eb97042a374eb0bb362c9db354d72105_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eb97042a374eb0bb362c9db354d72105_JaffaCakes118
Size

39KB
MD5

eb97042a374eb0bb362c9db354d72105
SHA1

3c55c3cfc0cc609287a493594b60fa3d5eb6a1c7
SHA256

5030b4b267b66a558a922c10bd992bc2595df4ee1edf57af91c05d1939702b7d
SHA512

95fb30913456cd0f60c4f3ef184d8e09e8a823b1766a351e52bc3e8065e8200f77d1ab1050abe39e793e3e8c0041c83ad7e844129263ef7e3ee8239ea0cf3fa8
SSDEEP

768:qTi14ajaeJ4/8Gt3dTbm9jNegUCO/hw6X3D2MzqoAwfF:MiCwJ4/8GhUxTfOG6X3h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb97042a374eb0bb362c9db354d72105_JaffaCakes118

Files

eb97042a374eb0bb362c9db354d72105_JaffaCakes118
.exe windows:4 windows x86 arch:x86

71811401f04d00a1182a54931ab2a771

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetFindNextFileW
HttpSendRequestExW
HttpAddRequestHeadersW
FtpPutFileW
FtpRemoveDirectoryW
InternetGetCookieW
InternetCanonicalizeUrlW
InternetSetOptionExW
InternetCrackUrlW
InternetSetCookieW
InternetSetStatusCallbackW
HttpEndRequestW
FtpOpenFileW
FtpGetCurrentDirectoryW
GopherGetAttributeW
InternetSetFilePointer
FtpRenameFileW
InternetQueryOptionW
InternetWriteFile
FtpSetCurrentDirectoryW
HttpOpenRequestW
HttpSendRequestW
FtpGetFileW
FtpCreateDirectoryW
InternetCloseHandle
FtpDeleteFileW
GopherOpenFileW
InternetQueryDataAvailable
InternetConnectW
GopherCreateLocatorW
InternetReadFile
InternetGetLastResponseInfoW
InternetErrorDlg
InternetOpenW
FtpFindFirstFileW
InternetOpenUrlW
GopherFindFirstFileW
HttpQueryInfoW

