c82afc3203e5a3eac586a956a0414419_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c82afc3203e5a3eac586a956a0414419_JaffaCakes118
Size

1.1MB
MD5

c82afc3203e5a3eac586a956a0414419
SHA1

d42219b347add8e5cac465652261d7e7f968ce60
SHA256

1b8280475e386b405b26d980259b7c54d44013ca1a77ed5b0d7768303655bffc
SHA512

6c3b5af5a158d8ebb0bddbdf29e6249c28dc936278d1cda7691e84e7de9b2014d3b3461f2a8f10bb8ee9b6565b77773b7d9045f27acd4a5d0a9dde117b88d694
SSDEEP

12288:PH3xc1tX9NnHW1rhf9xj27tX0UFEtdoBlFmyT6rgCtDcx08LKrwt6U3j2IFfi/+z:Phcmf9xO2tdozYgCtDcxrKrZEZFfiM6a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c82afc3203e5a3eac586a956a0414419_JaffaCakes118

Files

c82afc3203e5a3eac586a956a0414419_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab2712b274a0f38d7a088cd02a41e3fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

listen
accept
bind
htonl
closesocket
recv
send
WSACleanup
inet_ntoa
socket
recvfrom
sendto
connect
ntohs
ioctlsocket
htons
WSASetLastError
WSAGetLastError
getpeername
gethostbyname
gethostname
WSAStartup
WSAAsyncSelect

winmm

sndPlaySoundA

shlwapi

PathFileExistsA

psapi

GetProcessMemoryInfo

kernel32

GetVolumeInformationA
GetThreadLocale
FileTimeToSystemTime
FileTimeToLocalFileTime
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
GetFileAttributesA
GetFileTime
SetErrorMode
RtlUnwind
GetTimeZoneInformation
GetSystemTime
HeapFree
HeapAlloc
HeapReAlloc
GetStartupInfoA
ExitProcess
ExitThread
TerminateProcess
HeapSize
GetACP
SetStdHandle
GetFileType
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
UnhandledExceptionFilter
SetEndOfFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetProfileStringA
GlobalUnlock
GlobalLock
CloseHandle
SetProcessWorkingSetSize
OpenProcess
CreateThread
GetExitCodeThread
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileStringA
ReleaseMutex
MapViewOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
TlsAlloc
GetCurrentThread
lstrcpynA
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
SetLastError
FormatMessageA
GetTickCount
GetProfileIntA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
RaiseException
InterlockedExchange
GetVersionExA
MulDiv
GetVersion
GetEnvironmentStrings
CreateProcessA
GetPrivateProfileSectionA
CreateFileMappingA
WaitForSingleObject
CreateMutexA
CopyFileA
CreateFileA
GetLastError
CreateSemaphoreA
HeapDestroy
DeleteCriticalSection
GetTempPathA
LocalAlloc
LocalFree
GetWindowsDirectoryA
UnmapViewOfFile
GetCurrentProcessId
ExpandEnvironmentStringsA
WritePrivateProfileSectionA
WideCharToMultiByte
GlobalFree
GlobalSize
GlobalAlloc
FileTimeToDosDateTime
MoveFileA
DeleteFileA
GetCurrentDirectoryA
SetCurrentDirectoryA
lstrcmpA
GetFullPathNameA
MultiByteToWideChar
CreateDirectoryA
FindFirstFileA
FindNextFileA
SetFileAttributesA
FindClose
RemoveDirectoryA
GetFileSize
GetLocalTime
OpenFile
Sleep
lstrcmpiA
TerminateThread
WritePrivateProfileStringA
QueryPerformanceCounter
QueryPerformanceFrequency
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
FreeLibrary
GetShortPathNameA
lstrlenA
lstrlenW
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
FindResourceA
LoadResource
LockResource
SizeofResource
WriteFile
GetCurrentThreadId
GetCommandLineA
FreeEnvironmentStringsA

