d1771c64b8c6d5728131e4922258c8f7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d1771c64b8c6d5728131e4922258c8f7_JaffaCakes118
Size

1.5MB
MD5

d1771c64b8c6d5728131e4922258c8f7
SHA1

a014a740eb39c50596be4383af9dc1b965260f6d
SHA256

f517fb807979443e26c23aae74088d58e48eb6d636f27a230d9a450c16b12f0f
SHA512

c59e54700f774db7d504403244ebfcd2a34074086f287fc7a16b4f8ddc800991dde36dadee29b6ca8159dfddd5d8e58f114b6f838bd81b9844c0bea19dec2079
SSDEEP

24576:tlacgz21ELWQbx7pmbOBzPFjXB29A1fiPtrvAPhc+eBxDzwg0rCdNx:14+K7tBJjXE9AxetrvoeBDwg0i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1771c64b8c6d5728131e4922258c8f7_JaffaCakes118

Files

d1771c64b8c6d5728131e4922258c8f7_JaffaCakes118
.exe windows:6 windows x86 arch:x86

344602d21e62eb9be12db17ad489ff8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSACleanup
inet_addr
gethostbyname
gethostname
WSAStartup

winmm

mixerGetControlDetailsW
mixerSetControlDetails
mixerGetLineControlsW
mciSendStringW
mixerOpen
mixerClose
mixerGetLineInfoW
waveOutGetVolume
joyGetPosEx
joyGetDevCapsW
waveOutSetVolume
mixerGetDevCapsW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

comctl32

ImageList_AddMasked
ImageList_ReplaceIcon
CreateStatusWindowW
ImageList_GetIconSize
ImageList_Create
ImageList_Destroy

shlwapi

HashData

crypt32

CryptBinaryToStringA
CryptStringToBinaryA
CryptStringToBinaryW

psapi

GetModuleFileNameExW
GetModuleBaseNameW
GetProcessImageFileNameW

kernel32

IsBadReadPtr
CreateFileW
CreateFileA
WriteFile
SetFileTime
DuplicateHandle
GetCurrentProcess
LoadResource
LockResource
SizeofResource
GetCurrentDirectoryA
FileTimeToSystemTime
GetLocalTime
GetFileInformationByHandle
GetFileSize
lstrlenW
FindFirstFileW
FindNextFileW
FindClose
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
LoadLibraryW
GetModuleHandleA
SetLastError
VirtualAlloc
VirtualFree
VirtualProtect
GetTempPathA
LoadLibraryA
FreeLibrary
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
EnterCriticalSection
HeapDestroy
LeaveCriticalSection
HeapFree
GetCommandLineW
WaitForSingleObject
GetThreadLocale
VirtualQuery
HeapCreate
FlushInstructionCache
GetVersionExW
GetCPInfo
GetModuleFileNameW
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
SetEnvironmentVariableW
Beep
MoveFileW
OutputDebugStringW
CreateProcessW
GetFileAttributesW
CreateDirectoryW
WriteProcessMemory
ReadProcessMemory
GetCurrentProcessId
OpenProcess
TerminateProcess
SetPriorityClass
GetEnvironmentVariableW
GetDateFormatW
GetTimeFormatW
GetDiskFreeSpaceW
SetVolumeLabelW
DeviceIoControl
GetDriveTypeW
GetVolumeInformationW
DeleteFileW
SetFileAttributesW
GetFileSizeEx
GetSystemTime
GetSystemDefaultUILanguage
GetComputerNameW
GetWindowsDirectoryW
GetTempPathW
GetFullPathNameW
GetShortPathNameW
TryEnterCriticalSection
QueryDosDeviceW
CompareStringW
RemoveDirectoryW
CopyFileW
FormatMessageW
GetPrivateProfileStringW
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
WritePrivateProfileSectionW
SetEndOfFile
GetACP
GetFileType
GetStdHandle
SetFilePointerEx
VirtualAllocEx
VirtualFreeEx
EnumResourceNamesW
LoadLibraryExW
RemoveVectoredExceptionHandler
ExitProcess
ExitThread
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
RtlUnwind
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
HeapSize
HeapReAlloc
HeapQueryInformation
CreateDirectoryA
LocalFileTimeToFileTime
lstrcmpA
lstrcmpiA
lstrlenA
lstrcpyA
GlobalSize
ReadFile
SetFilePointer
SystemTimeToFileTime
MultiByteToWideChar
WideCharToMultiByte
GetProcAddress
GetModuleHandleW
GetLastError
CreateMutexW
CloseHandle
GetExitCodeThread
SetThreadPriority
CreateThread
lstrcmpiW
OpenThread
GetCurrentThreadId
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
AddVectoredExceptionHandler
GetCurrentDirectoryW
SetErrorMode
InitializeCriticalSection
FindResourceW
SetCurrentDirectoryW
Sleep
GetTickCount
MulDiv
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
RaiseException
LCMapStringW
GetStringTypeW
GetConsoleMode
ReadConsoleW
GetConsoleCP
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
FlushFileBuffers
GetExitCodeProcess
WriteConsoleW