ntdll

NtCreateKey

user32

GetMenuStringW
GetPropW
DeferWindowPos
CharUpperW
SetFocus
AppendMenuW
ScrollWindow
SetScrollPos
GetWindowRect
DrawTextW
GetMessagePos
CheckRadioButton
GetSysColor
GetActiveWindow
IsClipboardFormatAvailable
GetDialogBaseUnits
GetAsyncKeyState
SetCursor
GrayStringW
GetClientRect
LoadCursorW
UnpackDDElParam
ShowScrollBar
CopyRect
DestroyCursor
PostThreadMessageW
RemoveMenu
ReuseDDElParam
GetScrollInfo
InvertRect
FrameRect
IsWindowEnabled
ClipCursor
IsWindow
WindowFromPoint
GetTabbedTextExtentW
DestroyIcon
DefMDIChildProcW
MapDialogRect
TranslateMDISysAccel
DefFrameProcW
SetRectEmpty
CheckDlgButton
SetWindowTextW
InvalidateRgn
SetCapture
SetMenu
GetTabbedTextExtentA
UnionRect
BeginPaint
DestroyMenu
SendDlgItemMessageW
GetCursorPos
GetMenuItemID
GetLastActivePopup
GetMenuItemCount
PeekMessageW
LoadIconW
FillRect
GetWindowLongW
ClientToScreen
UnhookWindowsHookEx
SetWindowLongW
CreateMenu
wsprintfW
EndDialog
GetParent
GetDlgCtrlID
ValidateRect
SetWindowsHookExW
RemovePropW
SystemParametersInfoA
GetDlgItemTextW
BeginDeferWindowPos
GetDCEx
RegisterWindowMessageW
GetDesktopWindow
UnregisterClassW
InvalidateRect
ReleaseCapture
FindWindowW
InflateRect
GetNextDlgGroupItem
SetRect
EndDeferWindowPos
CheckMenuItem
MessageBoxA
IsChild
GetMessageW
GetMenu
IsIconic
LockWindowUpdate
DrawMenuBar
DrawEdge
SendMessageW
IsDialogMessageW
PostQuitMessage
ShowWindow
SetTimer
SetActiveWindow
RegisterClassW
IsWindowVisible
DefWindowProcW
GetWindowThreadProcessId
MessageBeep
TabbedTextOutW
WindowFromDC
GetDlgItem
IsDlgButtonChecked
LoadMenuW
GetWindowPlacement
GetSystemMenu
CallNextHookEx
MoveWindow
MapWindowPoints
GetMessageTime
SetWindowContextHelpId
SetDlgItemInt
ScrollWindowEx
SetWindowPlacement
DestroyWindow
PtInRect
GetMenuCheckMarkDimensions
GetKeyState
SetPropW
DispatchMessageW
GetTopWindow
IsRectEmpty
SetScrollInfo
EndPaint
GetClassNameW
ScreenToClient
GetDlgItemInt
KillTimer
WaitMessage
TranslateAcceleratorW
SetDlgItemTextW
GetCapture
AdjustWindowRectEx
RedrawWindow
CopyAcceleratorTableW
CharNextW
TrackPopupMenu
SystemParametersInfoW
GetFocus
GetScrollPos
GetSubMenu
EnableWindow
DrawFocusRect
UpdateWindow
ReleaseDC
GetScrollRange
LoadAcceleratorsW
GetWindowTextW
CreateDialogIndirectParamW
GetDC
GetMenuState
GetWindow
LoadStringW
GetNextDlgTabItem
OffsetRect
SendDlgItemMessageA
CreateWindowExW
InsertMenuW
WinHelpW
IsZoomed
SetParent
SetCursorPos
GetSystemMetrics
RegisterClipboardFormatW
SetMenuItemBitmaps
MessageBoxW
GetClassInfoW
TranslateMessage
CallWindowProcW
GetForegroundWindow
GetWindowTextLengthW
BringWindowToTop
CountClipboardFormats
IntersectRect
MsgWaitForMultipleObjects
GetSysColorBrush
GetWindowDC
ShowOwnedPopups
PostMessageW
DeleteMenu
InSendMessage
LoadBitmapW
wvsprintfW
ModifyMenuW
EnumChildWindows
EnableMenuItem
SetWindowPos
SetForegroundWindow
EqualRect
SetScrollRange

gdi32

GetTextAlign
SetViewportExtEx
StretchDIBits
CreatePen
ScaleWindowExtEx
CreateFontIndirectW
OffsetRgn
GetCurrentPositionEx
SetTextColor
ExtSelectClipRgn
GetROP2
RectVisible
OffsetClipRgn
GetTextExtentPoint32A
GetViewportOrgEx
GetWindowOrgEx
EndPage
DeleteMetaFile
SetRectRgn
GetPixel
OffsetViewportOrgEx
SetMapMode
EnumMetaFile
GetCharWidthW
SaveDC
CreatePalette
GetNearestColor
SetArcDirection
SetROP2
PtVisible
CreateDIBPatternBrushPt
SetColorAdjustment
PolylineTo
SetMapperFlags
GetPolyFillMode
ExcludeClipRect
LPtoDP
SetWindowExtEx
Escape
GetTextMetricsW
SetTextJustification
CreateCompatibleDC
ArcTo
EndDoc
PlayMetaFile
GetWindowExtEx
SetPolyFillMode
OffsetWindowOrgEx
EnumFontFamiliesW
StartDocW
LineTo
ExtCreatePen
GetBkMode
StartPage
GetDeviceCaps
EnumFontFamiliesExW
SelectObject
CreateFontW
GetBkColor
PolyBezierTo
ExtTextOutW
SelectPalette
CreateRectRgnIndirect
PatBlt
CopyMetaFileW
SetStretchBltMode
SetTextAlign
CombineRgn
CreateRectRgn
CloseMetaFile
SelectClipRgn
GetObjectW
SetWindowOrgEx
CreateCompatibleBitmap
CreateMetaFileW
SetAbortProc
MoveToEx
RealizePalette
SetBkColor
CreateDCW
CreateHatchBrush
BitBlt
DeleteObject
GetTextColor
GetStockObject
AbortDoc
GetClipRgn
GetTextFaceW
SetBrushOrgEx
UnrealizeObject
Rectangle
GetTextExtentPoint32W
GetObjectType
GetViewportExtEx
CreateBitmap
DPtoLP
IntersectClipRect
CreatePatternBrush
RestoreDC
TextOutW
SelectClipPath
SetViewportOrgEx
GetPaletteEntries
GetMapMode
GetClipBox
PolyDraw
DeleteDC
SetBkMode
GetStretchBltMode
SetTextCharacterExtra
CreateSolidBrush
PlayMetaFileRecord
ScaleViewportExtEx

