bb13489ec2458694e1e190d088542380_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb13489ec2458694e1e190d088542380_JaffaCakes118
Size

536KB
MD5

bb13489ec2458694e1e190d088542380
SHA1

3bb0bbaac88e43d9c7c3f2422da7278974838ae4
SHA256

306ed2951abe861d91b76fd00e1dc8aaf342fbfb646009e3752cf753279503d2
SHA512

0dedae431429693b70e3ac48f8cf8e1a5c65b5ea368c8caa4243ec31debd93eb84019c176e0608180be52b0eab79471e02b7ff0fb323f6da71a8550d33d4a055
SSDEEP

12288:32haJLmPuQO/yAE8ZDPQFRWZWoDDm2MpRbg:32haZGuQO/1E8lPQFAhvnUbg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb13489ec2458694e1e190d088542380_JaffaCakes118

Files

bb13489ec2458694e1e190d088542380_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ad1765833355f198bd26c510da35575f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
keybd_event
mouse_event
SetCursorPos
GetWindowThreadProcessId
FindWindowA
SendMessageTimeoutA
EnumDisplaySettingsA
ChangeDisplaySettingsA
UpdateWindow
ShowWindow
IsRectEmpty
FindWindowExA
EnumWindows
IsWindowVisible
GetParent
WindowFromPoint
PostQuitMessage
PostMessageA
EnableWindow
IsWindowEnabled
GetLastActivePopup
SetWindowsHookExA
CallNextHookEx
GetKeyState
GetActiveWindow
GetNextDlgTabItem
GetFocus
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
ClientToScreen
TabbedTextOutA
DrawTextA
GrayStringA
UnhookWindowsHookEx
CharUpperA
GetSysColorBrush
LoadCursorA
GetClassNameA
MapWindowPoints
GetSysColor
AdjustWindowRectEx
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemID
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
IsIconic
GetWindowPlacement
SetFocus
IsDialogMessageA
IsWindow
GetDesktopWindow
SetCapture
GetSystemMetrics
LoadImageA
VkKeyScanExA
GetKeyboardLayout
SendDlgItemMessageA
GetMenuItemCount
GetDlgCtrlID
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
MessageBoxA
UpdateLayeredWindow
FillRect
ReleaseDC
GetDC
SetWindowLongA
GetWindowLongA
IsDlgButtonChecked
CheckDlgButton
GetWindowTextA
LoadStringA
SetActiveWindow
UnregisterClassA
CreateDialogIndirectParamA
LoadBitmapA
DestroyWindow
LoadMenuA
LoadIconA
GetKeyboardState
GetDlgItem
SetWindowTextA
TrackPopupMenu
CheckMenuItem
GetSubMenu
EnableMenuItem
EndDialog
DestroyMenu
KillTimer
PtInRect
GetCursorPos
RegisterHotKey
UnregisterHotKey
SetTimer
SetWindowPos
GetWindowRect
SendMessageA
ReleaseCapture
SystemParametersInfoA
DialogBoxParamA
GetWindow

kernel32

WriteFile
WritePrivateProfileStringA
GetTickCount
GetCommandLineA
LCMapStringA
Process32Next
Process32First
DeleteFileA
CreateFileA
ReadFile
CloseHandle
GetPrivateProfileStringA
GetModuleFileNameA
IsBadReadPtr
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
GetProcessHeap
CreateToolhelp32Snapshot
GlobalSize
lstrcpyA
LoadLibraryExA
FindClose
FindNextFileA
RemoveDirectoryA
SetFileAttributesA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceA
EnumResourceNamesA
FreeLibrary
LoadLibraryA
MultiByteToWideChar
LocalFree
LocalAlloc
lstrcmpiA
lstrlenA
GetModuleHandleA
SetFilePointer
GetLocaleInfoA
GetSystemDefaultLangID
GetTimeZoneInformation
DeviceIoControl
GetVersion
GetVersionExA
GetProcAddress
GetCurrentProcess
QueryPerformanceCounter
QueryPerformanceFrequency
TlsFree
UnhandledExceptionFilter
GetFileSize
GetFileAttributesA
FindFirstFileA
GetLastError
GetVolumeInformationA
GetDriveTypeA
TerminateProcess
InterlockedExchange
OpenProcess
Module32Next
Module32First
GlobalMemoryStatus
GetTempPathA
GetWindowsDirectoryA
Sleep
CopyFileA
GetSystemDirectoryA
CreateDirectoryA
GetProfileStringA
SetLastError
WriteProfileStringA
lstrcatA
WinExec
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
GetCurrentThreadId
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
IsBadCodePtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
LCMapStringW
GetStringTypeW
GetStringTypeA
MulDiv
GetACP
HeapSize
GetLocalTime
GetSystemTime
RaiseException
RtlUnwind
GetOEMCP
GetCPInfo
FileTimeToLocalFileTime
FileTimeToSystemTime
GetProcessVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetCurrentDirectoryA
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
GetFileTime
GetFullPathNameA
lstrcpynA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
GlobalDeleteAtom
VerLanguageNameA
lstrcmpA

