bae838b1491a4246f1cb5d4beb6d58ce_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bae838b1491a4246f1cb5d4beb6d58ce_JaffaCakes118
Size

2.9MB
MD5

bae838b1491a4246f1cb5d4beb6d58ce
SHA1

4f666fc2d7a7fa169fc42405ee15130b268e4892
SHA256

45e51f226dbffe1cfa2c0c28fd4724014c6fabe557b5757a63be262c36b7c63e
SHA512

9510edba51185b2bd6fdaab5a888a98c82397de737d271e0449cd7197cb64545748dc0b0460fe611bda067384dc0216c6d897e37f5f4bdec9434f35dd03a1727
SSDEEP

49152:QXpg+CMmKm4jdw1bvTF2y87aZtmWnDayaRB1:+q+fvjdw1jUuZ2T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bae838b1491a4246f1cb5d4beb6d58ce_JaffaCakes118

Files

bae838b1491a4246f1cb5d4beb6d58ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c99bb27f27803a9beacbd21ef1030bce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

iphlpapi

GetNetworkParams
GetAdaptersInfo

ws2_32

accept
ntohs
listen
bind
__WSAFDIsSet
shutdown
WSACleanup
gethostname
inet_ntoa
getprotobyname
WSAStartup
WSCUnInstallNameSpace
connect
send
recv
socket
htons
inet_addr
sendto
WSAGetLastError
select
recvfrom
WSCEnumProtocols
WSAEnumNameSpaceProvidersA
WSCDeinstallProvider
gethostbyname
closesocket
WSCGetProviderPath

kernel32

GetStringTypeExA
GetThreadLocale
ResumeThread
SetThreadPriority
SuspendThread
GlobalFlags
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
GlobalSize
RtlUnwind
RaiseException
GetTimeZoneInformation
GetStartupInfoA
GetCommandLineA
GetACP
ExitThread
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
FatalAppExitA
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
MoveFileA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
lstrcmpA
LocalFree
InterlockedDecrement
InterlockedIncrement
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GlobalLock
GlobalUnlock
lstrcpynA
SetLocalTime
ExitProcess
GetVersion
GetCurrentProcessId
DosDateTimeToFileTime
LocalFileTimeToFileTime
DeviceIoControl
lstrcatA
GetDiskFreeSpaceExA
GetLogicalDriveStringsA
GlobalMemoryStatus
lstrcmpiA
lstrcpyA
SystemTimeToFileTime
SetFileTime
lstrlenW
WideCharToMultiByte
ExpandEnvironmentStringsA
SearchPathA
GetCurrentThread
SetLastError
CreateToolhelp32Snapshot
Process32First
Process32Next
TerminateProcess
MultiByteToWideChar
SetPriorityClass
GetCurrentThreadId
CreateMutexA
GetFileTime
OpenMutexA
CreateEventA
WaitForMultipleObjectsEx
SetEvent
GetSystemTime
FormatMessageA
HeapAlloc
HeapFree
GetProcessHeap
GetExitCodeThread
TerminateThread
GetLocalTime
GetDateFormatA
GetTimeFormatA
GetModuleFileNameA
GetProfileStringA
FreeLibrary
GetProcAddress
LoadLibraryA
GetLongPathNameA
MulDiv
LockResource
SizeofResource
CreateProcessA
CreateThread
LoadResource
GetTickCount
GetPrivateProfileStructA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStructA
WritePrivateProfileStringA
GetFullPathNameA
GetDiskFreeSpaceA
GetVolumeInformationA
GetDriveTypeA
CreateDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetErrorMode
CopyFileA
lstrlenA
WaitForSingleObject
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileSize
SetFilePointer
WriteFile
RemoveDirectoryA
FindNextFileA
GetShortPathNameA
MoveFileExA
FindFirstFileA
WinExec
FindClose
GetFileAttributesA
SetFileAttributesA
DeleteFileA
GetCurrentProcess
Sleep
GetSystemDirectoryA
GetWindowsDirectoryA
GetVersionExA
ReadProcessMemory
OpenProcess
CreateFileA
GetLastError
ReadFile
CloseHandle
QueryPerformanceCounter
QueryPerformanceFrequency
GlobalAlloc
GlobalFree
FindResourceA
LCMapStringA

user32

RegisterClipboardFormatA
PostThreadMessageA
SetRectEmpty
CharNextA
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
GetMessageA
ValidateRect
LoadStringA
WindowFromPoint
CharUpperA
GetDesktopWindow
wvsprintfA
OemToCharA
CharToOemA
EndPaint
BeginPaint
GetWindowDC
ShowWindow
MoveWindow
SetWindowTextA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
EnableMenuItem
SendDlgItemMessageA
SetFocus
AdjustWindowRectEx
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
GetTopWindow
IsChild
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
RemoveMenu
SetWindowLongA
SetWindowPos
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
DrawEdge
FrameRect
InflateRect
BringWindowToTop
SetScrollPos
GetMessagePos
GetCapture
MapWindowPoints
OffsetRect
GetFocus
UpdateWindow
DrawFrameControl
CopyRect
DrawFocusRect
SystemParametersInfoA
IsWindow
ReleaseCapture
SetCapture
EqualRect
ScreenToClient
ClientToScreen
CreatePopupMenu
TrackPopupMenu
DestroyMenu
SetCursor
LoadCursorA
SetClassLongA
KillTimer
LoadMenuA
GetSubMenu
CheckMenuItem
SetForegroundWindow
IsWindowVisible
IsIconic
GetSystemMetrics
DrawIcon
GetSystemMenu
AppendMenuA
SetWindowRgn
GetThreadDesktop
OpenInputDesktop
CreateDesktopA
SetThreadDesktop
SwitchDesktop
CloseDesktop
WaitForInputIdle
FindWindowA
wsprintfA
GetKeyState
PtInRect
GetCursorPos
LoadImageA
GrayStringA
DrawTextA
TabbedTextOutA
SetRect
FillRect
GetSysColor
IsDialogMessageA
DestroyIcon
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableA
GetMenuStringA
DeleteMenu
InsertMenuA
GetWindowThreadProcessId
WaitMessage
GetSysColorBrush
GetDialogBaseUnits
UnpackDDElParam
ReuseDDElParam
SetMenu
TranslateAcceleratorA
GetWindow
LoadAcceleratorsA
ExitWindowsEx
GetClassNameA
MessageBoxA
LoadIconA
CopyImage
PostMessageA
TranslateMessage
DispatchMessageA
GetParent
InvalidateRect
SetTimer
EnableWindow
PeekMessageA
PostQuitMessage
GetDC
ReleaseDC
LockWindowUpdate
ShowScrollBar
LoadBitmapA
SendMessageA
GetWindowRect
GetClientRect
IsWindowUnicode
DefDlgProcA
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
RegisterWindowMessageA