advapi32

RegSetValueExW
RegEnumKeyW
RegCloseKey
SetFileSecurityW
RegDeleteValueW
RegQueryValueExW
RegSetValueW
RegOpenKeyW
RegCreateKeyExW
GetFileSecurityW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueW
RegCreateKeyW

ole32

OleSetMenuDescriptor
StringFromCLSID
StringFromGUID2
OleRegEnumVerbs
OleQueryLinkFromData
OleCreateLinkFromData
CoLockObjectExternal
OleCreateStaticFromData
OleGetClipboard
OleDestroyMenuDescriptor
CreateDataAdviseHolder
ReadFmtUserTypeStg
ReleaseStgMedium
StgOpenStorageOnILockBytes
GetHGlobalFromILockBytes
OleIsCurrentClipboard
OleInitialize
CreateFileMoniker
OleDuplicateData
OleRegGetUserType
OleSave
RevokeDragDrop
OleUninitialize
CreateILockBytesOnHGlobal
OleCreateFromFile
OleIsRunning
WriteClassStm
CreateDataCache
IsAccelerator
CoInitialize
CoTreatAsClass
RegisterDragDrop
CoRegisterMessageFilter
OleSetContainedObject
OleQueryCreateFromData
OleLoadFromStream
WriteFmtUserTypeStg
CoCreateInstance
GetRunningObjectTable
WriteClassStg
OleCreateFromData
OleLockRunning
OleSaveToStream
OleRun
ReadClassStm
CreateGenericComposite
CreateBindCtx
OleGetIconOfClass
OleRegGetMiscStatus
OleTranslateAccelerator
OleSetClipboard
GetClassFile
OleCreateLinkToFile
StgCreateDocfileOnILockBytes
CLSIDFromString
OleFlushClipboard
CreateItemMoniker
StgOpenStorage
CreateStreamOnHGlobal
CoGetMalloc
ReadClassStg
OleLoad
CoDisconnectObject
StgCreateDocfile
CoTaskMemFree
CreateOleAdviseHolder
CoGetClassObject
DoDragDrop
OleCreateMenuDescriptor
CoRevokeClassObject
CoTaskMemAlloc
StgIsStorageFile
CLSIDFromProgID
CoFreeUnusedLibraries
OleCreate
SetConvertStg
CoRegisterClassObject
CoUninitialize

ws2_32

WSAGetLastError

msvcrt

_ltow
_wcslwr
_wfullpath
wcscmp
vswprintf
_wcsupr
wcsrchr
_fdopen
wcscspn
_ultow
_wcsnicmp
iswspace
wcslen
_wtoi
_expand
clearerr
_except_handler3
_get_osfhandle
modf
_endthreadex
wcsspn
_onexit
free
swprintf
fputws
fwrite
wcsstr
wcsftime
wcstod
mktime
iswdigit
localtime
time
_msize
calloc
ceil
__CxxFrameHandler
_adjust_fdiv
wcscpy
_open_osfhandle
wcstol
memmove
_wtol
floor
__doserrno
_purecall
malloc
fclose
abort
_initterm
wcschr
fread
_wsplitpath
ftell
__wargv
__dllonexit
fgetws
wcsncmp
realloc
_itow
fseek
_beginthreadex
__argc
_snwprintf
gmtime
_wcsdup
fflush
wcstoul
wcspbrk
_wcsrev
_CxxThrowException
wcsncpy

