c9700467db559d1214664777088e9575_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c9700467db559d1214664777088e9575_JaffaCakes118
Size

39KB
MD5

c9700467db559d1214664777088e9575
SHA1

2571237035887d02ba544aac0c659371a1e2a6bb
SHA256

cd5cbea13db4a483395b6a64246d635f5a3a91dfd4bbf8bdb3124bf7b63766b6
SHA512

74901dde1e75f580d2ac8a4718daaf1a6f6696963d7ac8e6017e688344907f7c14580dbecf2c57c542c7b877ab4b24414ec8de86a13242210903f73e67d7edb7
SSDEEP

768:bJOJzNU3XsE4b5z3TmXieYedDec67t3xCk0n9Z/6umDB3gnRAs5WXQU:VOJx8WdbTmSeYedDec67pxCk09Z/6uaF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9700467db559d1214664777088e9575_JaffaCakes118

Files

c9700467db559d1214664777088e9575_JaffaCakes118
.exe windows:4 windows x86 arch:x86

12a0731b18dc648b4430b164d8782523

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtCreateKey

ws2_32

WSAGetLastError

user32

DrawEdge
SystemParametersInfoW
GetWindow
GetTabbedTextExtentA
SetForegroundWindow
SendDlgItemMessageW
UpdateWindow
GetSysColor
GetScrollPos
IsWindowEnabled
GetMenuCheckMarkDimensions
GetForegroundWindow
wvsprintfW
GetKeyState
GetCapture
TrackPopupMenu
GetDialogBaseUnits
EnumChildWindows
GetPropW
SetWindowLongW
SetPropW
GetMenuItemCount
GetMessagePos
CreateDialogIndirectParamW
PtInRect
InSendMessage
PostThreadMessageW
EndPaint
DeleteMenu
GetScrollInfo
GetNextDlgGroupItem
GetLastActivePopup
SetParent
TranslateAcceleratorW
GetCursorPos
GetSubMenu
GetMenuItemID
RedrawWindow
EndDialog
GetNextDlgTabItem
UnhookWindowsHookEx
LoadBitmapW
SetTimer
RemoveMenu
SetCapture
GetMessageW
SetRectEmpty
GetWindowTextW
InvalidateRect
RegisterWindowMessageW
LoadMenuW
DefWindowProcW
MapDialogRect
GetDlgItemInt
ScrollWindowEx
ReleaseCapture
MessageBoxA
IsWindow
DefMDIChildProcW
InflateRect
CopyRect
GetMenuStringW
LoadStringW
GetTopWindow
DestroyIcon
DispatchMessageW
DestroyCursor
FrameRect
GetWindowRect
BeginPaint
PeekMessageW
WaitMessage
ClientToScreen
CallNextHookEx
IsIconic
InsertMenuW
IsZoomed
IntersectRect
SetCursorPos
wsprintfW
EndDeferWindowPos
ReuseDDElParam
GetWindowTextLengthW
LoadIconW
LoadAcceleratorsW
SetFocus
DrawMenuBar
GetClientRect
SetWindowPos
GetDC
DrawFocusRect
ShowScrollBar
GetActiveWindow
SetWindowsHookExW
SetMenuItemBitmaps
GetFocus
CharUpperW
RemovePropW
SetMenu
UnpackDDElParam
IsClipboardFormatAvailable
GetClassNameW
GetSystemMetrics
TranslateMessage
RegisterClassW
MsgWaitForMultipleObjects
AppendMenuW
GetDlgCtrlID
SendDlgItemMessageA
TabbedTextOutW
SetScrollInfo
WindowFromPoint
UnregisterClassW
IsDlgButtonChecked
MapWindowPoints
GetParent
FillRect
OffsetRect
IsDialogMessageW
GetSystemMenu
WindowFromDC
PostMessageW
DefFrameProcW
ClipCursor
IsChild
RegisterClipboardFormatW
GetTabbedTextExtentW
ShowOwnedPopups
EnableMenuItem
GetWindowThreadProcessId
ReleaseDC
SystemParametersInfoA
DestroyWindow
GetMenuState
CheckRadioButton
GetWindowDC
MoveWindow
SetWindowTextW
SetScrollPos
InvalidateRgn
LockWindowUpdate
ShowWindow
DestroyMenu
SetWindowPlacement
GetScrollRange
GetWindowPlacement
CreateMenu
SetCursor
SetActiveWindow
ScreenToClient
ScrollWindow
GetDlgItem
GetAsyncKeyState
GetWindowLongW
SendMessageW
LoadCursorW
SetWindowContextHelpId
UnionRect
MessageBoxW
DeferWindowPos
CopyAcceleratorTableW
ValidateRect
CountClipboardFormats
CheckDlgButton
WinHelpW
GetSysColorBrush
CharNextW
BringWindowToTop
DrawTextW
GetDCEx
GetMessageTime
SetRect
IsWindowVisible
SetScrollRange
GetDlgItemTextW
CallWindowProcW
IsRectEmpty
SetDlgItemInt
MessageBeep
KillTimer
GetClassInfoW
CreateWindowExW
GetDesktopWindow
SetDlgItemTextW
AdjustWindowRectEx
EnableWindow
TranslateMDISysAccel
PostQuitMessage
BeginDeferWindowPos
ModifyMenuW
FindWindowW
GetMenu
InvertRect
CheckMenuItem
EqualRect
GrayStringW

