e0b46a8dd648e5acbee677c6ce53a6f5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e0b46a8dd648e5acbee677c6ce53a6f5_JaffaCakes118
Size

496KB
MD5

e0b46a8dd648e5acbee677c6ce53a6f5
SHA1

1b1bd02a378eff8e95bb5bd5627e20d9e656909b
SHA256

2b1f5276d2b41d15106d95025f59bff75b091f108c939b1a7d6832a9cb45cf2a
SHA512

6cd0a8cb476a88279d2da8e97a84a2cd1cec019e4e6d14df8835fde5c84f0dbf94d9c8cd63e50357ebeb3fb055d08c4c6c937d99389151496815c1c2c2aeaf2e
SSDEEP

6144:p2sWoRObXim8+baVAvLUvVmgE9z6JBo4lG9iC5Rqu/wAkyUW:ssEyAvwvVF0z6QgGMC5Rd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0b46a8dd648e5acbee677c6ce53a6f5_JaffaCakes118

Files

e0b46a8dd648e5acbee677c6ce53a6f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

14b05c5a297d5f0cf657d7684be20f6c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

shlwapi

PathRemoveFileSpecA

netapi32

Netbios

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

user32

EndPaint
DefWindowProcA
UpdateWindow
GetCursorPos
GrayStringA
DrawTextA
IsRectEmpty
BeginPaint
ShowWindow
HideCaret
ShowCaret
ExcludeUpdateRgn
CreateWindowExA
IsWindowUnicode
TabbedTextOutA
LoadMenuA
FillRect
DrawStateA
FrameRect
DrawFocusRect
GetSubMenu
TrackPopupMenuEx
ClientToScreen
WindowFromPoint
GetActiveWindow
GetNextDlgTabItem
GetWindowLongA
DestroyIcon
GetMessageA
UnregisterClassA
DestroyWindow
SetWindowLongA
TrackPopupMenu
SetMenuDefaultItem
DrawEdge
GetCapture
DefDlgProcA
ReleaseCapture
DestroyCursor
DestroyMenu
CopyRect
SetRectEmpty
UnionRect
InflateRect
GetSysColor
GetFocus
SetWindowRgn
IsIconic
DrawIcon
ScreenToClient
PostThreadMessageA
RegisterClipboardFormatA
MessageBeep
CopyAcceleratorTableA
GetSysColorBrush
GetClassNameA
GetDesktopWindow
CharUpperA
GetNextDlgGroupItem
LoadStringA
MapDialogRect
SetWindowContextHelpId
ValidateRect
GetWindowDC
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
SetWindowTextA
EnumDisplayDevicesA
SetForegroundWindow
PostQuitMessage
LoadIconA
FindWindowA
GetLastActivePopup
SetFocus
LoadBitmapA
LoadImageA
SetRect
GetDC
ReleaseDC
BringWindowToTop
SetWindowPos
InvalidateRect
MoveWindow
OffsetRect
TrackMouseEvent
SendMessageA
LoadCursorA
EnableWindow
SystemParametersInfoA
GetSystemMetrics
KillTimer
SetTimer
GetClientRect
TranslateMessage
DispatchMessageA
PtInRect
IsWindow
PostMessageA
GetParent
GetWindowRect
RegisterWindowMessageA
CheckMenuItem
EnableMenuItem
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
AdjustWindowRectEx
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
IsDialogMessageA
CharNextA
SetCursor
IsWindowEnabled
GetDlgItem
CreateDialogIndirectParamA
SetActiveWindow
EndDialog
GetWindowPlacement
IntersectRect
GetWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA

