bdd9b046010c900fd529101bfc06906c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bdd9b046010c900fd529101bfc06906c_JaffaCakes118
Size

2.2MB
MD5

bdd9b046010c900fd529101bfc06906c
SHA1

9e7868e98d865b04b57b3f763b8f02422e249c98
SHA256

f3024142b33f10954db985056fea0d25260922dc0896ad60acebd3ae7d280005
SHA512

35391854bb693339c170aac66a4fd84571b7b1243cfcdb09a06118c57ff70da85131ab6add97a87c0327be556dee98c501b522e461546b94e65937758d3083bb
SSDEEP

24576:0XPtN8UtUEbJ6SImrie/UBtY8d5qbwXSUcbY08aVE8Ez2CvsWkcoH0n/V/o1ifZS:0n1h8BZcUwXU9Q4TEr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdd9b046010c900fd529101bfc06906c_JaffaCakes118

Files

bdd9b046010c900fd529101bfc06906c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6fe181bbe62283a9142f5a4d472b11e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveFileSpecA
SHAutoComplete

winmm

waveOutGetNumDevs
PlaySoundA
sndPlaySoundA
waveInStart
waveInAddBuffer
waveInPrepareHeader
waveOutPrepareHeader
waveOutOpen

kernel32

GetProfileIntA
GetProfileStringA
GetCurrentDirectoryA
CompareStringW
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetDriveTypeA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadWritePtr
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
LoadLibraryA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
HeapReAlloc
GetACP
ExitThread
TerminateProcess
GetSystemTime
GetTimeZoneInformation
HeapFree
HeapAlloc
ExitProcess
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
CompareStringA
GetTempPathA
GetPrivateProfileSectionNamesA
GetExitCodeThread
ResetEvent
GetVersionExA
GetLocalTime
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
SetErrorMode
SetFileAttributesA
SystemTimeToFileTime
LocalFileTimeToFileTime
CreateEventA
CloseHandle
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
MulDiv
SetLastError
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
SetThreadPriority
lstrcmpA
GetCurrentThread
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
FormatMessageA
WideCharToMultiByte
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
LockResource
LocalSize
GetVersion
GlobalSize
GlobalFree
InterlockedExchange
GetSystemDirectoryA
MultiByteToWideChar
FreeLibrary
FindResourceA
LoadResource
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CancelIo
GetProcAddress
TerminateThread
GetTickCount
InterlockedIncrement
InterlockedDecrement
GetQueuedCompletionStatus
CreateIoCompletionPort
GetSystemInfo
PostQueuedCompletionStatus
InitializeCriticalSection
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
CreateDirectoryA
GetLastError
MoveFileA
RemoveDirectoryA
FindFirstFileA
FindNextFileA
FindClose
lstrcpynA
LocalAlloc
LocalFree
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
SetUnhandledExceptionFilter
GetModuleFileNameA
lstrcpyA
lstrcatA
GetFileAttributesA
CreateFileA
GetFileSize
ReadFile
CopyFileA
BeginUpdateResourceA
UpdateResourceA
EndUpdateResourceA
SetFilePointer
lstrlenA
WriteFile
DeleteFileA
VirtualAlloc
VirtualFree
Sleep
CreateThread
ResumeThread
SetEvent
SetEnvironmentVariableA
WaitForSingleObject
SetHandleCount

user32

InvertRect
GetNextDlgGroupItem
CopyAcceleratorTableA
DestroyIcon
GetMenuStringA
InsertMenuA
GetSysColorBrush
EnableWindow
RegisterWindowMessageA
SetRect
PostMessageA
GetDCEx
LockWindowUpdate
RegisterClipboardFormatA
PostThreadMessageA
FindWindowA
MessageBoxA
wsprintfA
UpdateWindow
GetWindow
GetClientRect
SetCapture
LoadCursorA
SetCursor
ScreenToClient
WindowFromPoint
ClientToScreen
ReleaseCapture
GetParent
IsWindowVisible
SetWindowPos
GetDlgCtrlID
GetFocus
GetCursorPos
EnableMenuItem
GetMenuItemCount
DeleteMenu
GetSubMenu
CharNextA
LoadMenuA
OffsetRect
GetSystemMetrics
InflateRect
SendMessageA
LoadIconA
GetClassNameA
KillTimer
SetTimer
FillRect
IsRectEmpty
SetParent
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
LoadStringA
PtInRect
IsZoomed
GetMessageA
UnpackDDElParam
ReuseDDElParam
SetMenu
DestroyMenu
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
InvalidateRect
MapDialogRect
SetWindowContextHelpId
ValidateRect
ShowOwnedPopups
PostQuitMessage
CharUpperA
wvsprintfA
GetMenuCheckMarkDimensions
ModifyMenuA
SetMenuItemBitmaps
ShowWindow
MessageBeep
CheckMenuItem
AppendMenuA
GetSystemMenu
LoadImageA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
UnregisterClassA
DrawMenuBar
TranslateMDISysAccel
DefFrameProcA
ExcludeUpdateRgn
DefDlgProcA
GetClipboardFormatNameA
GetTabbedTextExtentA
SendMessageTimeoutA
IsWindowUnicode
GetWindowLongW
SetWindowLongW
DrawEdge
GetDoubleClickTime
GetWindowRgn
HideCaret
ShowCaret
IsMenu
GetMenuDefaultItem
GetMenuItemInfoA
UnionRect
SetCursorPos
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
TranslateMessage
DispatchMessageA
BringWindowToTop
SetWindowRgn
GetCursor
GetMenuStringW
LookupIconIdFromDirectoryEx
CopyIcon
CreateIconIndirect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetKeyState
GetWindowLongA
SetWindowLongA
GetClipboardData
DrawTextA
GetMenuState
ShowScrollBar
DrawIconEx
IntersectRect
GetWindowRect
CheckMenuRadioItem
GetIconInfo
SetClassLongA
DestroyCursor
LoadBitmapA
RedrawWindow
GetDesktopWindow
GetDC
ReleaseDC
GetSysColor
DrawStateA
DrawFocusRect
CreatePopupMenu
SetMenuDefaultItem
EnumChildWindows
DrawAnimatedRects
MapVirtualKeyA
WaitMessage
DrawFrameControl
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
GetKeyboardLayout
ToAsciiEx
GetKeyboardState
GetKeyboardLayoutList
IsClipboardFormatAvailable
CreateIconFromResourceEx