wininet

InternetCrackUrlW
HttpAddRequestHeadersW
HttpSendRequestW
InternetOpenUrlW
InternetErrorDlg
GopherOpenFileW
InternetCanonicalizeUrlW
HttpOpenRequestW
FtpRemoveDirectoryW
InternetReadFile
FtpOpenFileW
InternetSetFilePointer
FtpPutFileW
HttpQueryInfoW
InternetOpenW
InternetFindNextFileW
InternetCloseHandle
InternetWriteFile
InternetSetOptionExW
FtpGetFileW
InternetSetCookieW
GopherGetAttributeW
GopherCreateLocatorW
InternetQueryDataAvailable
HttpSendRequestExW
HttpEndRequestW
FtpDeleteFileW
FtpFindFirstFileW
FtpCreateDirectoryW
GopherFindFirstFileW
FtpGetCurrentDirectoryW
InternetGetLastResponseInfoW
FtpSetCurrentDirectoryW
InternetSetStatusCallbackW
FtpRenameFileW
InternetGetCookieW
InternetConnectW
InternetQueryOptionW

msvcrt

wcsftime
__argc
_open_osfhandle
abort
vswprintf
iswdigit
localtime
_ltow
swprintf
modf
wcstod
_beginthreadex
ceil
fflush
_wcsnicmp
_get_osfhandle
__wargv
wcstoul
fgetws
fputws
realloc
_purecall
floor
fread
__doserrno
_snwprintf
fseek
_itow
_wtoi
_wcslwr
fwrite
wcscpy
wcspbrk
time
_endthreadex
fclose
memmove
wcslen
wcsrchr
clearerr
gmtime
wcsstr
_adjust_fdiv
__CxxFrameHandler
_wsplitpath
_except_handler3
_msize
_wcsrev
wcstol
wcscspn
_expand
_onexit
_wcsdup
wcsspn
_wfullpath
_wtol
ftell
_wcsupr
wcschr
_fdopen
free
wcsncpy
wcscmp
_ultow
mktime
calloc
iswspace
malloc
_initterm
wcsncmp
_CxxThrowException
__dllonexit