kernel32

GetModuleHandleW
FindResourceW
CreateFileW
GetFileTime
FormatMessageW
lstrcpyA
VirtualProtect
GetSystemDirectoryA
GetFullPathNameW
lstrcpyW
SetEvent
IsDBCSLeadByte
Sleep
DuplicateHandle
GlobalAddAtomW
CreateSemaphoreW
GetPrivateProfileStringW
GetCurrentDirectoryW
SuspendThread
MoveFileW
SearchPathW
GlobalFindAtomW
GlobalHandle
GlobalUnlock
UnlockFile
LoadResource
GlobalDeleteAtom
GetCurrentProcessId
GlobalGetAtomNameW
lstrcpynA
GetLastError
SetUnhandledExceptionFilter
FindClose
lstrcatA
WideCharToMultiByte
GlobalSize
GetVersionExA
FindNextFileW
LocalFree
GetProcessVersion
GetThreadLocale
WritePrivateProfileStringW
CreateEventW
TlsAlloc
GetVersionExW
UnhandledExceptionFilter
GetSystemInfo
LocalFileTimeToFileTime
FindFirstFileW
VirtualAlloc
GetUserDefaultLCID
lstrcmpA
LoadLibraryExA
FreeLibrary
GetProfileIntW
TlsFree
FreeResource
lstrlenW
WriteFile
GetPrivateProfileIntW
FileTimeToSystemTime
SetFileTime
TlsSetValue
LocalLock
TerminateProcess
GetSystemTimeAsFileTime
DelayLoadFailureHook
MultiByteToWideChar
GetCurrentThreadId
ReleaseMutex
lstrcmpiA
EnterCriticalSection
SystemTimeToFileTime
GlobalReAlloc
GetModuleFileNameW
GetTickCount
CreateMutexW
lstrcatW
SetLastError
lstrcmpiW
GetModuleHandleA
FindResourceExW
FlushFileBuffers
SetThreadPriority
GetTempFileNameW
LoadLibraryA
ReleaseSemaphore
InitializeCriticalSection
lstrcmpW
SetFileAttributesW
InterlockedIncrement
lstrcpynW
GetStringTypeExW
FileTimeToLocalFileTime
ReadFile
SetErrorMode
CloseHandle
SizeofResource
GlobalLock
DeleteFileW
CopyFileW
GetVolumeInformationW
GetFileAttributesW
SetEndOfFile
GlobalFlags
QueryPerformanceCounter
WaitForMultipleObjects
OutputDebugStringW
TlsGetValue
LoadLibraryW
GetFileSize
GetShortPathNameW
SetFilePointer
GetCurrentProcess
GetProcAddress
LocalUnlock
InterlockedCompareExchange
LockFile
GlobalAlloc
LockResource
InterlockedDecrement
ResumeThread
GetTempPathW
GetVersion
DeleteCriticalSection
MulDiv
GlobalFree
LocalReAlloc
LeaveCriticalSection
WaitForSingleObject
lstrlenA
LocalAlloc
VirtualQuery
GetCurrentThread
GetDiskFreeSpaceW

adsldpc

ADsEnumClasses

Sections

.textbss
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

71811401f04d00a1182a54931ab2a771

Headers

File Characteristics

Imports

wininet

ntdll

user32

gdi32

advapi32

ole32

ws2_32

msvcrt

kernel32

adsldpc

Sections

.textbss Size: 512B - Virtual size: 96KB

.text Size: 512B - Virtual size: 448B

.rdata Size: 512B - Virtual size: 32B

.idata Size: 37KB - Virtual size: 36KB

.textbss
Size: 512B - Virtual size: 96KB

.text
Size: 512B - Virtual size: 448B

.rdata
Size: 512B - Virtual size: 32B

.idata
Size: 37KB - Virtual size: 36KB