gdi32

CreateSolidBrush
SetBkColor
SetTextColor
ExtTextOutA
StretchDIBits
CreateDIBSection
SelectObject
DeleteObject
GetTextExtentPoint32A
CreateCompatibleDC
CreateCompatibleBitmap
GetPixel
SetPixelV
BitBlt
GetObjectA
TextOutA
SetBkMode
GetClipBox
CreateBitmap
PatBlt
CreateRectRgnIndirect
GetTextMetricsA
DeleteDC
GetCharWidthA
CreateFontA
LineTo
SetTextAlign
GetCurrentPositionEx
PolyBezierTo
GetClipRgn
CreateRectRgn
ExtSelectClipRgn
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
CreatePatternBrush
PtVisible
RectVisible
Escape
GetMapMode
SetRectRgn
CombineRgn
CreateFontIndirectA
DPtoLP
SaveDC
RestoreDC
GetStockObject
SetStretchBltMode
SetMapMode
LPtoDP
CopyMetaFileA
GetTextColor
GetBkColor
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
Polygon
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
CreateDIBitmap
GetTextExtentPointA
ExtFloodFill
ExtTextOutW
GetTextExtentPoint32W
BeginPath
CloseFigure
EndPath
StrokeAndFillPath
FillPath
StrokePath
Ellipse
GetViewportOrgEx
Polyline
PtInRegion
RoundRect
CreatePolygonRgn
GetRgnBox
ExtCreateRegion
GetBitmapBits
EnumFontFamiliesExA
GetDIBits
GetTextAlign
StretchBlt
GetCurrentObject
SetPixel
GetWindowOrgEx

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA
ChooseColorA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
SetFileSecurityA
GetFileSecurityA
RegOpenKeyExA
RegSetValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
RegEnumKeyA

shell32

DragQueryFileA
DragFinish
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetFileInfoA
Shell_NotifyIconA
SHAppBarMessage
SHGetMalloc
ord71
ShellExecuteA
ExtractIconA

comctl32

ImageList_Remove
ImageList_Draw
ImageList_GetImageInfo
ImageList_Add
ImageList_DrawEx
ImageList_GetIconSize
ImageList_GetImageCount
_TrackMouseEvent
ImageList_GetIcon
ImageList_LoadImageA
ImageList_Create
ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_ReplaceIcon

oledlg

ord1
ord8

ole32

StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
ReleaseStgMedium
CoTaskMemFree
CoTaskMemAlloc
CreateILockBytesOnHGlobal
OleInitialize
OleUninitialize
OleDuplicateData
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoFreeUnusedLibraries
CoInitialize
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
CoUninitialize

olepro32

ord253

oleaut32

VariantChangeType
SysStringByteLen
VarDateFromStr
VarBstrFromDate
SysAllocStringByteLen
SysFreeString
SysAllocStringLen
VariantTimeToSystemTime
SysStringLen
LoadTypeLi
SysAllocString
VariantCopy
VariantClear
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
OleLoadPicturePath
VariantChangeTypeEx
SafeArrayUnaccessData

ws2_32

__WSAFDIsSet
send
WSACloseEvent
WSASend
WSARecv
accept
WSAGetLastError
setsockopt
WSAIoctl
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSASocketA
WSACreateEvent
WSAEventSelect
bind
listen
socket
ioctlsocket
htons
connect
select
WSAStartup
gethostname
gethostbyname
WSACleanup
closesocket
getpeername
inet_ntoa
getsockname
ntohs
recv

pdh

PdhOpenQueryA
PdhGetFormattedCounterValue
PdhCollectQueryData
PdhAddCounterA
PdhCloseQuery

avifil32

AVIFileInit
AVIStreamSetFormat
AVIFileCreateStreamA
AVIFileOpenA
AVIStreamWrite
AVIFileRelease
AVIStreamRelease
AVIFileExit

msvfw32

DrawDibDraw
ICSeqCompressFrameEnd
ICCompressorFree
ICClose
ICOpen
ICSendMessage
ICSeqCompressFrameStart
ICDecompress
DrawDibOpen
DrawDibClose

skinh

SkinH_AttachRes
SkinH_SetAero

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 396KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6fe181bbe62283a9142f5a4d472b11e3

Headers

File Characteristics

Imports

shlwapi

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

ws2_32

pdh

avifil32

msvfw32

skinh

wininet

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 248KB - Virtual size: 245KB

.data Size: 92KB - Virtual size: 112KB

.rsrc Size: 396KB - Virtual size: 392KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 248KB - Virtual size: 245KB

.data
Size: 92KB - Virtual size: 112KB

.rsrc
Size: 396KB - Virtual size: 392KB