b704dd52fc54703e7da95648a2023eba_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b704dd52fc54703e7da95648a2023eba_JaffaCakes118
Size

3.3MB
MD5

b704dd52fc54703e7da95648a2023eba
SHA1

0524664b9771aeba9010e4eb5deebfcf748d33c2
SHA256

edb0dda329368fae0cfe2f687a3d8119c31954ba5a4fee35b5ca62bbb33efc9d
SHA512

8348e6acca804e3fcfe14bb5cc5986eb7abc0f2c464b3037a8819b7b2a8df977ec8ee9859b2612f98c1161ea550e646801a68daa9eba5f72d48da412353c67ae
SSDEEP

98304:U6xuv369X1wAGSR+/871BlFG+NB9vYkZ9:vxuv369lfGS9BlU2vYkT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b704dd52fc54703e7da95648a2023eba_JaffaCakes118

Files

b704dd52fc54703e7da95648a2023eba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cda354dce2aec73533b4d9bfd346ca5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Destroy
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Remove
ImageList_LoadImageW
ImageList_SetBkColor
ImageList_Create

iphlpapi

GetAdaptersInfo
DeleteIPAddress
GetAdapterIndex

mpr

WNetEnumResourceW
WNetOpenEnumW
WNetCloseEnum

kernel32

GetCurrentThread
CreateEventW
GetOverlappedResult
lstrcmpW
FindFirstFileA
FindNextFileA
FileTimeToLocalFileTime
SetUnhandledExceptionFilter
DeleteFileA
CreateFileA
QueryPerformanceCounter
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
SetHandleCount
HeapCreate
GetTimeZoneInformation
GetOEMCP
ExitThread
GetStringTypeA
LCMapStringA
GetStdHandle
GetFileType
SetThreadPriority
ExitProcess
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetDateFormatA
GetTimeFormatA
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
FormatMessageA
GetFileTime
CreateWaitableTimerA
SetWaitableTimer
TlsSetValue
ResetEvent
TlsGetValue
TlsFree
TlsAlloc
GetThreadLocale
GetLocaleInfoA
GetACP
GetVersionExA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
ResumeThread
CreateThread
DeviceIoControl
lstrcpyW
SetEndOfFile
SetEnvironmentVariableA
GetProcessHeap
SetEvent
HeapFree
GetTickCount
WaitForSingleObject
CreateEventA
GetSystemTimeAsFileTime
LocalAlloc
GetProcAddress
WritePrivateProfileStringW
OpenProcess
GlobalFree
InterlockedExchange
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleHandleA
CompareStringA
SetProcessShutdownParameters
LocalUnlock
LocalSize
LocalLock
CompareFileTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
FindClose
SetErrorMode
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFilePointer
GetLocalTime
LockResource
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
FlushFileBuffers
ReadFile
WriteFile
GetFileSize
GetModuleFileNameA
DeleteCriticalSection
FreeLibrary
ReleaseMutex
CreateMutexA
LoadResource
SizeofResource
LocalFree
GetCommandLineW
MoveFileExW
GetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
Sleep
HeapAlloc
WaitForMultipleObjects
GetCurrentProcessId
LeaveCriticalSection
CloseHandle
EnterCriticalSection
SetLastError
FlushInstructionCache
RaiseException
CreateSemaphoreA
GetCurrentProcess
ReleaseSemaphore
DuplicateHandle
GetCurrentThreadId

user32

CreatePopupMenu
CloseDesktop
GetUserObjectInformationW
GetThreadDesktop
GetCursorInfo
SetThreadDesktop
OpenInputDesktop
EnumWindows
InvalidateRgn
ScrollWindowEx
SetScrollInfo
SetScrollPos
SetCursorPos
GetScrollInfo
CreateIconIndirect
GetSystemMenu
GetNextDlgTabItem
EndDeferWindowPos
BeginDeferWindowPos
DrawEdge
GetWindowPlacement
SetWindowPlacement
DestroyAcceleratorTable
GetMessagePos
SetRectEmpty
FlashWindow
GetDialogBaseUnits
DeferWindowPos
MapDialogRect
DrawIconEx
CreateWindowExA
GetDlgItemTextA
GetIconInfo
GetCapture
DrawFocusRect
FrameRect
IsMenu
GetWindowDC
WindowFromPoint
GetShellWindow
PostQuitMessage
RedrawWindow
ScreenToClient
SetActiveWindow
IsWindowEnabled
CreateMenu
OpenDesktopW
RegisterWindowMessageW
CharUpperW
CharLowerW
UnregisterClassA
TranslateMessage
IsWindow
ShowWindow
MoveWindow
GetWindow
GetWindowRect
MapWindowPoints
InvalidateRect
SetWindowPos
DestroyWindow
SetTimer
KillTimer
GetParent
MessageBoxA
UnhookWindowsHookEx
CallNextHookEx
GetAsyncKeyState
GetFocus
SendInput
GetKeyState
ToUnicode
GetKeyboardState
ToAscii
MessageBeep
GetClientRect
CheckMenuItem
EnableMenuItem
TrackPopupMenuEx
GetSubMenu
RemoveMenu
CheckMenuRadioItem
SetFocus
GetDC
DestroyMenu
SetWindowRgn
GetDlgCtrlID
GetDlgItem
GetDesktopWindow
BringWindowToTop
FillRect
SetForegroundWindow
UpdateWindow
OffsetRect
ShowScrollBar
SetParent
CopyRect
GetSystemMetrics
AdjustWindowRect
BeginPaint
EndPaint
InflateRect
UnionRect
SetRect
GetSysColor
DestroyIcon
IntersectRect
IsRectEmpty
EqualRect
ReleaseDC
EndDialog
BlockInput
GetActiveWindow
GetCursorPos
GetForegroundWindow
GetWindowThreadProcessId
GetGUIThreadInfo
DestroyCursor
ReleaseCapture
SetCursor
SetCapture
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ChangeClipboardChain
IsWindowVisible
ClientToScreen
PtInRect
TrackMouseEvent
SetClipboardViewer

