40f9cea858b70325986c5276d57c

Headers

File Characteristics

Imports

iphlpapi

shlwapi

netapi32

version

user32

winmm

crypt32

kernel32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

wininet

rpcrt4

Sections

.text Size: 348KB - Virtual size: 344KB

.rdata Size: 144KB - Virtual size: 143KB

.data Size: 20KB - Virtual size: 39KB

.rsrc Size: 32KB - Virtual size: 29KB

.text
Size: 348KB - Virtual size: 344KB

.rdata
Size: 144KB - Virtual size: 143KB

.data
Size: 20KB - Virtual size: 39KB

.rsrc
Size: 32KB - Virtual size: 29KB