user32

FlashWindow
GetPropW
SetPropW
RemovePropW
MapWindowPoints
RedrawWindow
SetParent
GetClassInfoExW
GetAncestor
UpdateWindow
GetMessagePos
GetClassLongW
DefDlgProcW
CallWindowProcW
CheckRadioButton
IntersectRect
PtInRect
CreateDialogIndirectParamW
CreateAcceleratorTableW
InsertMenuItemW
SetMenuDefaultItem
RemoveMenu
SetMenuItemInfoW
IsMenu
GetMenuItemInfoW
CreateMenu
CreatePopupMenu
SetMenuInfo
AppendMenuW
DestroyMenu
TrackPopupMenuEx
CreateIconIndirect
GetDesktopWindow
CopyImage
CreateIconFromResourceEx
EnumClipboardFormats
GetWindow
BringWindowToTop
GetTopWindow
SystemParametersInfoW
AdjustWindowRectEx
DrawTextW
SetRect
GetIconInfo
SetWindowTextW
IsWindowVisible
CheckMenuItem
MessageBoxW
LoadImageW
ChangeClipboardChain
SetClipboardViewer
LoadAcceleratorsW
EnableMenuItem
GetMenu
CreateWindowExW
RegisterClassExW
LoadCursorW
DestroyAcceleratorTable
UnregisterClassW
DestroyIcon
DestroyWindow
IsCharAlphaW
SetMenu
MapVirtualKeyExW
VkKeyScanExW
GetWindowTextW
mouse_event
GetSystemMetrics
keybd_event
SetKeyboardState
GetKeyboardState
GetAsyncKeyState
AttachThreadInput
SendInput
UnregisterHotKey
RegisterHotKey
PostQuitMessage
SendMessageTimeoutW
UnhookWindowsHookEx
SetWindowsHookExW
PostThreadMessageW
IsCharUpperW
IsCharLowerW
IsCharAlphaNumericW
ToUnicodeEx
GetKeyboardLayout
CallNextHookEx
CharLowerW
ReleaseDC
GetDC
OpenClipboard
GetClipboardData
GetClipboardFormatNameW
CloseClipboard
SetClipboardData
EmptyClipboard
PostMessageW
FindWindowW
EndDialog
IsWindow
DispatchMessageW
TranslateMessage
ShowWindow
CountClipboardFormats
SetWindowLongW
ScrollWindow
SetScrollInfo
ExitWindowsEx
GetMenuStringW
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetLastInputInfo
GetCursor
ClientToScreen
MessageBeep
SetDlgItemTextW
GetDlgItem
ScreenToClient
IsDialogMessageW
WindowFromPoint
SendMessageW
IsWindowEnabled
GetWindowLongW
GetKeyState
TranslateAcceleratorW
KillTimer
SendDlgItemMessageW
DialogBoxParamW
SetForegroundWindow
DefWindowProcW
FillRect
DrawIconEx
GetSysColorBrush
GetSysColor
RegisterWindowMessageW
IsIconic
IsZoomed
EnumWindows
GetWindowTextLengthW
EnableWindow
InvalidateRect
SetLayeredWindowAttributes
SetWindowPos
SetWindowRgn
SetFocus
GetGUIThreadInfo
SetActiveWindow
PeekMessageW
GetFocus
GetClassNameW
GetWindowThreadProcessId
GetForegroundWindow
GetMessageW
SetTimer
GetScrollInfo
GetParent
GetDlgCtrlID
CharUpperW
IsClipboardFormatAvailable
EnumChildWindows
MoveWindow
GetQueueStatus
GetWindowRect
MapVirtualKeyW
GetClientRect
GetCursorPos

gdi32

GdiFlush
SetBrushOrgEx
CreatePatternBrush
SetBkMode
GetClipBox
CreateDIBSection
EnumFontFamiliesExW
FillRgn
GetClipRgn
ExcludeClipRect
SetTextColor
SetBkColor
GetPixel
BitBlt
CreateCompatibleBitmap
GetSystemPaletteEntries
GetDIBits
CreateCompatibleDC
CreatePolygonRgn
CreateRectRgn
CreateRoundRectRgn
CreateEllipticRgn
DeleteDC
GetObjectW
GetTextMetricsW
GetTextFaceW
SelectObject
GetStockObject
CreateDCW
CreateSolidBrush
CreateFontW
GetCharABCWidthsW
GetDeviceCaps
DeleteObject

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

advapi32

CryptDestroyKey
CryptDestroyHash
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
CloseServiceHandle
UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerW
GetUserNameW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
RegConnectRegistryW
CryptReleaseContext

shell32

DragQueryFileW
ExtractIconW
DragQueryPoint
SHFileOperationW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetDesktopFolder
SHGetMalloc
SHGetFolderPathW
ShellExecuteExW
Shell_NotifyIconW
DragFinish

ole32

OleInitialize
CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromString
CoGetObject
StringFromGUID2
CreateStreamOnHGlobal

oleaut32

VariantChangeType
GetActiveObject
SysStringLen
SysFreeString
SafeArrayCreate
OleLoadPicture
SafeArrayUnaccessData
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnlock
SafeArrayPtrOfIndex
SafeArrayLock
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantCopyInd
SafeArrayCopy
SysAllocString
VariantClear
SafeArrayDestroy

Sections

.text
Size: 761KB - Virtual size: 761KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��!��
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 612KB - Virtual size: 611KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

344602d21e62eb9be12db17ad489ff8d

Headers

File Characteristics

Imports

wsock32

winmm

version

comctl32

shlwapi

crypt32

psapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 761KB - Virtual size: 761KB

.rdata Size: 174KB - Virtual size: 173KB

.data Size: 11KB - Virtual size: 33KB

.gfids Size: 512B - Virtual size: 296B

��!�� Size: 512B - Virtual size: 9B

.rsrc Size: 612KB - Virtual size: 611KB

.text
Size: 761KB - Virtual size: 761KB

.rdata
Size: 174KB - Virtual size: 173KB

.data
Size: 11KB - Virtual size: 33KB

.gfids
Size: 512B - Virtual size: 296B

��!��
Size: 512B - Virtual size: 9B

.rsrc
Size: 612KB - Virtual size: 611KB