gdi32

GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetViewportExtEx
GetWindowExtEx
ExtCreatePen
PolyBezierTo
CreatePatternBrush
CreateDIBPatternBrushPt
PatBlt
CreateRectRgnIndirect
GetTextColor
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
LPtoDP
CopyMetaFileA
CreateDCA
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
GetCurrentPositionEx
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
RestoreDC
SaveDC
StartDocA
SetTextColor
GetClipBox
GetDCOrgEx
CreateRectRgn
GetBkColor
GetCurrentObject
Rectangle
GetTextMetricsA
CreatePen
CreateFontIndirectA
StretchBlt
GetStockObject
CreateRoundRectRgn
CreateFontA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateDIBitmap
CreateCompatibleBitmap
CreateBitmap
SetBkColor
GetDeviceCaps
CreateDIBSection
SetMapMode
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetTextExtentPoint32A
GetObjectA
DeleteObject
CreateHatchBrush
GetTextExtentPointA
CreateSolidBrush

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegDeleteValueA
RegEnumValueA
RegOpenKeyA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
AddAccessAllowedAce
LookupAccountNameA
SetFileSecurityA
SetSecurityDescriptorDacl
InitializeAcl
InitializeSecurityDescriptor
RegOpenKeyExA
GetUserNameA
CopySid
GetLengthSid
GetTokenInformation
GetSidSubAuthority
RegSetValueA
QueryServiceStatus
DeleteService
RegEnumKeyA
RegSetKeySecurity
RegQueryValueA
RegDeleteKeyA
OpenThreadToken
RegNotifyChangeKeyValue
RegCloseKey
OpenSCManagerA
OpenServiceA
ControlService
CloseServiceHandle
AllocateAndInitializeSid
AddAce
FreeSid
RegGetKeySecurity
GetSidIdentifierAuthority
GetSidSubAuthorityCount

shell32

DragQueryFileA
DragFinish
DragAcceptFiles
SHEmptyRecycleBinA
Shell_NotifyIconA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetFileInfoA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA
ExtractIconExA
SHGetSpecialFolderPathA
SHFileOperationA
ExtractIconA

comctl32

_TrackMouseEvent
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_AddMasked
ord17
ImageList_Draw
ImageList_DrawEx
ImageList_DragMove
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_GetImageInfo
ord13
ord14
ImageList_Destroy
ImageList_DrawIndirect
ImageList_Duplicate
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Write
ImageList_Read

oledlg

ord8

ole32

CoCreateInstance
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
ReleaseStgMedium
CreateStreamOnHGlobal
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
OleDuplicateData
CoDisconnectObject
OleRun
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CLSIDFromString
CLSIDFromProgID
CoTreatAsClass
CoGetClassObject
CoInitialize

olepro32

ord253
ord251

oleaut32

SysReAllocStringLen
VariantChangeType
VariantCopy
SysAllocStringLen
SysFreeString
SafeArrayCreateVector
VariantClear
SysAllocString
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SysAllocStringByteLen
SysStringByteLen
VarCyFromStr
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SysStringLen
LoadTypeLi
SafeArrayAccessData
SafeArrayUnaccessData

wininet

InternetQueryOptionA
InternetGetLastResponseInfoA
GopherFindFirstFileA
InternetFindNextFileA
FtpFindFirstFileA
HttpQueryInfoA
HttpSendRequestExA
HttpEndRequestA
HttpSendRequestA
HttpAddRequestHeadersA
InternetErrorDlg
HttpOpenRequestA
GopherOpenFileA
GopherGetAttributeA
GopherCreateLocatorA
FtpGetFileA
FtpPutFileA
FtpOpenFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetGetCookieA
InternetSetCookieA
InternetCanonicalizeUrlA
InternetCrackUrlA
FindFirstUrlCacheEntryA
InternetOpenA
InternetSetStatusCallback
InternetSetOptionExA
InternetOpenUrlA
InternetCloseHandle
FindNextUrlCacheEntryA
DeleteUrlCacheEntry

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 272KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c99bb27f27803a9beacbd21ef1030bce

Headers

File Characteristics

Imports

version

iphlpapi

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 272KB - Virtual size: 270KB

.data Size: 76KB - Virtual size: 263KB

.idata Size: 24KB - Virtual size: 21KB

.rsrc Size: 2.2MB - Virtual size: 2.2MB

.reloc Size: 128KB - Virtual size: 124KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 272KB - Virtual size: 270KB

.data
Size: 76KB - Virtual size: 263KB

.idata
Size: 24KB - Virtual size: 21KB

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

.reloc
Size: 128KB - Virtual size: 124KB