be29c98d04c8ebe11d1d4b74fb9ca88e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

be29c98d04c8ebe11d1d4b74fb9ca88e_JaffaCakes118
Size

4.1MB
MD5

be29c98d04c8ebe11d1d4b74fb9ca88e
SHA1

d5817495a7217525f1c7e3b45da0d25669eec1bb
SHA256

7ebf3847789d6837d32dac21c12e873c609183b938936c9991bfd901609d4efb
SHA512

094c759b303fc24cda036b6e1a06b67e7cf2c4b75cc3d9ed245ed2fffed58155d1a393cd86c4df3070e3f3e79a6165ed5a475f2cdaaf1f433c8824890386fdc3
SSDEEP

98304:fI5+ZJlZ9StfvuTtoFijwKQ/wBNjZqMn3dbu3ggnSM30HI2IKprE/lgoCShby:5ZbStf25odKQYBhZqy3d0D30GQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be29c98d04c8ebe11d1d4b74fb9ca88e_JaffaCakes118

Files

be29c98d04c8ebe11d1d4b74fb9ca88e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a83289860e908fa1b5312687cb64b8f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mso9

ord1945
ord1001
ord1032
ord1045
ord2027
ord1093
ord1294
ord1292
ord832
ord1591
ord1224
ord824
ord1216
ord1417
ord1451
ord1968
ord1450
ord920
ord1038
ord1449
ord759
ord1220
ord999
ord1209
ord1039
ord1850
ord1012
ord1452
ord272
ord913
ord1831
ord656
ord1929
ord1630
ord1066
ord1437
ord1432
ord1364
ord402
ord996
ord1362
ord1231
ord1407
ord995
ord1006
ord1219
ord1028
ord1479
ord1504
ord1399
ord1470
ord1021
ord1228
ord698
ord397
ord251
ord407
ord410
ord382
ord392
ord1842
ord1259
ord1260
ord384
ord1017
ord1185
ord876
ord605
ord1610
ord504
ord748
ord1615
ord1272
ord425
ord1879
ord1325
ord424
ord670
ord663
ord556
ord427
ord356
ord335
ord555
ord719
ord479
ord850
ord1509
ord1697
ord1730
ord1459
ord657
ord776
ord627
ord962
ord379
ord779
ord630
ord629
ord800
ord560
ord490
ord632
ord1465
ord545
ord408
ord537
ord544
ord887
ord383
ord672
ord674
ord1477
ord1084
ord726
ord631
ord1629
ord1643
ord636
ord725
ord1315
ord889
ord690
ord826
ord1080
ord406
ord467
ord396
ord322
ord1515
ord1279
ord1543
ord1376
ord871
ord338
ord901
ord820
ord1202
ord1201
ord1326
ord769
ord370
ord358
ord628
ord443
ord608
ord1882
ord557
ord332
ord333
ord938
ord681
ord916
ord683
ord680
ord781
ord822
ord520
ord314
ord493
ord893
ord312
ord313
ord760
ord847
ord1709
ord851
ord1947
ord1495
ord1881
ord1225
ord803
ord743
ord947
ord1288
ord899
ord1623
ord836
ord1425
ord1177
ord1204
ord112
ord246
ord43
ord38
ord9
ord1242
ord742
ord1865
ord989
ord634
ord846
ord1261
ord746
ord387
ord747
ord552
ord473
ord1953
ord810
ord598
ord412
ord344
ord463
ord1516
ord291
ord275
ord678
ord1474
ord1604
ord1454
ord606
ord602
ord601
ord369
ord432
ord357
ord431
ord609
ord607
ord442
ord336
ord604
ord449
ord603
ord440
ord435
ord1556
ord418
ord436
ord417
ord422
ord438
ord2029
ord635
ord386
ord642
ord1696
ord1079
ord1059
ord1081
ord1041
ord122
ord640
ord583
ord1071
ord209
ord203
ord230
ord854
ord969
ord902
ord207
ord912
ord1910
ord1803
ord179
ord308
ord1654
ord1500
ord1784
ord1758
ord1779
ord1742
ord1562
ord1651
ord1657
ord1457
ord734
ord1829
ord487
ord593
ord710
ord409
ord720
ord380
ord1574
ord1557
ord2006
ord1306
ord1309
ord1308
ord1628
ord1751
ord1530
ord472
ord1756
ord869
ord872
ord1553
ord1542
ord1889
ord1885
ord1613
ord1886
ord1890
ord1486
ord1957
ord398
ord2013
ord755
ord464
ord471
ord1757
ord2008
ord1701
ord1525
ord1634
ord1759
ord880
ord986
ord981
ord1338
ord1018
ord1323
ord1880
ord1902
ord1849
ord1241
ord785
ord1778
ord799
ord1393
ord931
ord1211
ord501
ord1061
ord1088
ord1464
ord307
ord1811
ord1718
ord1196
ord1105
ord706
ord1586
ord1215
ord1089
ord1346
ord1405
ord1337
ord1766
ord1501
ord874
ord1019
ord957
ord861
ord1955
ord1820
ord2035
ord1884
ord1063
ord1247
ord1245
ord1246
ord1312
ord1512
ord1662
ord1519
ord2038
ord1560
ord1741
ord1664
ord2034
ord653
ord348
ord1897
ord1064
ord1561
ord1735
ord1736
ord1797
ord1397
ord1749
ord1750
ord1107
ord1481
ord1480
ord1786
ord1284
ord1327
ord1214
ord1752
ord732
ord1792
ord2012
ord1944
ord1659
ord1795
ord1812
ord258
ord1446
ord1291
ord1431
ord1900
ord1753
ord1693
ord1104
ord1668
ord1074
ord2028
ord787
ord1199
ord1513
ord860
ord1899
ord1906
ord1352
ord1492
ord741
ord1737
ord388
ord1485
ord351
ord1685
ord1689
ord1529
ord460
ord550
ord278
ord297
ord744
ord389
ord1565
ord1567
ord1782
ord1783
ord551
ord368
ord430
ord691
ord821
ord1091
ord1072
ord1077
ord1076
ord1328
ord1330
ord790
ord1318
ord1319
ord1345
ord1100
ord1222
ord1187
ord650
ord621
ord622
ord768
ord626
ord624
ord618
ord620
ord623
ord891
ord371
ord770
ord1184
ord1998
ord474
ord590
ord1805
ord1909
ord1426
ord508
ord837
ord1762
ord1436
ord711
ord696
ord702
ord1760
ord977
ord978
ord456
ord390
ord1656
ord797
ord415
ord1609
ord2017
ord1776
ord1456
ord1256
ord352
ord2044
ord2043
ord1206
ord374
ord1252
ord1652
ord1627
ord404
ord1545
ord673
ord661
ord1533
ord1487
ord648
ord1721