winmm

waveOutGetNumDevs
waveOutGetDevCapsA

kernel32

FreeLibrary
SetCurrentDirectoryA
FindFirstFileA
MoveFileA
ExitProcess
GetVersionExA
Sleep
TerminateThread
GetProcAddress
SetFileAttributesA
GetTickCount
MultiByteToWideChar
GetModuleHandleA
GetVersion
GetShortPathNameA
MoveFileExA
LeaveCriticalSection
GetLocalTime
EnterCriticalSection
ExpandEnvironmentStringsA
FindClose
FindNextFileA
InitializeCriticalSection
DeleteCriticalSection
ResumeThread
CreateEventA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
SizeofResource
LoadResource
FindResourceA
WaitForSingleObject
ResetEvent
SetEvent
GetPriorityClass
LocalFree
FormatMessageA
GetComputerNameA
GlobalMemoryStatus
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetModuleFileNameA
GetProfileStringA
QueryPerformanceCounter
QueryPerformanceFrequency
HeapFree
HeapAlloc
GetProcessHeap
WriteFile
ReadFile
GetFileSize
CreateFileA
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
InterlockedIncrement
lstrlenA
WideCharToMultiByte
SetLastError
GetCurrentThread
lstrcmpA
lstrcpynA
GetThreadLocale
DuplicateHandle
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFullPathNameA
LocalAlloc
GlobalFlags
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
GetFileAttributesA
GetFileTime
SetErrorMode
RtlUnwind
CreateThread
ExitThread
GetTimeZoneInformation
GetSystemTime
GetStartupInfoA
GetCommandLineA
RaiseException
GetACP
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
LoadLibraryA
GetSystemDirectoryA
Process32First
lstrcmpiA
OpenProcess
GetExitCodeProcess
TerminateProcess
Process32Next
DeleteFileA
GetCurrentProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateProcessA
CreateMutexA
GetLastError
ReleaseMutex
CreateToolhelp32Snapshot
Module32First
CloseHandle
MulDiv
InterlockedDecrement
GetDriveTypeA

gdi32

CreateRectRgn
SelectClipRgn
StretchBlt
GetTextMetricsA
GetTextExtentPoint32A
Escape
GetClipBox
RectVisible
PtVisible
LPtoDP
GetMapMode
DPtoLP
GetBkColor
CreateSolidBrush
BeginPath
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
SetViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetTextExtentPointA
CreateDIBitmap
MoveToEx
LineTo
TextOutA
GetTextColor
PatBlt
CreatePen
GetWindowExtEx
GetViewportExtEx
PolyBezierTo
GetCurrentPositionEx
EndPath
StrokeAndFillPath
PathToRegion
CombineRgn
GetPixel
CreateBitmap
SetBkColor
SetTextColor
CreateCompatibleBitmap
GetStockObject
ExtTextOutA
CreateRoundRectRgn
SelectObject
CreateDCA
DeleteDC
GetDeviceCaps
CreateFontA
CreateCompatibleDC
BitBlt
GetObjectA
CreateFontIndirectA
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyA
RegEnumValueA
RegDeleteValueA

shell32

SHFileOperationA
SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteExA
ShellExecuteA

comctl32

ord17
ImageList_Destroy
_TrackMouseEvent

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
CoInitialize
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize

olepro32

ord253
ord251

oleaut32

VariantTimeToSystemTime
VariantChangeType
SysAllocString
VariantCopy
SysAllocStringByteLen
VariantClear
SysStringLen
SysAllocStringLen
SysFreeString

urlmon

URLDownloadToFileA

wininet

HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
InternetCanonicalizeUrlA
DeleteUrlCacheEntry
InternetGetLastResponseInfoA
InternetCrackUrlA

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

Sections

.text
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14b05c5a297d5f0cf657d7684be20f6c

Headers

File Characteristics

Imports

iphlpapi

shlwapi

netapi32

version

user32

winmm

kernel32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

wininet

rpcrt4

Sections

.text Size: 300KB - Virtual size: 299KB

.rdata Size: 140KB - Virtual size: 136KB

.data Size: 28KB - Virtual size: 46KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 300KB - Virtual size: 299KB

.rdata
Size: 140KB - Virtual size: 136KB

.data
Size: 28KB - Virtual size: 46KB

.rsrc
Size: 24KB - Virtual size: 22KB