c90b1cb769cf8bb7fb78164619d9779f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c90b1cb769cf8bb7fb78164619d9779f_JaffaCakes118
Size

6.9MB
MD5

c90b1cb769cf8bb7fb78164619d9779f
SHA1

be778a5cdda2a7bec791019c17b4d0f80e479f2d
SHA256

d1e48dd6f085a7cc24480bc04f5c6201568cbf28d82e694e7764743560ab768c
SHA512

d16ae56cde92b9162e0f7b14c27e0175e26dd26e2e550ae1ebf38ef78134dd85f7d6a44b612d77f5fb20b3e67a365ad505cddd1748c24b7cbc5a8aadb74742fa
SSDEEP

196608:MEmd6MCuJjUyTdThSt7W0Z5YL/954FLOyomFHKnPI:OJuW4YL/954F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c90b1cb769cf8bb7fb78164619d9779f_JaffaCakes118

Files

c90b1cb769cf8bb7fb78164619d9779f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

06789667f1462a9aeae50a6d70478ded

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\NEW_SVN_YX_1126\pptProject\pptSoftware\Release\PptInstall.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

wininet

InternetReadFile
InternetConnectW
HttpSendRequestW
HttpAddRequestHeadersW
HttpQueryInfoW
HttpOpenRequestW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetOpenW
InternetCloseHandle
InternetCrackUrlW

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameW
GetModuleFileNameExW

kernel32

HeapFree
HeapAlloc
CreateThread
RaiseException
RtlUnwind
HeapReAlloc
ExitProcess
GetModuleHandleExW
AreFileApisANSI
SetStdHandle
GetFileType
HeapSize
HeapQueryInformation
GetSystemInfo
VirtualAlloc
VirtualQuery
GetStdHandle
GetProcessHeap
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetConsoleMode
ReadConsoleW
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
SetFilePointerEx
OutputDebugStringW
LCMapStringW
GetProfileIntW
WriteConsoleW
SetEnvironmentVariableA
IsDebuggerPresent
FindResourceExW
GetWindowsDirectoryW
SetUnhandledExceptionFilter
SearchPathW
GetModuleFileNameW
SizeofResource
LockResource
LoadResource
FindResourceW
GlobalAlloc
GlobalLock
GetLastError
GlobalUnlock
GlobalFree
MultiByteToWideChar
GetStartupInfoW
WaitForSingleObject
ReadFile
CloseHandle
LoadLibraryW
GetProcAddress
GetTickCount
WideCharToMultiByte
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
lstrcmpW
ReleaseMutex
FreeResource
CreateMutexW
Sleep
CreateDirectoryA
GetFileAttributesW
VirtualProtect
GetTempPathW
GetTempFileNameW
SetErrorMode
VerifyVersionInfoW
VerSetConditionMask
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GlobalGetAtomNameW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedIncrement
GetThreadLocale
lstrcmpiW
DuplicateHandle
UnlockFile
SetEndOfFile
WritePrivateProfileStringW
CopyFileW
DeleteFileW
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindNextFileW
GetCurrentProcessId
GlobalFindAtomW
GlobalAddAtomW
GetSystemDirectoryW
DecodePointer
EncodePointer
SuspendThread
SetThreadPriority
GetPrivateProfileStringW
GetPrivateProfileIntW
LoadLibraryA
GetModuleHandleA
GetVersion
OutputDebugStringA
lstrcpyW
GlobalDeleteAtom
GetCurrentThread
InterlockedExchange
lstrcmpA
LocalAlloc
LoadLibraryExW
FileTimeToLocalFileTime
SetLastError
FormatMessageW
MulDiv
LocalFree
GlobalSize
CreateSemaphoreW
ReleaseSemaphore
CreateFileA
WaitForMultipleObjects
ExitThread
CreateEventW
SetEvent
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
ResumeThread
GetCurrentThreadId
lstrlenW
GetSystemTimeAsFileTime
GetModuleHandleW
GetCurrentProcess
InterlockedDecrement
FreeLibrary
GetCommandLineW
FindClose
FindFirstFileW
GetFileSize
FileTimeToSystemTime
GetCurrentDirectoryW
SetFilePointer
InitializeCriticalSectionAndSpinCount
TerminateProcess
OpenProcess
GetVersionExW
WriteFile
CreateFileW
SetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
GetDriveTypeW
GetLogicalDriveStringsW
GetLocalTime

