bbf03447f022550b281e3f9b54988d6e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bbf03447f022550b281e3f9b54988d6e_JaffaCakes118
Size

292KB
MD5

bbf03447f022550b281e3f9b54988d6e
SHA1

cca76063496f447f7ba30564004009eee8f784aa
SHA256

8b92221b77997ce99e2eeabff3e18ae8f53389866b908b45d8acd7d4e3a2a7fc
SHA512

ead43d550a91cebf9846b61387a63bd7d0683ad73dbe6552faa85489d641ec4683c69593515baa1a33b137eee594ce3bdbe3aae67b08c113f32eea101c3c4132
SSDEEP

6144:1fcQLi9Yo8oWi4p3qR0LBLZdn51qdQjTBbu1Gw:1fc66YT3p3quLBjHjTlu3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbf03447f022550b281e3f9b54988d6e_JaffaCakes118

Files

bbf03447f022550b281e3f9b54988d6e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

00cc32cde425f673f5f42a33358ef38f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenA
HttpOpenRequestA
InternetConnectA
InternetCrackUrlA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile
HttpSendRequestA

ws2_32

send
closesocket
WSACleanup
recv
gethostbyname
connect
inet_addr
accept
listen
bind
WSAStartup
WSAGetLastError
htons
setsockopt
inet_ntoa
socket
sendto
select
getsockname
gethostname

kernel32

DeleteCriticalSection
GlobalHandle
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GetFileSize
LocalFileTimeToFileTime
SystemTimeToFileTime
lstrcatA
lstrcmpA
GlobalFlags
GetVersion
GetCurrentThreadId
FileTimeToSystemTime
FileTimeToLocalFileTime
GetProcessVersion
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeLibrary
GetCPInfo
GetOEMCP
TlsAlloc
GetCurrentDirectoryA
HeapFree
HeapReAlloc
HeapAlloc
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
TerminateProcess
GetCommandLineA
RaiseException
GetACP
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetExitCodeProcess
CreateProcessA
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
GetDiskFreeSpaceExA
GetTempFileNameA
GetTempPathA
GetDriveTypeA
SetVolumeLabelA
FormatMessageA
InitializeCriticalSection
GlobalLock
GlobalUnlock
SetCurrentDirectoryA
GetModuleHandleA
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
lstrcpyA
lstrlenA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
lstrcpynA
GetLastError
SetLastError
WaitForSingleObject
ReleaseMutex
CreateMutexA
FindClose
FindFirstFileA
FindNextFileA
GetFileAttributesA
SetFileAttributesA
SetFileTime
CreateFileA
GetFileTime
CloseHandle
LocalAlloc
GlobalAlloc
GlobalFree
LocalFree
CreateThread
GetCurrentProcessId
GetTickCount
SetConsoleTitleA
Sleep

user32

GetSysColorBrush
GetSysColor
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
CopyRect
GetClientRect
AdjustWindowRectEx
MapWindowPoints
PostMessageA
LoadIconA
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
PostQuitMessage
DestroyMenu
LoadCursorA
OemToCharBuffA
CharToOemBuffA
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
SetFocus
SetWindowPos
SetWindowLongA
GetDlgItem
GetFocus
SetWindowTextA
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
LoadStringA
UnhookWindowsHookEx
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
MessageBoxA
EnableWindow
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
ClientToScreen
GetSystemMetrics
CharUpperA
GetTopWindow
GetWindowTextA
wsprintfA
FindWindowA
ShowWindow
DispatchMessageA
GetWindow

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

gdi32

RealizePalette
CreateBitmap
Escape
TextOutA
RectVisible
PtVisible
ExtTextOutA
DeleteObject
DeleteDC
GetDIBits
GetObjectA
StretchBlt
SelectObject
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleDC
CreateDCA
SaveDC
RestoreDC
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

shell32

ShellExecuteA

comctl32

ord17

Sections

.text
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00cc32cde425f673f5f42a33358ef38f

Headers

File Characteristics

Imports

wininet

ws2_32

kernel32

user32

advapi32

gdi32

comdlg32

winspool.drv

shell32

comctl32

Sections

.text Size: 224KB - Virtual size: 223KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 16KB - Virtual size: 26KB

.rsrc Size: 4KB - Virtual size: 452B

.text
Size: 224KB - Virtual size: 223KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 16KB - Virtual size: 26KB

.rsrc
Size: 4KB - Virtual size: 452B