f51e35710c1044c86d72c7b028e446a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f51e35710c1044c86d72c7b028e446a0_JaffaCakes118
Size

4.1MB
MD5

f51e35710c1044c86d72c7b028e446a0
SHA1

fd4d977aff2b9eb0ecebc292da38855572e0ca56
SHA256

96af7004f3ef88d8fac5876d1e2c1dc706b50ad6780326ce1d063d36932dd02c
SHA512

3a0ae521218d473f4bb9f27589466555c1e97f3523a4ebfd1e78479c762b8a05762baf5c160b3eb9593fdf3f9c0175cf3e4181c4f0918da2c89807d5e4071b33
SSDEEP

49152:yLzvtOdjbffu7hsjOQMXR5Xi9JZK+QWNKbT9ao64PnevQ8lg+bjwTC95:yLzIPUao127lD5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f51e35710c1044c86d72c7b028e446a0_JaffaCakes118

Files

f51e35710c1044c86d72c7b028e446a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b3efc34182636d1cec92383ac120607e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA

comctl32

ord6
ImageList_Destroy
ImageList_Draw
ImageList_GetImageCount
ImageList_LoadImageA
InitCommonControlsEx

crypt32

CertAddEncodedCertificateToStore
CertCloseStore
CertCreateCertificateContext
CertFreeCertificateContext
CertGetIssuerCertificateFromStore
CertOpenStore
CertOpenSystemStoreA
CryptDecodeObject

d3dxof

DirectXFileCreate

ddraw

DirectDrawCreate
DirectDrawEnumerateExA

dinput

DirectInputCreateEx

dplayx

ord4

gdi32

AddFontResourceA
BitBlt
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateDIBitmap
CreateFontA
CreateFontIndirectA
CreatePatternBrush
CreateSolidBrush
DeleteDC
DeleteObject
ExtTextOutA
GetCharABCWidthsA
GetDeviceCaps
GetObjectA
GetStockObject
GetTextExtentPoint32A
GetTextMetricsA
PatBlt
RemoveFontResourceA
SelectObject
SetBkColor
SetBkMode
SetBrushOrgEx
SetTextColor

kernel32

CloseHandle
CompareStringA
CompareStringW
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateMutexA
CreateProcessA
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DeleteFileA
DeviceIoControl
DuplicateHandle
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FlushFileBuffers
FlushInstructionCache
FlushViewOfFile
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetComputerNameA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetExitCodeThread
GetFileAttributesA
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsA
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetOverlappedResult
GetPrivateProfileIntA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetPrivateProfileStructA
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVolumeInformationA
GetVolumeInformationW
GetWindowsDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LoadResource
LocalFileTimeToFileTime
LocalFree
LockResource
MapViewOfFile
MoveFileA
MultiByteToWideChar
OpenEventA
OpenFile
OpenMutexA
OpenProcess
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryA
ResetEvent
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualLock
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
_hread
_hwrite
_lclose
_lcreat
_llseek
_lopen
lstrcmpA
lstrcpyA
lstrcpynA
lstrcpynW
lstrlenA
lstrlenW

msacm32

acmFormatSuggest
acmStreamClose
acmStreamConvert
acmStreamOpen
acmStreamPrepareHeader
acmStreamSize
acmStreamUnprepareHeader

netapi32

Netbios

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoGetClassObject
CoInitialize
CoRegisterClassObject
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateStreamOnHGlobal
OleInitialize
OleLockRunning
OleUninitialize
StringFromCLSID

oleaut32

SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
VariantClear
DispCallFunc
SysStringByteLen
SysAllocStringByteLen
LoadRegTypeLi

