d4511a3faeafac859dbabb6888e6b6b9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d4511a3faeafac859dbabb6888e6b6b9_JaffaCakes118
Size

949KB
MD5

d4511a3faeafac859dbabb6888e6b6b9
SHA1

595e1ff5cba5c9e14cb2b1443b0a8994198deb26
SHA256

6716f717e3b41398e655f43106afa46c1bf99b111d32d401636587015fd55775
SHA512

367438cdcd4a190dead2316842503ad1eced51dd6aa83e2b1ab50a1de3f517c668f8fec038573c86862eaf2756da3c8fba60fe08da077bd37b096839ed020715
SSDEEP

12288:O52LRBG3MQelpTizoPwvH2cZAYjtNqJDoBZm+c1oPvqetZe:DLR5QvkmHlYJDoBM+4oKetZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4511a3faeafac859dbabb6888e6b6b9_JaffaCakes118

Files

d4511a3faeafac859dbabb6888e6b6b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

acc11b7d2a681ef7d7f04f21462a70f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

socket
gethostbyname
ioctlsocket
htons
WSAStartup
WSACleanup
WSACancelAsyncRequest
WSAAsyncGetHostByName
WSAGetLastError
gethostname
connect
send
shutdown
recv
WSASetLastError
select
setsockopt
closesocket
inet_addr
ntohs
recvfrom
sendto

iphlpapi

GetNetworkParams

kernel32

FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GetFullPathNameA
GetThreadLocale
GetCurrentThread
lstrcmpA
IsBadStringPtrA
IsBadWritePtr
IsBadReadPtr
GlobalFlags
TlsAlloc
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
SetErrorMode
WritePrivateProfileStringA
RtlUnwind
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
HeapFree
HeapAlloc
ExitThread
GetACP
TerminateProcess
HeapReAlloc
HeapSize
SetHandleCount
GetStdHandle
GetFileType
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
SetFilePointer
SetUnhandledExceptionFilter
VirtualAlloc
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
LockResource
SizeofResource
LoadResource
FindResourceA
_lclose
SetFileAttributesA
OpenFile
CreateFileA
MultiByteToWideChar
lstrlenA
FindClose
FindNextFileA
CopyFileA
FindFirstFileA
GetLastError
CreateDirectoryA
GlobalFree
GlobalAlloc
WideCharToMultiByte
lstrlenW
CloseHandle
ReleaseMutex
CreateMutexA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GlobalReAlloc
GlobalSize
GetModuleFileNameA
SetEvent
WaitForSingleObject
ResetEvent
GetTimeZoneInformation
TerminateThread
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
lstrcpynA
FileTimeToLocalFileTime
FileTimeToSystemTime
MulDiv
SuspendThread
SetThreadPriority
FormatMessageA
InterlockedDecrement
InterlockedIncrement
GetVersion
lstrcatA
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
CreateEventA
GetTempPathA
RemoveDirectoryA
DeleteFileA
lstrcpyW
GlobalUnlock
GlobalLock
GetCurrentThreadId
GetFileAttributesA
GetModuleHandleA
LocalAlloc
LocalFree
FreeLibrary
LoadLibraryA
GetProcAddress
SetLastError
GetWindowsDirectoryA
CreateThread
ResumeThread
GetTickCount
Sleep
VirtualFree

user32

CharNextA
GetSysColorBrush
GetClassNameA
GetDesktopWindow
DestroyMenu
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
InflateRect
CharUpperA
LoadStringA
FindWindowA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GetMessageA
TranslateMessage
ValidateRect
WindowFromPoint
ShowWindow
MoveWindow
IsDialogMessageA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
RegisterClipboardFormatA
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
DispatchMessageA
PeekMessageA
IsWindowVisible
GetDlgItem
SetWindowTextA
GetParent
CallNextHookEx
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
SetWindowsHookExA
UnhookWindowsHookEx
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetKeyState
GetSystemMenu
AppendMenuA
LoadAcceleratorsA
LoadMenuA
TranslateAcceleratorA
GetFocus
CheckMenuItem
PostThreadMessageA
DestroyAcceleratorTable
GetSubMenu
EnableMenuItem
GetCursorPos
ScreenToClient
LoadCursorA
SetCursor
IsIconic
GetSystemMetrics
MessageBeep
DrawIcon
CopyRect
GetSysColor
OffsetRect
ReleaseCapture
SetCapture
InvalidateRect
GetCapture
GetClientRect
PtInRect
KillTimer
GetWindowLongA
SetWindowLongA
SetTimer
LoadBitmapA
PostMessageA
GetWindowRect
UpdateWindow
wsprintfA
MessageBoxA
SendMessageA
LoadIconA
EnableWindow
IsWindowUnicode
DefWindowProcA
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
CreateWindowExA

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
OffsetViewportOrgEx
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
LPtoDP
DPtoLP
PatBlt
GetMapMode
GetTextColor
GetBkColor
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
EnumFontFamiliesExA
CreateSolidBrush
CreateCompatibleDC
GetTextExtentPoint32A
GetObjectA
GetTextExtentPointA
CreateDIBitmap
BitBlt

comdlg32

CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA
ChooseColorA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey

shell32

SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

ImageList_ReplaceIcon
ord17
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA

oledlg

ord8

ole32

CoTaskMemAlloc
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoInitialize
CoCreateGuid
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal

olepro32

ord253

oleaut32

VariantChangeType
SysAllocStringByteLen
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
VarDateFromStr
VarBstrFromDate
SafeArrayGetUBound
SafeArrayAccessData
VariantClear
SysFreeString
SysAllocString
SysAllocStringLen
SysStringLen
SafeArrayUnaccessData

odbc32

ord1
ord50
ord45
ord51
ord15
ord9
ord14
ord3
ord11
ord18
ord13
ord61
ord16
ord2
ord10
ord48
ord49
ord20
ord17
ord59
ord8
ord44
ord19
ord46
ord12
ord41
ord5
ord68
ord43

Sections

.text
Size: 544KB - Virtual size: 541KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 552KB - Virtual size: 551KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

acc11b7d2a681ef7d7f04f21462a70f2

Headers

File Characteristics

Imports

wsock32

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

odbc32

Sections

.text Size: 544KB - Virtual size: 541KB

.rdata Size: 108KB - Virtual size: 106KB

.data Size: 44KB - Virtual size: 63KB

.rsrc Size: 552KB - Virtual size: 551KB

.text
Size: 544KB - Virtual size: 541KB

.rdata
Size: 108KB - Virtual size: 106KB

.data
Size: 44KB - Virtual size: 63KB

.rsrc
Size: 552KB - Virtual size: 551KB