user32

wvsprintfA
GetWindowDC
BeginPaint
EndPaint
ValidateRect
PostQuitMessage
LoadStringA
ShowOwnedPopups
MessageBeep
SetWindowContextHelpId
MapDialogRect
CopyAcceleratorTableA
CharUpperA
DefFrameProcA
TranslateMDISysAccel
TranslateAcceleratorA
DrawMenuBar
DefMDIChildProcA
LoadAcceleratorsA
ReuseDDElParam
UnpackDDElParam
InvertRect
PostThreadMessageA
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetWindowTextLengthA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetWindowPos
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetMessageA
TranslateMessage
WaitMessage
PeekMessageA
DispatchMessageA
DrawEdge
DrawIconEx
GrayStringA
DrawTextA
TabbedTextOutA
GetSystemMenu
SetParent
GetDCEx
RedrawWindow
GetClassLongA
BeginDeferWindowPos
EndDeferWindowPos
GetSysColorBrush
wsprintfA
OffsetRect
SetFocus
InflateRect
FillRect
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
GetClassNameA
FindWindowA
BringWindowToTop
GetDC
ReleaseDC
DeleteMenu
EnumWindows
SetMenuDefaultItem
IsChild
SetPropA
GetSystemMetrics
RegisterWindowMessageA
SetMenuItemInfoA
GetNextDlgGroupItem
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LoadMenuA
ModifyMenuA
LockWindowUpdate
TrackPopupMenu
TrackPopupMenuEx
DestroyMenu
LoadImageA
SystemParametersInfoA
EqualRect
SetRect
SetWindowLongA
LoadBitmapA
LoadIconA
GetMenuItemCount
GetMenuItemInfoA
GetMenuState
GetMenuItemID
CheckMenuItem
EnableMenuItem
GetParent
UnionRect
IsRectEmpty
SetRectEmpty
GetWindowLongA
CreatePopupMenu
IsMenu
AppendMenuA
GetSubMenu
GetMenuStringA
FindWindowExA
EnumChildWindows
MapVirtualKeyA
keybd_event
ClientToScreen
WindowFromPoint
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
SendDlgItemMessageA
GetCursorPos
ScreenToClient
IsZoomed
GetFocus
KillTimer
UnregisterHotKey
RegisterHotKey
CharNextA
GetWindowRect
GetDesktopWindow
GetWindow
GetPropA
GetLastActivePopup
IsIconic
ShowWindow
SetForegroundWindow
SetMenu
UpdateWindow
SetTimer
GetWindowThreadProcessId
CopyRect
DestroyIcon
PtInRect
GetClientRect
ReleaseCapture
SetCapture
InvalidateRect
PostMessageA
GetCursor
SetCursor
LoadCursorA
GetSysColor
RegisterClipboardFormatA
GetKeyState
SendMessageA
IsWindow
IsWindowVisible
EnableWindow
MapWindowPoints
AdjustWindowRectEx
GetWindowTextA
DeferWindowPos
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
InsertMenuA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
SetBkMode
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
LPtoDP
GetTextMetricsA
GetBkColor
CopyMetaFileA
GetStockObject
RestoreDC
SaveDC
CreateRectRgnIndirect
GetCharWidthA
StretchDIBits
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetBkMode
Ellipse
CreateDIBSection
SelectObject
CreateSolidBrush
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateRectRgn
PatBlt
CreateCompatibleBitmap
GetTextColor
GetDeviceCaps
EnumFontFamiliesA
GetTextExtentPoint32A
CreateFontA
StretchBlt
DeleteDC
CreateFontIndirectA
CreateCompatibleDC
BitBlt
GetObjectA
CreatePen
GetTextExtentPointA
CreateDIBitmap
DeleteObject

comdlg32

GetOpenFileNameA
GetFileTitleA
ChooseColorA
GetSaveFileNameA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegSetValueExA
IsTextUnicode
RegDeleteKeyA
RegEnumKeyA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegDeleteValueA
RegCreateKeyA
RegQueryValueA
RegOpenKeyExA
RegOpenKeyA

shell32

SHGetFileInfoA
DragAcceptFiles
Shell_NotifyIconA
DragFinish
DragQueryFileA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteExA
SHGetMalloc
SHGetDesktopFolder
ShellExecuteA

comctl32

ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
ImageList_DragEnter
ImageList_BeginDrag
ImageList_Draw
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_GetIconSize
ord17
ImageList_Destroy
ImageList_Create
ImageList_DragShowNolock
ImageList_Duplicate

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
CoInitialize
CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoCreateInstance
CoGetClassObject
CoTaskMemFree
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
ReleaseStgMedium
OleGetClipboard
CLSIDFromProgID
CLSIDFromString
StgOpenStorageOnILockBytes
OleDuplicateData
CreateILockBytesOnHGlobal
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

olepro32

ord253

oleaut32

SysAllocStringByteLen
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
VariantChangeType
VariantCopy
VariantTimeToSystemTime
SysStringLen
SafeArrayUnaccessData
SysAllocStringLen
VariantClear
RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString

urlmon

CoInternetGetSession

wininet

FindFirstUrlCacheEntryA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetQueryOptionA
FindNextUrlCacheEntryA
DeleteUrlCacheEntry
FindCloseUrlCache
InternetSetOptionA
GetUrlCacheEntryInfoExA
GetUrlCacheEntryInfoA
InternetGetLastResponseInfoA
HttpQueryInfoA

Exports

Exports

?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B

Sections

.text
Size: 822KB - Virtual size: 821KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab2712b274a0f38d7a088cd02a41e3fc

Headers

File Characteristics

Imports

wsock32

winmm

shlwapi

psapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

wininet

Exports

Exports

Sections

.text Size: 822KB - Virtual size: 821KB

.rdata Size: 180KB - Virtual size: 180KB

.data Size: 27KB - Virtual size: 55KB

.rsrc Size: 216KB - Virtual size: 215KB

.text
Size: 822KB - Virtual size: 821KB

.rdata
Size: 180KB - Virtual size: 180KB

.data
Size: 27KB - Virtual size: 55KB

.rsrc
Size: 216KB - Virtual size: 215KB