c916e80d0bc2806b3e4476b0bcb2f06f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c916e80d0bc2806b3e4476b0bcb2f06f_JaffaCakes118
Size

5.6MB
MD5

c916e80d0bc2806b3e4476b0bcb2f06f
SHA1

be8b952540b45ad8fd06841795af19e56c1c8732
SHA256

24fb8f55fa92f920d2caa99caf23ded3d05f589b817960e8dd9e8c87f26d4add
SHA512

235dcc2014c2bfb0a9e20e750686f6f108ceed00e80b2bdced8a9a783d905dffc5eb2761a9b89f77f4687c3c03e0fcdf0f913529867c966f0f54bcf0e6720060
SSDEEP

98304:hvhrgBNvh+WEBBki2Brcebr/vaRapOlbCFlTRChfP3JR+oWfcy6PLBf0hPl01M+/:hvhrgBNvh+WEBBki2Brcebr/vMaEMlTk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c916e80d0bc2806b3e4476b0bcb2f06f_JaffaCakes118

Files

c916e80d0bc2806b3e4476b0bcb2f06f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0dd344e1bd8f321f741c366405d73e45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
InitializeSecurityDescriptor
CryptReleaseContext
CryptDestroyKey
CryptEncrypt
CryptImportKey
CryptAcquireContextA
GetUserNameA
RegEnumValueA
CryptDestroyHash
CryptVerifySignatureA
CryptHashData
SetSecurityDescriptorDacl
CryptCreateHash
CryptGetHashParam
CryptDeriveKey
CryptDecrypt

dsound

DirectSoundEnumerateA
DirectSoundCreate

gdi32

CreateDIBSection
DeleteDC
CreateCompatibleDC
SelectObject
CreateFontA
SwapBuffers
GetStockObject
SetPixelFormat
ChoosePixelFormat
DeleteObject
GetTextExtentPoint32A
SetTextColor
SetBkColor
GetTextExtentPointA
TextOutA

glu32

gluPerspective
gluOrtho2D

imm32

ImmGetDefaultIMEWnd
ImmGetCompositionStringA
ImmGetCompositionWindow
ImmSetCompositionWindow
ImmGetIMEFileNameA
ImmGetOpenStatus
ImmSetOpenStatus
ImmGetConversionStatus
ImmSetConversionStatus
ImmReleaseContext
ImmGetDescriptionA
ImmGetContext

kernel32

HeapDestroy
GetEnvironmentVariableA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetOEMCP
GetACP
HeapCreate
IsBadWritePtr
IsValidLocale
GetCPInfo
FatalAppExitA
HeapSize
HeapReAlloc
TlsFree
TlsAlloc
ExitThread
TlsGetValue
TlsSetValue
GetVersion
GetStartupInfoA
GetTickCount
IsBadReadPtr
lstrlenA
GlobalUnlock
GlobalLock
OutputDebugStringA
GetCurrentThreadId
Sleep
Process32Next
Process32First
CreateToolhelp32Snapshot
GetLastError
MoveFileA
GetFileAttributesA
CreateFileA
GetCommandLineA
CloseHandle
ReadFile
GetFileSize
GetPrivateProfileStringA
GetCurrentDirectoryA
DeleteFileA
CopyFileA
SetFileAttributesA
TerminateProcess
OpenProcess
WinExec
FindClose
FindFirstFileA
GetLocalTime
SetFilePointer
WriteFile
GetSystemDirectoryA
IsValidCodePage
GetVersionExA
QueryPerformanceCounter
SetProcessAffinityMask
SetThreadPriority
SetPriorityClass
GetProcessAffinityMask
GetThreadPriority
GetPriorityClass
GetCurrentThread
GetCurrentProcess
QueryPerformanceFrequency
FreeLibrary
GetProcAddress
LoadLibraryA
GlobalMemoryStatus
ExitProcess
SetConsoleMode
GetStdHandle
AllocConsole
FreeConsole
SetConsoleTitleA
GetConsoleTitleA
SetLastError
SetConsoleCursorPosition
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
ReadConsoleOutputA
GetCurrentProcessId
GetSystemTime
GetTimeZoneInformation
RaiseException
InterlockedIncrement
InterlockedDecrement
RtlUnwind
GetThreadContext
lstrcpynA
Module32First
Module32Next
lstrcpyA
PeekNamedPipe
CreatePipe
SetStdHandle
DuplicateHandle
GetFileInformationByHandle
HeapAlloc
FindNextFileA
GetProcessHeap
HeapFree
GetTempPathA
GetTempFileNameA
LoadLibraryExA
VirtualFree
VirtualAlloc
VirtualQuery
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
VirtualProtect
GetModuleFileNameW
lstrcmpA
GetComputerNameA
ReleaseMutex
TerminateThread
CreateThread
EnterCriticalSection
LeaveCriticalSection
CreateDirectoryA
lstrcatA
GetModuleFileNameA
MoveFileExA
OpenMutexA
OpenEventA
WaitForSingleObject
CreateEventA
CreateProcessA
WaitForMultipleObjects
GetExitCodeProcess
ResetEvent
ResumeThread
CreateMutexA
GetModuleHandleA
SetEndOfFile
DeleteCriticalSection
WideCharToMultiByte
SetUnhandledExceptionFilter
InitializeCriticalSection
SetEvent
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetEnvironmentStrings
GetEnvironmentStringsW
FlushFileBuffers
IsBadCodePtr
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetConsoleCtrlHandler
GetLocaleInfoW
CreateFileMappingA
RemoveDirectoryA
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcmpiA

