b51109d85becf63192a7da984134c02b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b51109d85becf63192a7da984134c02b_JaffaCakes118
Size

288KB
MD5

b51109d85becf63192a7da984134c02b
SHA1

253e65b38bcabbf301ab63db01ec39458c9d254b
SHA256

59a75fbbe2030502c2e146cad3aefde6b9e144baa5563683902d26843211f8c3
SHA512

0413acc23936e6c20178bbac4262854cff7b4e549be733b5102ace3053003bb8799d3dbcbdb2817f3cfb1183cf5cb7ae9542b401b519d727b28b1d7bed3515bb
SSDEEP

6144:B1GaEDPtc3Gwye7sc3erv6EvTt9gZ+eBBW:uDuLN3erVb/w+yc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b51109d85becf63192a7da984134c02b_JaffaCakes118

Files

b51109d85becf63192a7da984134c02b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

085966d3df5c87590516190897c0d5f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAStartup
WSACleanup

version

GetFileVersionInfoSizeA
VerInstallFileA
VerQueryValueA
VerFindFileA
GetFileVersionInfoA

netapi32

NetGetDCName
NetApiBufferFree
NetUserModalsGet
NetUserGetLocalGroups
NetWkstaGetInfo
NetLocalGroupEnum
NetGroupEnum
NetUserEnum
NetGroupAdd
NetLocalGroupAdd
NetGroupDel
NetLocalGroupDel
NetGroupGetInfo
NetLocalGroupGetInfo
NetLocalGroupAddMember
NetUserAdd
NetUserDel
NetUserGetInfo
NetGroupAddUser

clusapi

CreateClusterResourceType
ClusterCloseEnum
OpenCluster
CloseCluster

mscomstf

FOpenInf
FSetSilent
FAddSectionFilesToCopyList

msinsstf

FDumpCopyListToFile
FInitializeInstall
TerminateInstall
ResetCopyList
LcbGetCopyListCost
GrcCopyFilesInCopyList

msshlstf

FSetBitmap
TerminateFrame
HwndFrame
InitializeFrame
HinstFrame

kernel32

GetProfileStringA
SetStdHandle
GetCurrentProcess
GetComputerNameA
MultiByteToWideChar
GetLastError
lstrcpyA
lstrlenA
CloseHandle
CreateFileA
lstrcmpA
Sleep
CreateDirectoryA
RemoveDirectoryA
SetFileAttributesA
GetFileAttributesA
GetModuleFileNameA
DeleteFileA
lstrcmpiA
GetVersion
GetTempFileNameA
GetTempPathA
WritePrivateProfileStringA
GetWindowsDirectoryA
MoveFileExA
CopyFileA
FreeEnvironmentStringsA
WaitForSingleObject
CreateProcessA
GetEnvironmentStrings
GetShortPathNameA
GetSystemDirectoryA
GetCurrentThreadId
GetDiskFreeSpaceExA
GetLocalTime
WideCharToMultiByte
GetVolumeInformationA
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcatA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
LoadResource
SizeofResource
FindResourceA
GetPrivateProfileSectionA
GetModuleHandleA
GetFullPathNameA
GetTickCount
ExitProcess
GetPrivateProfileStringA
GetVersionExA
GetDriveTypeA
GlobalMemoryStatus
GetPrivateProfileIntA
LocalFree
MoveFileA
SetErrorMode
lstrlenW
HeapFree
HeapReAlloc
HeapAlloc
GetProcessHeap
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
InterlockedIncrement
InterlockedDecrement
SetLastError
MulDiv
GetCurrentThread
lstrcpynA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
FindClose
FindFirstFileA
GlobalFlags
LocalAlloc
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
TerminateProcess
RaiseException
GetStartupInfoA
GetCommandLineA
HeapSize
GetACP
GetTimeZoneInformation
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetEnvironmentVariableW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW

user32

IsDialogMessageA
MoveWindow
EnableMenuItem
SetDlgItemTextA
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetCursorPos
ValidateRect
GetMessageA
DestroyMenu
GetClassNameA
PtInRect
GetSysColorBrush
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetDlgItem
IsWindowEnabled
WinHelpA
ScreenToClient
ChildWindowFromPoint
CreatePopupMenu
AppendMenuA
GetWindowLongA
MsgWaitForMultipleObjects
PostMessageA
DestroyWindow
PostQuitMessage
MessageBoxA
IsWindowVisible
LoadStringA
GetKeyState
DdeAccessData
DdeUnaccessData
DdeFreeDataHandle
DdeCreateDataHandle
DdeClientTransaction
DdeInitializeA
DdeCreateStringHandleA
DdeGetLastError
DdeConnect
IsIconic
DdeFreeStringHandle
DdeDisconnect
DdeUninitialize
CopyRect
SetRect
DrawEdge
CharNextA
CharUpperA
GetWindowTextA
EnumWindows
IsWindow
ReleaseCapture
LoadCursorA
SetCursor
GetActiveWindow
SetCapture
ShowWindow
SetWindowTextA
SetForegroundWindow
UpdateWindow
GetWindow
GetLastActivePopup
GetForegroundWindow
GetClientRect
GetSystemMetrics
GetWindowRect
SetWindowsHookExA
UnhookWindowsHookEx
GetDesktopWindow
SetWindowLongA
GetParent
PeekMessageA
DispatchMessageA
TranslateMessage
LoadIconA
GetFocus
wsprintfA
MessageBeep
EnableWindow
SetTimer
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
GetTopWindow
GetCapture
GetClassInfoA
SetActiveWindow
CreateDialogIndirectParamA
CharPrevA
OemToCharA
SendMessageA
InflateRect
DefDlgProcA
UnregisterClassA
ShowCaret
InvalidateRect
IsWindowUnicode
DrawFocusRect
HideCaret
ExcludeUpdateRgn

gdi32

CreateCompatibleDC
CreateDIBitmap
BitBlt
GetTextExtentPointA
PatBlt
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreatePalette
SelectPalette
SetStretchBltMode
SetDIBitsToDevice
StretchDIBits
RealizePalette
CreateRectRgn
CombineRgn
CreateSolidBrush
FillRgn
GetDeviceCaps
GetObjectA
CreateFontIndirectA

comdlg32

GetSaveFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

GetLengthSid
GetUserNameA
LookupAccountSidA
GetTokenInformation
OpenProcessToken
FreeSid
AllocateAndInitializeSid
LsaOpenPolicy
LookupPrivilegeValueA
AdjustTokenPrivileges
RegSaveKeyA
LsaAddAccountRights
LsaNtStatusToWinError
StartServiceA
OpenServiceA
QueryServiceStatus
ControlService
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
SetSecurityDescriptorDacl
SetFileSecurityA
AddAce
InitializeSecurityDescriptor
InitializeAcl
RegSetKeySecurity
RegQueryInfoKeyA
RegDeleteValueA
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegEnumKeyExA
RegCreateKeyExA
RegConnectRegistryA
LookupAccountNameA

comctl32

ord17
CreatePropertySheetPageA
PropertySheetA
DestroyPropertySheetPage

Sections

.text
Size: 240KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

085966d3df5c87590516190897c0d5f4

Headers

File Characteristics

Imports

wsock32

version

netapi32

clusapi

mscomstf

msinsstf

msshlstf

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

Sections

.text Size: 240KB - Virtual size: 236KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 20KB - Virtual size: 62KB

.text
Size: 240KB - Virtual size: 236KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 20KB - Virtual size: 62KB