kernel32

LoadLibraryExA
OpenFile
SetStdHandle
FlushFileBuffers
GetStringTypeW
GetStringTypeA
VirtualAlloc
IsBadCodePtr
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
HeapSize
HeapAlloc
HeapReAlloc
TerminateProcess
SetUnhandledExceptionFilter
HeapFree
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
RaiseException
RtlUnwind
GetFileSize
FormatMessageA
LocalFree
Beep
LoadLibraryA
lstrlenW
CompareFileTime
IsDBCSLeadByteEx
IsValidCodePage
FileTimeToLocalFileTime
GetTimeZoneInformation
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
GetThreadLocale
GetLocaleInfoW
GetLocaleInfoA
SystemTimeToFileTime
GetSystemDefaultLCID
IsDBCSLeadByte
GetUserDefaultLCID
GetTempPathA
GetSystemInfo
InterlockedDecrement
SetThreadPriority
GetCurrentThread
TerminateThread
CreateThread
InterlockedIncrement
GetProfileStringW
GetSystemTime
GetProfileIntA
IsBadReadPtr
WideCharToMultiByte
lstrcmpiA
MultiByteToWideChar
FreeLibrary
lstrcatA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetSystemDefaultLangID
GetModuleFileNameA
GetStartupInfoW
CreateProcessW
CreateProcessA
SetFileTime
WriteFile
ReadFile
SetFilePointer
GetDiskFreeSpaceA
FindClose
SetErrorMode
SuspendThread
GetThreadContext
SetThreadContext
ResumeThread
FindResourceA
LoadResource
LockResource
SizeofResource
GetACP
lstrlenA
GetLocalTime
GetCurrentProcess
SetProcessWorkingSetSize
ResetEvent
WaitForMultipleObjects
CloseHandle
GetTickCount
lstrcpyA
GetProcAddress
GetCurrentThreadId
GlobalGetAtomNameW
GlobalDeleteAtom
SetCurrentDirectoryW
GlobalGetAtomNameA
SetCurrentDirectoryA
Sleep
GetVersion
GetCommandLineW
GetModuleFileNameW
WaitForSingleObject
GetCurrentDirectoryW
GlobalAddAtomW
GetCurrentDirectoryA
GlobalAddAtomA
SetEvent
CreateEventA
GetStartupInfoA
GetCommandLineA
GetModuleHandleA
GlobalReAlloc
GlobalAlloc
GlobalSize
GlobalFree
GlobalLock
GlobalUnlock
GlobalMemoryStatus
GetProfileStringA
GetLastError
SetLastError
MulDiv

