effef1ddb5fe8c2984d4a126c75c960d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

effef1ddb5fe8c2984d4a126c75c960d_JaffaCakes118
Size

2.4MB
MD5

effef1ddb5fe8c2984d4a126c75c960d
SHA1

24bf5d5314ee6ad65eed9d7ad870831d16c58399
SHA256

d8ea6ccf4b1d1d1bb3a35e2ff146aab9e104639b1e02a248767a0bc2c5e6fff3
SHA512

23eae512f01fff7cacec503c8f6074cff6e153f43f82861109ac23958aa91682191de672a23852d3d1a253214e8ebea2a8df5e1afb0db80a4eec4d71e6f743f6
SSDEEP

24576:g61tBhOfSJ9ljW5dfDT0T+ItX2GwBs7oyf2vBgQMHxm8gYNLeUCBtJHtaIpUZH9X:53ZGP0T+yDys7rYBkm8rNFl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
effef1ddb5fe8c2984d4a126c75c960d_JaffaCakes118

Files

effef1ddb5fe8c2984d4a126c75c960d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ba8d33420efbf2a2e47e4457e2a56a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
GetSystemTime
GetLocalTime
TerminateProcess
GetACP
HeapSize
HeapReAlloc
SetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
ExitProcess
GetProfileStringA
InterlockedExchange
GetStartupInfoA
RaiseException
HeapAlloc
HeapFree
RtlUnwind
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GlobalFree
WaitForSingleObject
GlobalAlloc
GetCurrentThread
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FormatMessageA
LocalFree
LocalAlloc
EnterCriticalSection
WideCharToMultiByte
InterlockedIncrement
FreeLibrary
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
GetThreadLocale
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
lstrcpyA
lstrlenA
MultiByteToWideChar
LoadLibraryA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
InterlockedDecrement
GlobalLock
GlobalUnlock
MulDiv
SetLastError
CreateFileMappingA
GetDiskFreeSpaceA
SetVolumeLabelA
GetDriveTypeA
CreateDirectoryA
GetFileAttributesA
SetFileAttributesA
ResumeThread
CreateThread
GetModuleHandleA
GetProcAddress
FindResourceA
SizeofResource
LoadResource
LockResource
CreateMutexA
GetCommandLineA
GetVersionExA
GetModuleFileNameA
GetLastError
GetTickCount
Sleep
MapViewOfFile
UnmapViewOfFile
GetSystemInfo
GetPrivateProfileStringA
lstrcmpA
lstrcatA
GetPrivateProfileIntA
WritePrivateProfileStringA
DeleteFileA
GetFileSize
SetFilePointer
WriteFile
CreateFileA
ReadFile
CloseHandle
FindFirstFileA
FindNextFileA
FindClose
GetCurrentDirectoryA
GetEnvironmentStrings
SetCurrentDirectoryA

user32

LoadIconA
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetActiveWindow
IsWindow
AdjustWindowRectEx
IsWindowVisible
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
CharUpperA
wsprintfA
UnhookWindowsHookEx
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
CharToOemBuffA
OemToCharBuffA
FillRect
GetSysColor
GetWindowLongA
SetWindowLongA
CharLowerA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
GetCursorPos
WindowFromPoint
SetFocus
GetClassNameA
LoadStringA
PostQuitMessage
UpdateWindow
CopyRect
PostMessageA
GetParent
GetWindowRect
InvalidateRect
MessageBoxA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
GetNextDlgTabItem
EnableWindow
KillTimer
RedrawWindow
GetClientRect
SendMessageA
SetTimer
SetWindowRgn
GetDesktopWindow
LoadImageA
PeekMessageA
DispatchMessageA
TranslateMessage
PostThreadMessageA
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
SetRect
IsWindowEnabled
DestroyMenu
GetSysColorBrush
LoadCursorA
PtInRect
CharNextA
InflateRect
MapDialogRect
SetWindowContextHelpId
EndDialog
CreateDialogIndirectParamA
GetMessageA
GetActiveWindow
ValidateRect
SetCursor
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
RegisterWindowMessageA
CopyAcceleratorTableA

gdi32

SetBkColor
SetBkMode
SetStretchBltMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
IntersectClipRect
MoveToEx
LineTo
DeleteObject
SelectPalette
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
PatBlt
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
SelectObject
RestoreDC
SaveDC
DeleteDC
Rectangle
SetPixel
CreateCompatibleBitmap
CreateFontIndirectA
GetStockObject
CreateSolidBrush
CreateRectRgn
RealizePalette
StretchDIBits
GetDIBits
BitBlt
CreateCompatibleDC
CreatePalette
CreateDIBitmap
GetTextExtentPointA
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

shell32

ShellExecuteA
ShellExecuteExA

comctl32

ord17

oledlg

ord8

ole32

CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID

olepro32

ord253

oleaut32

VariantClear
SysAllocStringLen
SysFreeString
VariantTimeToSystemTime
VariantChangeType
SysAllocString
SysStringLen
VariantCopy
SysAllocStringByteLen

wsock32

send
ntohs
inet_ntoa
recv
gethostbyname
htons
socket
setsockopt
connect
WSAGetLastError
WSAAsyncSelect
closesocket
WSACleanup
WSAStartup
ioctlsocket

wininet

FtpFindFirstFileA
FtpOpenFileA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetOpenA
InternetConnectA

msvcrt

setvbuf
fsetpos
fgetpos
fgetc
fputc
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
free
calloc
ungetwc
fgetwc

Sections

.text
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 28KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ba8d33420efbf2a2e47e4457e2a56a5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

wininet

msvcrt

Sections

.text Size: 252KB - Virtual size: 250KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 28KB - Virtual size: 44KB

.rsrc Size: 2.1MB - Virtual size: 2.1MB

.text
Size: 252KB - Virtual size: 250KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 28KB - Virtual size: 44KB

.rsrc
Size: 2.1MB - Virtual size: 2.1MB