c9706efc96f9d40284d89d3dd7b125ee_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c9706efc96f9d40284d89d3dd7b125ee_JaffaCakes118
Size

729KB
MD5

c9706efc96f9d40284d89d3dd7b125ee
SHA1

9ea75e34451062790561cbe370ab0c677e0583bb
SHA256

f6d1c660e2afc5afe2a9318c2da819ef3fcbf316ce47b173b963665dbcc5b1b6
SHA512

1f2a6be9884d8d48b350af4d941c0c21d893fb5b9541a09f44ae78ad9f204a63a84452d59343924f1b2a33dd4d0595adee1842c0358046d6201ed777c661c3ce
SSDEEP

12288:eQJW7c+3gMdYIDFZ+05iQy6iKsG33J/pivfVXcQddoFiRcllclGcl1clbclYcloG:eZ3twCJc5cMBel6l/lKlolhlxlH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9706efc96f9d40284d89d3dd7b125ee_JaffaCakes118

Files

c9706efc96f9d40284d89d3dd7b125ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

113df2252410fd48a1b85ac5b67b3b37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostname
inet_addr
WSAStartup
WSACleanup
htonl
bind
socket
__WSAFDIsSet
recv
send
WSAGetLastError
getsockname
getpeername
select
accept
setsockopt
closesocket
listen
ioctlsocket
htons
connect
inet_ntoa
shutdown
gethostbyname

comctl32

ord17

kernel32

GlobalLock
GlobalAlloc
GetSystemTime
GlobalDeleteAtom
GlobalAddAtomA
SystemTimeToFileTime
LockResource
LoadResource
SizeofResource
FindResourceA
CreateMutexA
OpenProcess
CreateProcessA
GetModuleFileNameA
Sleep
SetProcessShutdownParameters
LCMapStringA
HeapSize
TlsFree
SetLastError
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
CreateThread
ExitThread
GetCommandLineA
GetStartupInfoA
TerminateProcess
GlobalUnlock
ExitProcess
RaiseException
RtlUnwind
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
ResumeThread
TlsAlloc
GetCurrentProcess
GetCurrentThread
DuplicateHandle
TlsSetValue
SetThreadPriority
TlsGetValue
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
LCMapStringW
SetUnhandledExceptionFilter
SetHandleCount
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
InterlockedExchange
VirtualQuery
GetVersionExA
GetComputerNameA
SetErrorMode
GetLogicalDriveStringsA
FindFirstFileA
FindNextFileA
FindClose
SetFileTime
CreateDirectoryA
ReadFile
GetCurrentProcessId
GetCurrentThreadId
UnmapViewOfFile
LoadLibraryA
GetProcAddress
FreeLibrary
GetLastError
AllocConsole
DeleteFileA
MoveFileA
CreateFileA
SetFilePointer
SetEndOfFile
OutputDebugStringA
GetStdHandle
WriteConsoleA
WriteFile
CloseHandle
GetStringTypeA
GetStringTypeW
WideCharToMultiByte
GetCPInfo
GetLocaleInfoA
GetACP
GetOEMCP
IsBadReadPtr
IsBadCodePtr
VirtualProtect
GetSystemInfo
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
QueryPerformanceCounter
GetTickCount
GetModuleHandleA

user32

TrackPopupMenu
SetMenuDefaultItem
GetSubMenu
CheckMenuItem
GetMenuState
LoadMenuA
LoadIconA
DestroyMenu
MapWindowPoints
CreateDialogParamA
ExitWindowsEx
GetUserObjectInformationA
IsIconic
GetWindow
PostThreadMessageA
GetProcessWindowStation
TranslateMessage
GetMessageA
EnableMenuItem
VkKeyScanA
GetAsyncKeyState
MapVirtualKeyA
RegisterWindowMessageA
PeekMessageA
WaitMessage
DispatchMessageA
SetClipboardViewer
GetClipboardOwner
GetClipboardData
PostQuitMessage
EnumWindows
GetPropA
IsWindowVisible
SetPropA
RemovePropA
GetMenuItemID
KillTimer
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
DrawIconEx
ChangeDisplaySettingsA
OpenDesktopA
EnumDesktopWindows
SystemParametersInfoA
FindWindowA
GetCursorPos
mouse_event
IntersectRect
GetKeyboardState
keybd_event
SetTimer
GetForegroundWindow
GetWindowThreadProcessId
SetActiveWindow
MessageBeep
FlashWindow
DialogBoxParamA
SetForegroundWindow
EndDialog
EnumDisplaySettingsA
GetThreadDesktop
OpenInputDesktop
SetThreadDesktop
CloseDesktop
GetDC
LoadImageA
DestroyCursor
CallWindowProcA
GetParent
WindowFromPoint
ChangeClipboardChain
LoadStringA
IsChild
LoadBitmapA
GetWindowTextA
GetClassNameA
GetSystemMetrics
SetWindowTextA
GetWindowDC
ReleaseDC
GetDesktopWindow
EqualRect
IsRectEmpty
RegisterClassExA
CreateWindowExA
SetWindowLongA
GetWindowLongA
GetCapture
ClientToScreen
LoadCursorA
SetCursor
BeginPaint
FillRect
EndPaint
SetCapture
ClipCursor
PostMessageA
DefWindowProcA
ReleaseCapture
GetWindowPlacement
SetWindowPos
UpdateWindow
OffsetRect
SetWindowRgn
SetRect
InflateRect
PtInRect
GetWindowRgn
InvalidateRgn
GetWindowRect
ShowWindow
DestroyWindow
MessageBoxA
GetDlgItemInt
GetFocus
SetFocus
SendMessageA
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
SendDlgItemMessageA
GetDlgItem
EnableWindow
GetIconInfo

gdi32

GetObjectA
GetBitmapBits
GetStockObject
GdiFlush
BitBlt
CreateDIBSection
SelectObject
CreatePalette
SelectPalette
RealizePalette
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
GetDIBits
CreateDCA
ExtEscape
DeleteDC
GetSystemPaletteEntries
SetROP2
FrameRgn
CreateHatchBrush
CreateSolidBrush
CreateRectRgnIndirect
CombineRgn
GetRegionData
DeleteObject
CreateRectRgn

advapi32

RegisterServiceCtrlHandlerA
SetServiceStatus
GetUserNameA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegOpenKeyA
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RevertToSelf
OpenProcessToken
ImpersonateLoggedOnUser
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegSetValueExA
RegCreateKeyA
RegCloseKey
StartServiceCtrlDispatcherA

shell32

Shell_NotifyIconA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

vnchooks

SetHook
SetKeyboardPriorityHook
SetMousePriorityHook
SetKeyboardPriorityLLHook
SetMousePriorityLLHook
SetKeyboardFilterHook
SetMouseFilterHook
UnSetHook

Sections

.text
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

113df2252410fd48a1b85ac5b67b3b37

Headers

File Characteristics

Imports

wsock32

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

vnchooks

Sections

.text Size: 252KB - Virtual size: 251KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 8KB - Virtual size: 17KB

.rsrc Size: 216KB - Virtual size: 213KB

.text
Size: 252KB - Virtual size: 251KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 8KB - Virtual size: 17KB

.rsrc
Size: 216KB - Virtual size: 213KB