shlwapi

PathFileExistsA
PathAppendA
SHDeleteKeyA
SHDeleteValueA

gdi32

ExtTextOutA
TextOutA
RectVisible
PtVisible
GetClipBox
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
SelectPalette
RealizePalette
GetDIBits
CreateDCA
CreateCompatibleBitmap
GetPixel
GetDeviceCaps
RemoveFontResourceA
AddFontResourceA
EnumFontFamiliesExA
Escape
GetStockObject
GetObjectA
BitBlt
DeleteDC
DeleteObject
CreateSolidBrush
SelectObject
SetWindowExtEx
CreateDIBSection
CreateCompatibleDC

comdlg32

GetOpenFileNameA
PrintDlgA
GetFileTitleA

shell32

DragQueryFileA
SHEmptyRecycleBinA
SHChangeNotify
DragAcceptFiles
ShellExecuteA
SHGetSpecialFolderPathA
DragFinish

ole32

CoCreateInstance
CoCreateGuid
CreateStreamOnHGlobal
CoUninitialize
CoInitialize

gdiplus

GdipCreatePath
GdipDrawImageRect
GdipGraphicsClear
GdipDeleteGraphics
GdipDeleteFontFamily
GdipDeletePen
GdipDeleteBrush
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateSolidFill
GdipSetPenLineJoin
GdipCreatePen1
GdipCreateFontFamilyFromName
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdipDisposeImage
GdipLoadImageFromFile
GdipGetImageHeight
GdipGetImageWidth
GdipLoadImageFromStream
GdiplusStartup
GdipAddPathString
GdipDrawPath
GdipFillPath
GdipDeletePath
GdipDrawImageRectRect
GdipSetImageAttributesColorMatrix

iphlpapi

GetAdaptersInfo
SendARP

mpr

WNetCloseEnum
WNetEnumResourceA
WNetOpenEnumA
WNetAddConnection2A
WNetCancelConnection2A

winmm

mciSendStringA
waveOutGetNumDevs
waveOutGetDevCapsA

ws2_32

sendto
htons
WSACleanup
closesocket
connect
inet_ntoa
gethostname
gethostbyname
inet_addr
socket
WSAStartup
gethostbyaddr

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

winspool.drv

EnumPrintersA
GetPrinterA
DocumentPropertiesA
ClosePrinter
OpenPrinterA
SetPrinterA

advapi32

SetSecurityDescriptorDacl
RegCloseKey
RegCreateKeyA
RegDeleteKeyA
RegDeleteValueA
GetUserNameA
RegCreateKeyExA
RegSetValueExA
RegGetKeySecurity
AllocateAndInitializeSid
FreeSid
InitializeAcl
AddAce
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
OpenProcessToken
GetTokenInformation
GetLengthSid
CopySid
RegOpenKeyExA
RegSetKeySecurity
RegQueryInfoKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA
InitializeSecurityDescriptor

comctl32

ord17

wininet

InternetOpenA
InternetGetConnectedState
DeleteUrlCacheEntry
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
InternetCloseHandle
InternetOpenUrlA

Sections

.text
Size: 296KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ad1765833355f198bd26c510da35575f

Headers

File Characteristics

Imports

user32

kernel32

shlwapi

gdi32

comdlg32

shell32

ole32

gdiplus

iphlpapi

mpr

winmm

ws2_32

version

winspool.drv

advapi32

comctl32

wininet

Sections

.text Size: 296KB - Virtual size: 293KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 164KB - Virtual size: 230KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 296KB - Virtual size: 293KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 164KB - Virtual size: 230KB

.rsrc
Size: 28KB - Virtual size: 27KB