kernel32

SetEndOfFile
GetModuleFileNameW
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileAttributesW
FindClose
GetCurrentThreadId
LockResource
FlushFileBuffers
ReleaseSemaphore
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcatA
GetPrivateProfileStringW
InitializeCriticalSection
GetVersion
GlobalFlags
GetModuleHandleW
QueryPerformanceCounter
VirtualProtect
LocalReAlloc
GetLastError
GetStringTypeExW
TerminateProcess
GetDiskFreeSpaceW
GlobalSize
CreateSemaphoreW
GetSystemDirectoryA
GlobalLock
lstrcatW
EnterCriticalSection
lstrcpyA
LocalFileTimeToFileTime
GetVersionExW
LoadResource
LoadLibraryA
lstrcpynW
lstrcmpW
CreateEventW
TlsSetValue
DeleteCriticalSection
GetTempPathW
ReadFile
WriteFile
GetCurrentProcess
LoadLibraryW
FreeResource
GetCurrentDirectoryW
CloseHandle
GlobalFree
InterlockedDecrement
SetErrorMode
SizeofResource
ResumeThread
LocalFree
GlobalFindAtomW
GetSystemInfo
GlobalAlloc
WritePrivateProfileStringW
GetShortPathNameW
lstrcpyW
FreeLibrary
lstrlenW
MoveFileW
VirtualQuery
GetProfileIntW
FindResourceExW
GlobalDeleteAtom
LocalAlloc
GetTickCount
GlobalUnlock
LoadLibraryExA
GetVersionExA
GlobalHandle
GetFullPathNameW
GetFileTime
MultiByteToWideChar
ReleaseMutex
GetUserDefaultLCID
IsDBCSLeadByte
WaitForMultipleObjects
DeleteFileW
lstrcmpiW
lstrcmpA
GetCurrentThread
FindNextFileW
FindFirstFileW
SetFileAttributesW
SetFileTime
lstrcmpiA
GetProcAddress
OutputDebugStringW
MulDiv
TlsFree
GlobalGetAtomNameW
TlsGetValue
SuspendThread
InterlockedCompareExchange
GetTempFileNameW
GetVolumeInformationW
GetModuleHandleA
LockFile
CopyFileW
FormatMessageW
SetUnhandledExceptionFilter
GetProcessVersion
SearchPathW
UnlockFile
GetThreadLocale
lstrlenA
WideCharToMultiByte
WaitForSingleObject
LocalLock
Sleep
GetFileSize
CreateFileW
lstrcpynA
CreateMutexW
SystemTimeToFileTime
UnhandledExceptionFilter
VirtualAlloc
TlsAlloc
GlobalAddAtomW
GetPrivateProfileIntW
SetFilePointer
GlobalReAlloc
SetEvent
SetThreadPriority
SetLastError
InterlockedIncrement
LocalUnlock
FindResourceW
DelayLoadFailureHook
LeaveCriticalSection

adsldpc

ADsEnumClasses

gdi32

OffsetClipRgn
PatBlt
GetTextMetricsW
SetTextCharacterExtra
GetClipRgn
ScaleWindowExtEx
CloseMetaFile
SetAbortProc
GetViewportExtEx
PolyBezierTo
SetTextAlign
SetWindowOrgEx
CreateFontW
OffsetRgn
GetObjectType
ExtCreatePen
GetViewportOrgEx
CreateMetaFileW
SetColorAdjustment
MoveToEx
GetPolyFillMode
CreateRectRgnIndirect
SetViewportExtEx
DPtoLP
CreateDCW
CreatePatternBrush
GetBkMode
DeleteObject
DeleteMetaFile
CombineRgn
OffsetViewportOrgEx
GetStockObject
CreatePen
GetObjectW
ExtSelectClipRgn
UnrealizeObject
ExtTextOutW
GetStretchBltMode
GetWindowExtEx
SetRectRgn
CreateFontIndirectW
CreatePalette
EnumFontFamiliesW
SaveDC
SelectPalette
SelectObject
Rectangle
CopyMetaFileW
GetCurrentPositionEx
CreateDIBPatternBrushPt
Escape
SetTextJustification
IntersectClipRect
DeleteDC
GetTextFaceW
RectVisible
SetBkColor
StartPage
GetBkColor
GetPixel
SetPolyFillMode
GetCharWidthW
EnumFontFamiliesExW
LineTo
ExcludeClipRect
CreateSolidBrush
StretchDIBits
PtVisible
BitBlt
TextOutW
SetMapMode
GetTextAlign
SetROP2
PlayMetaFile
AbortDoc
EndPage
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateHatchBrush
GetClipBox
GetWindowOrgEx
CreateCompatibleBitmap
OffsetWindowOrgEx
GetROP2
ArcTo
RealizePalette
ScaleViewportExtEx
StartDocW
SetViewportOrgEx
SetBrushOrgEx
CreateBitmap
SetTextColor
SetWindowExtEx
RestoreDC
GetTextColor
PlayMetaFileRecord
CreateCompatibleDC
EnumMetaFile
SetStretchBltMode
SetMapperFlags
CreateRectRgn
PolylineTo
LPtoDP
SelectClipPath
SelectClipRgn
EndDoc
PolyDraw
GetMapMode
SetArcDirection
GetPaletteEntries
GetNearestColor
SetBkMode
GetDeviceCaps