gdi32

GetGlyphOutlineA
AbortDoc
EndPage
StartPage
SetAbortProc
GetTextExtentPoint32W
GetBkColor
GdiFlush
GetTextAlign
PlayMetaFileRecord
PlayEnhMetaFileRecord
EnumEnhMetaFile
GetClipRgn
GetObjectType
ExtCreatePen
GetCurrentObject
GetEnhMetaFileA
GetEnhMetaFileHeader
GetWinMetaFileBits
CopyEnhMetaFileA
CopyMetaFileA
DeleteEnhMetaFile
SetDIBits
EnumMetaFile
GetMetaFileBitsEx
Polygon
Polyline
CreatePalette
CreateFontA
RestoreDC
SaveDC
CreateICA
CreateDCA
CreateDIBPatternBrushPt
CreateBrushIndirect
OffsetWindowOrgEx
GetCharWidthA
SetBitmapBits
GetCurrentPositionEx
SetTextJustification
SetTextAlign
FillRgn
RoundRect
GetNearestColor
GetWindowExtEx
GetViewportExtEx
GetWindowOrgEx
CreateDIBSection
GetBkMode
SetROP2
IntersectClipRect
CloseEnhMetaFile
CreateEnhMetaFileA
ResetDCA
EndDoc
StartDocA
SetBrushOrgEx
AnimatePalette
DPtoLP
LPtoDP
GetMapMode
GetViewportOrgEx
SetRectRgn
GetOutlineTextMetricsA
GetFontData
GdiSetBatchLimit
GetTextExtentPoint32A
SetViewportExtEx
CreateDIBitmap
SetStretchBltMode
SetMetaFileBitsEx
GetTextMetricsA
GetTextFaceA
CreateCompatibleBitmap
Rectangle
CreateSolidBrush
StretchDIBits
CreateMetaFileA
SetWindowExtEx
StretchBlt
CloseMetaFile
DeleteMetaFile
EnumFontFamiliesExA
GetRasterizerCaps
SetMapMode
SetWindowOrgEx
ExtEscape
Escape
GetSystemPaletteUse
GetSystemPaletteEntries
SelectPalette
RealizePalette
UnrealizeObject
GetRgnBox
GetClipBox
GetDCOrgEx
GetDeviceCaps
CreatePatternBrush
SelectClipRgn
RectVisible
CreatePen
LineTo
MoveToEx
CreateRectRgn
OffsetRgn
CreateRectRgnIndirect
CombineRgn
SetViewportOrgEx
ExtTextOutA
SetBkColor
SetTextColor
BitBlt
CreateBitmap
CreateCompatibleDC
SelectObject
PatBlt
CreateFontIndirectA
SetBkMode
DeleteObject
GetBitmapBits
DeleteDC
GetStockObject
GetObjectA

