b67610f0182837cdb2e01592621566e5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b67610f0182837cdb2e01592621566e5_JaffaCakes118
Size

600KB
MD5

b67610f0182837cdb2e01592621566e5
SHA1

2e815e90787139ddd9862dec40eaad661566ef93
SHA256

1624d9a0e944f94c57428fe34429346747f28ff4cb01743ea2de31dc0b9421a5
SHA512

100c57bbfd9585360e219d1fe5e2c7f10559ed493d245e1bd39f3c58d16ea6f5f88f2f8f0306a36715c80bcdac0e266c24aa157ea8cee509fded7b0af62246ef
SSDEEP

12288:uGDyMIXUt/Y+gigZjCzHAbVcfnyY4SlR5:umntKPygbVcf6SX5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b67610f0182837cdb2e01592621566e5_JaffaCakes118

Files

b67610f0182837cdb2e01592621566e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

12761de909df7b3edcd16cc51efbf70e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
WritePrivateProfileStringA
GetCurrentDirectoryA
RtlUnwind
ExitThread
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
SetStdHandle
GetFileType
GetACP
TerminateProcess
HeapReAlloc
HeapSize
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
GetFileTime
GetFileSize
GetFileAttributesA
FindNextFileA
GetCurrentThread
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
lstrcmpA
SetLastError
lstrlenW
SuspendThread
SetThreadPriority
GetThreadLocale
FormatMessageA
LocalFree
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
WriteFile
ReadFile
lstrcpynA
CreateMutexA
CreateThread
DeleteFileA
SetEvent
ResetEvent
FindResourceA
LoadResource
SizeofResource
LockResource
GlobalAlloc
ResumeThread
GlobalLock
GlobalUnlock
MulDiv
GlobalFree
CreateEventA
GetTickCount
lstrcpyA
CreateFileA
GetLastError
CreateToolhelp32Snapshot
Process32First
Process32Next
WinExec
GetStdHandle
CreateProcessA
GetPrivateProfileIntA
Sleep
GetPrivateProfileStringA
GetModuleFileNameA
ReadProcessMemory
VirtualProtectEx
OpenProcess
MultiByteToWideChar
CloseHandle
GetModuleHandleA
GetProcAddress
CreateRemoteThread
WaitForSingleObject
GetExitCodeThread
LoadLibraryA
FreeLibrary
GetThreadContext
VirtualAllocEx
WriteProcessMemory
SetThreadContext
GetCurrentProcess
FlushInstructionCache
GetVersionExA

user32

ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
GetWindow
OffsetRect
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
IsIconic
DrawIcon
FillRect
GetDC
ReleaseDC
SetRect
GetSystemMenu
IsWindowVisible
ReleaseCapture
RedrawWindow
SetCapture
GetSystemMetrics
LoadImageA
PeekMessageA
TranslateMessage
DispatchMessageA
LoadMenuA
GetSubMenu
EnableWindow
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
PostMessageA
SetForegroundWindow
GetCursorPos
UpdateWindow
GetDesktopWindow
SystemParametersInfoA
SetWindowPos
DrawFocusRect
GetSysColor
IsWindow
GetFocus
InvalidateRect
GetParent
GetWindowRect
BringWindowToTop
SendMessageA
RegisterWindowMessageA
LoadIconA
GetMessagePos
AdjustWindowRectEx
SetFocus
MapWindowPoints
SendDlgItemMessageA
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
ScreenToClient
PtInRect
KillTimer
SetCursor
SetTimer
LoadBitmapA
GetClientRect
DrawIconEx
CopyRect
DrawTextA
LoadCursorA
GetMenuState
GetMenuCheckMarkDimensions
AppendMenuA
PostThreadMessageA
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
GetClassNameA
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
LoadStringA
WindowFromPoint
DestroyMenu
CharUpperA
FindWindowA
SetWindowLongA
CopyAcceleratorTableA
InflateRect
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMessageA
ValidateRect
CharNextA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
GetKeyState
GetSysColorBrush

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
PatBlt
DPtoLP
LPtoDP
SetBkMode
RestoreDC
SaveDC
GetBkColor
GetTextColor
GetClipBox
GetTextExtentPoint32A
SelectObject
DeleteDC
GetDeviceCaps
CreateFontIndirectA
StretchBlt
DeleteObject
GetObjectA
SetBoundsRect
CreateFontA
CreateSolidBrush
SetTextColor
SetBkColor
CreateCompatibleBitmap
GetStockObject
CreateCompatibleDC
CreateBitmap
CreateDIBitmap
GetTextExtentPointA
BitBlt

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCreateKeyExA

shell32

ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA

comctl32

ord17
_TrackMouseEvent
ImageList_Destroy

oledlg

ord8

ole32

OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal

olepro32

ord251
ord253

oleaut32

SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringByteLen
SysStringLen
VariantTimeToSystemTime
SysAllocString
SysAllocStringLen
VariantChangeType
VariantCopy
VariantClear
SysFreeString
LoadTypeLi

urlmon

URLDownloadToFileA

wsock32

inet_addr
WSAStartup
WSACleanup
getsockopt
send
recv
bind
ioctlsocket
connect
getsockname
ntohl
ntohs
htonl
socket
closesocket
select
sendto
recvfrom
htons
gethostname
gethostbyname

skinh

SkinH_Attach
SkinH_AdjustHSV
SkinH_DetachEx
SkinH_SetBackColor

wininet

InternetGetLastResponseInfoA
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
DeleteUrlCacheEntry

rasapi32

RasDeleteEntryA
RasEnumConnectionsA
RasHangUpA
RasEnumDevicesA
RasSetEntryPropertiesA
RasValidateEntryNameA
RasDialA
RasGetErrorStringA
RasGetConnectStatusA

suyouhook

ReleaseGlobalProxyInstance
GetGlobalProxyInstance

shlwapi

PathStripPathA

Sections

.text
Size: 308KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12761de909df7b3edcd16cc51efbf70e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

wsock32

skinh

wininet

rasapi32

suyouhook

shlwapi

Sections

.text Size: 308KB - Virtual size: 305KB

.rdata Size: 80KB - Virtual size: 76KB

.data Size: 28KB - Virtual size: 47KB

.rsrc Size: 180KB - Virtual size: 179KB

.text
Size: 308KB - Virtual size: 305KB

.rdata
Size: 80KB - Virtual size: 76KB

.data
Size: 28KB - Virtual size: 47KB

.rsrc
Size: 180KB - Virtual size: 179KB