ole32

OleDuplicateData
CoTaskMemAlloc
OleTranslateAccelerator
OleGetIconOfClass
StgOpenStorageOnILockBytes
CoGetMalloc
OleIsRunning
CreateBindCtx
CreateFileMoniker
OleGetClipboard
OleRegGetUserType
CreateILockBytesOnHGlobal
OleSetClipboard
CLSIDFromProgID
CreateOleAdviseHolder
OleSave
GetClassFile
ReadClassStm
GetHGlobalFromILockBytes
CoCreateInstance
OleCreate
IsAccelerator
StgOpenStorage
WriteFmtUserTypeStg
GetRunningObjectTable
RegisterDragDrop
OleRegGetMiscStatus
CoInitialize
CoTaskMemFree
CoDisconnectObject
OleSetContainedObject
OleCreateStaticFromData
CreateStreamOnHGlobal
RevokeDragDrop
CoLockObjectExternal
OleDestroyMenuDescriptor
CLSIDFromString
SetConvertStg
WriteClassStg
OleLoadFromStream
CoGetClassObject
CoUninitialize
CreateGenericComposite
OleCreateLinkToFile
ReleaseStgMedium
CreateDataCache
OleCreateFromData
StgIsStorageFile
CoRegisterMessageFilter
OleFlushClipboard
OleLoad
OleSetMenuDescriptor
OleCreateFromFile
OleInitialize
StringFromCLSID
ReadFmtUserTypeStg
DoDragDrop
CoTreatAsClass
ReadClassStg
CoRegisterClassObject
OleRun
OleIsCurrentClipboard
CreateItemMoniker
OleLockRunning
CoRevokeClassObject
WriteClassStm
OleRegEnumVerbs
CreateDataAdviseHolder
OleSaveToStream
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
OleCreateLinkFromData
OleCreateMenuDescriptor
OleQueryCreateFromData
OleQueryLinkFromData
OleUninitialize
StgCreateDocfile
StringFromGUID2

advapi32

RegSetValueW
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueW
SetFileSecurityW
RegEnumKeyW
GetFileSecurityW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegCreateKeyW
RegCreateKeyExW

Sections

.textbss
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

12a0731b18dc648b4430b164d8782523

Headers

File Characteristics

Imports

ntdll

ws2_32

user32

wininet

msvcrt

kernel32

adsldpc

gdi32

ole32

advapi32

Sections

.textbss Size: - Virtual size: 96KB

.text Size: 512B - Virtual size: 448B

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 216B

.idata Size: 37KB - Virtual size: 36KB

.textbss
Size: - Virtual size: 96KB

.text
Size: 512B - Virtual size: 448B

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 216B

.idata
Size: 37KB - Virtual size: 36KB