user32

CheckDlgButton
LoadImageA
LoadIconA
DestroyMenu
DestroyIcon
LoadCursorA
GetWindowPlacement
SetForegroundWindow
ShowWindow
SetFocus
DrawMenuBar
SetMenu
GetMenu
GetWindowRect
GetClientRect
MoveWindow
EqualRect
GetWindowThreadProcessId
PtInRect
IsZoomed
DestroyWindow
IsWindowVisible
IsWindow
SetClipboardViewer
ChangeClipboardChain
ClientToScreen
GetSysColor
OffsetRect
CreateMDIWindowA
CreateMDIWindowW
GetMessageTime
SetActiveWindow
InflateRect
ValidateRect
InvalidateRect
TranslateMDISysAccel
SetCaretPos
CreateCaret
InvertRect
GetTopWindow
GetUpdateRgn
IntersectRect
InvalidateRgn
ScreenToClient
SetTimer
GetCaretBlinkTime
KillTimer
DestroyCaret
WindowFromPoint
GetCapture
SetParent
ClipCursor
DrawFrameControl
SetCursor
ReleaseDC
GetDC
SetRect
ShowCursor
RedrawWindow
MapWindowPoints
GetSystemMetrics
SystemParametersInfoA
RegisterWindowMessageA
GetDoubleClickTime
RegisterClassA
RegisterClassW
RegisterClassExA
RegisterClassExW
CreateWindowExA
CreateWindowExW
SetWindowTextA
SetWindowTextW
CreateDialogIndirectParamA
CreateDialogIndirectParamW
DefWindowProcA
DefWindowProcW
DefFrameProcA
DefFrameProcW
DefMDIChildProcA
DefMDIChildProcW
CallWindowProcA
CallWindowProcW
SendMessageW
SetWindowLongA
SetWindowLongW
GetWindowLongW
PostMessageW
GetKeyState
GetAsyncKeyState
PeekMessageA
PeekMessageW
WaitMessage
DispatchMessageA
DispatchMessageW
TranslateMessage
EndPaint
BeginPaint
UpdateWindow
SetRectEmpty
ScrollWindow
ValidateRgn
GetFocus
GetClassLongA
LoadAcceleratorsA
TranslateAcceleratorA
DestroyCursor
EnableWindow
GetWindowTextLengthA
DrawEdge
FillRect
FrameRect
LoadBitmapA
EnumWindows
IsDialogMessageA
IsDialogMessageW
IsChild
GetWindowTextA
SetWindowPos
ChildWindowFromPoint
WinHelpA
WinHelpW
GetNextDlgTabItem
ActivateKeyboardLayout
BringWindowToTop
MapDialogRect
GetDlgItem
GetWindowTextW
GetDlgCtrlID
SendDlgItemMessageA
CreateMenu
IsDlgButtonChecked
SetScrollPos
GetScrollPos
GetScrollRange
SetScrollRange
DrawIcon
DrawFocusRect
UnionRect
ScrollDC
CreateIcon
wsprintfA
CharToOemBuffA
GetForegroundWindow
RegisterClipboardFormatA
SetWindowPlacement
CopyAcceleratorTableA
GetClipboardFormatNameA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
SetClassLongA
RemoveMenu
GetMenuItemCount
IsWindowUnicode
UnregisterClassA
AttachThreadInput
HideCaret
GetCursor
GetDialogBaseUnits
IsWindowEnabled
IsIconic
SendMessageA
GetParent
GetWindowLongA
GetWindow
GetClassNameA
MessageBeep
GetCursorPos
GetActiveWindow
SetCapture
SetCursorPos
ReleaseCapture
GetDesktopWindow
FindWindowA
PostMessageA
GetKeyboardLayout
MessageBoxA

advapi32

RegOpenKeyExA
RegQueryValueA
RegOpenKeyA
RegCloseKey
RegEnumKeyA
RegQueryValueExA
RegSetValueA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyA

comctl32

ord17

ole32

RegisterDragDrop
CoCreateInstance
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CLSIDFromString
CLSIDFromProgID
CoGetMalloc
CreateFileMoniker
WriteClassStm
OleSaveToStream
CreateStreamOnHGlobal
ProgIDFromCLSID
CoIsOle1Class
StringFromCLSID
GetClassFile
ReleaseStgMedium
OleDuplicateData
OleQueryCreateFromData
OleQueryLinkFromData
CreateBindCtx
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
ReadFmtUserTypeStg
ReadClassStg
CoTreatAsClass
CoTaskMemFree
OleIsCurrentClipboard
OleRegGetUserType
CreateGenericComposite
CreateItemMoniker
OleFlushClipboard
OleSetClipboard
OleGetClipboard
OleGetIconOfClass
OleMetafilePictFromIconAndLabel
CoLockObjectExternal
RevokeDragDrop
MkParseDisplayName
OleCreateLinkFromData
OleCreateFromData
OleCreateLinkToFile
OleCreateFromFile
OleRun
OleIsRunning
OleLoad
OleRegEnumVerbs
CoGetClassObject
CoRegisterMessageFilter
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
DoDragDrop
GetHGlobalFromStream
GetHGlobalFromILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
OleGetIconOfFile
OleSetMenuDescriptor
CoFileTimeNow
CoDisconnectObject
CoRegisterClassObject
CoRevokeClassObject
OleCreateEmbeddingHelper
OleRegEnumFormatEtc
CreateDataAdviseHolder
GetRunningObjectTable
CreateOleAdviseHolder
OleRegGetMiscStatus
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
ReadClassStm
OleCreate
OleCreateLink

Exports

Exports

DllGetLCID

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a83289860e908fa1b5312687cb64b8f0

Headers

File Characteristics

Imports

mso9

kernel32

gdi32

user32

advapi32

comctl32

ole32

Exports

Exports

Sections

.text Size: 3.9MB - Virtual size: 3.9MB

.data Size: 88KB - Virtual size: 89KB

.tls Size: 4KB - Virtual size: 4KB

.rsrc Size: 84KB - Virtual size: 84KB

.text
Size: 3.9MB - Virtual size: 3.9MB

.data
Size: 88KB - Virtual size: 89KB

.tls
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 84KB - Virtual size: 84KB