gdi32

MaskBlt
CreatePalette
SetViewportOrgEx
SetBrushOrgEx
SelectPalette
RealizePalette
GetSystemPaletteEntries
GetDIBits
CreateDIBSection
RoundRect
PatBlt
CreatePatternBrush
SetDIBitsToDevice
SetStretchBltMode
CreateCompatibleBitmap
DPtoLP
SetPixel
Polygon
Ellipse
LineTo
MoveToEx
SetTextColor
GetDeviceCaps
SetDIBColorTable
DeleteDC
CreateCompatibleDC
BitBlt
DeleteObject
GetStockObject
SelectObject
StretchBlt
CreateRoundRectRgn
CreateRectRgn
CombineRgn
CreateSolidBrush
CreatePen
Rectangle
SetBkColor
GetPixel
CreateBitmap
SetBkMode
BeginPath
EndPath
GetObjectType
StrokeAndFillPath

advapi32

DuplicateToken
GetTokenInformation
EqualSid
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
DeregisterEventSource
ReportEventW
RegisterEventSourceW
FreeSid
AdjustTokenPrivileges
LookupPrivilegeValueW
SetTokenInformation
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
RegSetValueExA
RegEnumValueW
RegEnumKeyExA
RegEnumValueA
GetSidIdentifierAuthority
LookupAccountNameW
RegOpenKeyW
CreateProcessAsUserW
ImpersonateLoggedOnUser
RevertToSelf
SetEntriesInAclW
SetNamedSecurityInfoW
AllocateAndInitializeSid
OpenProcessToken
DuplicateTokenEx

shell32

SHAppBarMessage
ord680
ord155
DragAcceptFiles
SHGetSpecialFolderLocation
CommandLineToArgvW

ole32

ReleaseStgMedium
RevokeDragDrop
OleInitialize
RegisterDragDrop
CoTaskMemRealloc
CoInitializeSecurity
CoInitialize
StringFromGUID2
CoCreateGuid
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoTaskMemAlloc

oleaut32

SysAllocString
SysFreeString
SafeArrayGetElement
VariantCopy
VariantClear
SafeArrayGetDim
VarUI4FromStr
VariantInit
VariantChangeType

shlwapi

PathRemoveFileSpecW
PathCompactPathW

wsock32

inet_addr
gethostbyname
inet_ntoa
gethostname
bind
listen
accept
connect
getsockname
getpeername
send
__WSAFDIsSet
recvfrom
select
recv
htons
sendto
socket
setsockopt
ntohs
WSAGetLastError
htonl
WSAStartup
WSACleanup
ioctlsocket
shutdown
closesocket

wininet

HttpEndRequestA
InternetQueryOptionW
InternetSetOptionW
InternetOpenW
HttpSendRequestA
InternetGoOnlineA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestExA
InternetWriteFile
InternetCloseHandle
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetErrorDlg
HttpQueryInfoW
HttpQueryInfoA
InternetReadFile

crypt32

CertGetNameStringW
CertGetNameStringA
CertFreeCertificateContext
CryptVerifyMessageSignature

imagehlp

ImageGetCertificateData
ImageGetCertificateHeader
ImageEnumerateCertificates

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 607KB - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 480KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cda354dce2aec73533b4d9bfd346ca5d

Headers

File Characteristics

Imports

comctl32

iphlpapi

mpr

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

wsock32

wininet

crypt32

imagehlp

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 607KB - Virtual size: 608KB

.data Size: 81KB - Virtual size: 480KB

.rsrc Size: 116KB - Virtual size: 120KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 607KB - Virtual size: 608KB

.data
Size: 81KB - Virtual size: 480KB

.rsrc
Size: 116KB - Virtual size: 120KB