user32

ToUnicodeEx
RegisterClipboardFormatW
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
UpdateLayeredWindow
SendDlgItemMessageA
UnregisterClassW
GetUpdateRect
SetClassLongW
DestroyAcceleratorTable
ModifyMenuW
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
CopyIcon
GetIconInfo
GetDoubleClickTime
EnableScrollBar
LockWindowUpdate
CreatePopupMenu
BringWindowToTop
UnionRect
SetCursorPos
NotifyWinEvent
GetAsyncKeyState
IsZoomed
TrackMouseEvent
LoadImageW
DestroyIcon
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
MonitorFromPoint
SetParent
EnumDisplayMonitors
SetLayeredWindowAttributes
MessageBeep
GetNextDlgGroupItem
SetRect
InvalidateRgn
CopyAcceleratorTableW
CharNextW
KillTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
WindowFromPoint
WaitMessage
CharUpperW
IntersectRect
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
LoadMenuW
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
ShowOwnedPopups
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetLastActivePopup
GetTopWindow
GetClassNameW
GetKeyboardLayout
EqualRect
MessageBoxW
AdjustWindowRectEx
RemovePropW
FrameRect
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetMessageTime
GetMessagePos
UnhookWindowsHookEx
IsDialogMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
IsWindowEnabled
GetDlgCtrlID
CheckDlgButton
GetDlgItem
MoveWindow
CallNextHookEx
SetWindowsHookExW
ValidateRect
GetMenuState
GetMenuStringW
CharUpperBuffW
SubtractRect
GetKeyState
GetActiveWindow
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
DrawIconEx
OffsetRect
InflateRect
FillRect
DrawFocusRect
GetSysColorBrush
GetSysColor
MapWindowPoints
GetWindowRect
RedrawWindow
SetWindowRgn
DrawStateW
GetFocus
DrawFrameControl
DrawEdge
RegisterWindowMessageW
MapDialogRect
GetParent
SetWindowContextHelpId
SetWindowPos
PostQuitMessage
RemoveMenu
GetKeyboardState
MapVirtualKeyW
InvertRect
HideCaret
GetWindowRgn
DestroyCursor
CreateMenu
GetComboBoxInfo
InsertMenuW
GetMenuItemCount
GetMenuItemID
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
PostThreadMessageW
GetClassLongW
IsClipboardFormatAvailable
GetWindowThreadProcessId
IsRectEmpty
SetRectEmpty
PtInRect
CopyRect
SetCursor
ScreenToClient
SetCapture
LoadCursorW
SetFocus
InvalidateRect
GetCursorPos
ReleaseCapture
GetKeyNameTextW
SetPropW
CreateAcceleratorTableW
GetWindow
GetDesktopWindow
CallWindowProcW
IsWindow
GetPropW
IsIconic
ShowWindow
SetForegroundWindow
UpdateWindow
IsWindowVisible
EnableWindow
LoadIconW
GetSystemMenu
AppendMenuW
SendMessageW
GetWindowLongW
SetWindowLongW
GetSystemMetrics
GetClientRect
DrawIcon
SetTimer
PostMessageW
wsprintfW
DefWindowProcW
GetSubMenu

gdi32

Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
DeleteDC
ScaleWindowExtEx
CreateFontIndirectW
GetMapMode
SetRectRgn
DPtoLP
GetRgnBox
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceW
CreatePatternBrush
CreatePen
GetStockObject
DeleteObject
CreateBitmap
GetObjectW
SetTextColor
SetBkColor
GetTextMetricsW
Polyline
Polygon
CreatePolygonRgn
ExtTextOutW
PatBlt
GetTextExtentPoint32W
GetTextColor
GetBkColor
Ellipse
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn
GetDeviceCaps
CreateDCW
CopyMetaFileW
BitBlt
ScaleViewportExtEx
CreateCompatibleDC
CreateCompatibleBitmap

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
StartServiceW
InitializeSecurityDescriptor
OpenServiceW
OpenSCManagerW
CloseServiceHandle
CreateServiceW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

shell32

SHBrowseForFolderW
ShellExecuteW
SHGetSpecialFolderLocation
CommandLineToArgvW
SHGetMalloc
SHGetDesktopFolder
DragFinish
DragQueryFileW
SHGetPathFromIDListW
SHAppBarMessage
SHGetFileInfoW

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeParentBackground
DrawThemeText
IsAppThemed
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
OleDuplicateData
ReleaseStgMedium
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRegisterMessageFilter
CoRevokeClassObject
CoInitializeEx

oleaut32

VariantChangeType
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocStringLen
SysAllocString
OleCreateFontIndirect
VariantCopy
SysFreeString
VariantInit
VariantClear
VarBstrFromDate

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipDrawImageRectI
GdipSetInterpolationMode
GdiplusStartup
GdiplusShutdown
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipCreateFromHDC
GdipDeleteGraphics
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectRect
GdipDeleteBrush
GdipDeletePen
GdipCloneBrush
GdipSetImageAttributesColorMatrix
GdipSetTextRenderingHint
GdipDeleteFont
GdipSetImageAttributesWrapMode
GdipSetStringFormatAlign
GdipDeleteFontFamily
GdipCreateSolidFill
GdipGetImagePixelFormat
GdipCreateFont
GdipCreateImageAttributes
GdipDrawString
GdipCreateFontFamilyFromName
GdipSetSolidFillColor
GdipFillRectangleI
GdipCreateStringFormat
GdipCreatePen1
GdipDeleteStringFormat
GdipDrawRectangleI
GdipGetPathWorldBounds
GdipGetFontStyle
GdipGetFamily
GdipAddPathString
GdipGetFontSize
GdipDeletePath
GdipCreatePath
GdipGetImageGraphicsContext
GdipDisposeImageAttributes

iphlpapi

IcmpSendEcho
IcmpCloseHandle
IcmpCreateFile
GetAdaptersInfo
GetAdaptersAddresses

netapi32

Netbios

snmpapi

SnmpUtilOidCpy
SnmpUtilOidNCmp
SnmpUtilVarBindFree

ws2_32

gethostbyname
send
WSAStartup
closesocket
__WSAFDIsSet
socket
recv
htons
WSAGetLastError
select
connect
WSACleanup
inet_ntoa
inet_addr

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 368KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 428KB - Virtual size: 427KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06789667f1462a9aeae50a6d70478ded

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

wininet

psapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

iphlpapi

netapi32

snmpapi

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 368KB - Virtual size: 367KB

.data Size: 27KB - Virtual size: 66KB

.rsrc Size: 4.6MB - Virtual size: 4.6MB

.reloc Size: 428KB - Virtual size: 427KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 368KB - Virtual size: 367KB

.data
Size: 27KB - Virtual size: 66KB

.rsrc
Size: 4.6MB - Virtual size: 4.6MB

.reloc
Size: 428KB - Virtual size: 427KB