opengl32

wglDeleteContext
glGetString
wglCreateContext
glClearColor
glTexEnvi
glGetIntegerv
glColor3ub
glFogi
glFogf
glFogfv
glViewport
glBlendFunc
glReadPixels
glGetFloatv
glScalef
glStencilOp
glColorMask
glColor4f
glEnable
glDisable
glEnd
glVertex2f
glTexCoord2f
glColor4ub
glBegin
glColor3f
glTexImage2D
glBindTexture
glFlush
glClear
glPopMatrix
glAlphaFunc
glDepthFunc
glTranslatef
glRotatef
glLoadIdentity
glPushMatrix
glMatrixMode
glVertex3f
glNormal3f
glVertex3fv
glColor3fv
glDeleteTextures
glTexParameteri
glGenTextures
glTexEnvf
glDepthMask
glStencilFunc
wglMakeCurrent
glFrontFace
glPolygonMode

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoList

shell32

ShellExecuteA

user32

LoadIconA
LoadCursorA
RegisterClassA
BeginPaint
EndPaint
PostQuitMessage
DefWindowProcA
SetForegroundWindow
ReleaseCapture
SystemParametersInfoA
ReleaseDC
ChangeDisplaySettingsA
ShowCursor
FindWindowA
SetCursorPos
UnregisterHotKey
RegisterHotKey
GetWindowRect
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetDesktopWindow
IntersectRect
wsprintfA
SetTimer
GetSystemMetrics
GetScrollPos
IsWindowVisible
GetFocus
SetFocus
CreateWindowExA
ShowWindow
GetDC
SetWindowPos
SetWindowTextA
GetWindowTextA
GetCaretPos
GetWindowLongA
GetAsyncKeyState
SendMessageA
CallWindowProcA
OpenClipboard
GetClipboardData
CloseClipboard
SetWindowLongA
DestroyWindow
SetRect
GetActiveWindow
GetCursorPos
ScreenToClient
GetDoubleClickTime
PtInRect
OffsetRect
MessageBoxA
PostMessageA
AdjustWindowRect
IsIconic
SetScrollPos
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
UpdateWindow
EnumDisplaySettingsA
GetKeyboardLayoutNameA
GetKeyboardLayout
wvsprintfA
EnumChildWindows
RemoveMenu
DrawMenuBar
GetSystemMenu
GetClassNameA
GetWindowThreadProcessId
SetCapture
KillTimer

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wininet

HttpQueryInfoA
InternetConnectA
InternetOpenA
HttpSendRequestA
HttpOpenRequestA
InternetReadFile
InternetQueryDataAvailable
FtpOpenFileA
FtpFindFirstFileA
InternetCloseHandle

winmm

timeKillEvent
timeEndPeriod
timeGetDevCaps
timeBeginPeriod
mmioWrite
mmioOpenA
mmioDescend
mmioRead
mmioAscend
mmioClose
timeSetEvent
timeGetTime

ws2_32

connect
setsockopt
socket
shutdown
recv
closesocket
WSAStartup
WSACleanup
send
sendto
WSASend
WSAGetLastError
gethostbyname
inet_addr
htons
WSAAsyncSelect

ole32

CoUninitialize
CoCreateInstance
CoInitialize

urlmon

URLDownloadToFileA

wzaudio

wzAudioOption
wzAudioDestroy
wzAudioGetStreamOffsetRange
wzAudioPlay
wzAudioStop
wzAudioCreate

Sections

.text
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 204KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 206KB - Virtual size: 136.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: - Virtual size: 17.0MB

.as_0002
Size: 114KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: - Virtual size: 8KB

.as_0003
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0dd344e1bd8f321f741c366405d73e45

Headers

File Characteristics

Imports

advapi32

dsound

gdi32

glu32

imm32

kernel32

opengl32

setupapi

shell32

user32

version

wininet

winmm

ws2_32

ole32

urlmon

wzaudio

Sections

.text Size: 5.0MB - Virtual size: 5.0MB

.data Size: 204KB - Virtual size: 208KB

Size: 206KB - Virtual size: 136.9MB

.rsrc Size: 8KB - Virtual size: 8KB

.idata Size: 9KB - Virtual size: 12KB

.zero Size: - Virtual size: 17.0MB

.as_0002 Size: 114KB - Virtual size: 120KB

.zero Size: - Virtual size: 8KB

.as_0003 Size: 48KB - Virtual size: 48KB

.text
Size: 5.0MB - Virtual size: 5.0MB

.data
Size: 204KB - Virtual size: 208KB

.rsrc
Size: 8KB - Virtual size: 8KB

.idata
Size: 9KB - Virtual size: 12KB

.zero
Size: - Virtual size: 17.0MB

.as_0002
Size: 114KB - Virtual size: 120KB

.zero
Size: - Virtual size: 8KB

.as_0003
Size: 48KB - Virtual size: 48KB