olepro32

ord253

shell32

ExtractIconA
ShellExecuteA

urlmon

CoInternetGetSession

user32

AttachThreadInput
BeginPaint
CallNextHookEx
CallWindowProcA
ChangeDisplaySettingsA
CharLowerA
CharLowerBuffA
CharNextA
CheckDlgButton
ClientToScreen
CreateAcceleratorTableA
CreateIconFromResource
CreateIconFromResourceEx
CreateWindowExA
CreateWindowExW
DefWindowProcA
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxIndirectParamA
DialogBoxParamA
DispatchMessageA
DrawEdge
DrawFrameControl
DrawTextA
EnableWindow
EndDialog
EndPaint
EnumChildWindows
EnumDisplaySettingsA
EnumWindows
FillRect
FrameRect
GetActiveWindow
GetAsyncKeyState
GetClassInfoExA
GetClassNameA
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetFocus
GetForegroundWindow
GetKeyState
GetMenuItemCount
GetMenuItemInfoA
GetMessageA
GetMessagePos
GetParent
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetWindow
GetWindowDC
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowThreadProcessId
InflateRect
InvalidateRect
InvalidateRgn
IsChild
IsDlgButtonChecked
IsMenu
IsWindow
IsWindowEnabled
IsWindowVisible
KillTimer
LoadAcceleratorsA
LoadCursorA
LoadIconA
LoadImageA
LoadImageW
LoadMenuA
LoadStringA
LoadStringW
MapVirtualKeyA
MapWindowPoints
MessageBeep
MessageBoxA
ModifyMenuA
MoveWindow
OffsetRect
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterClassExA
RegisterHotKey
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetCapture
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetMenuDefaultItem
SetMenuItemInfoA
SetRectEmpty
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowCursor
ShowWindow
SystemParametersInfoA
ToAscii
TrackPopupMenuEx
TranslateAcceleratorA
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterHotKey
UpdateWindow
WindowFromPoint
wsprintfA

wininet

HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetQueryOptionA
InternetSetOptionA

winmm

PlaySoundA
PlaySoundW
mciGetErrorStringA
mciSendCommandA
mciSendCommandW
mciSendStringA
mixerClose
mixerGetControlDetailsA
mixerGetLineControlsA
mixerGetLineInfoA
mixerGetNumDevs
mixerOpen
mixerSetControlDetails
mmioClose
mmioOpenA
mmioOpenW
mmioRead
mmioSeek
mmioWrite
sndPlaySoundA
sndPlaySoundW
timeBeginPeriod
timeEndPeriod
timeGetDevCaps
timeGetTime
timeKillEvent
timeSetEvent
waveInAddBuffer
waveInClose
waveInGetDevCapsA
waveInGetNumDevs
waveInOpen
waveInPrepareHeader
waveInReset
waveInStart
waveInUnprepareHeader
waveOutClose
waveOutGetDevCapsA
waveOutGetNumDevs
waveOutGetPosition
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite

wsock32

accept
bind
closesocket
connect
getpeername
getsockname
htonl
htons
ioctlsocket
inet_addr
inet_ntoa
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
socket
gethostbyname
WSAGetLastError
WSAStartup
WSACleanup
__WSAFDIsSet

Sections

.data
Size: 1018KB - Virtual size: 1020KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 377KB - Virtual size: 380KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 612KB - Virtual size: 616KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 59KB - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 615KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3efc34182636d1cec92383ac120607e

Headers

File Characteristics

Imports

advapi32

comctl32

crypt32

d3dxof

ddraw

dinput

dplayx

gdi32

kernel32

msacm32

netapi32

ole32

oleaut32

olepro32

shell32

urlmon

user32

wininet

winmm

wsock32

Sections

.data Size: 1018KB - Virtual size: 1020KB

.bss Size: 50KB - Virtual size: 52KB

.text Size: 377KB - Virtual size: 380KB

.rsrc Size: 612KB - Virtual size: 616KB

.rdata Size: 59KB - Virtual size: 60KB

.data Size: 1.4MB - Virtual size: 1.4MB

.idata Size: 12KB - Virtual size: 16KB

.rsrc Size: 615KB - Virtual size: 2.1MB

.rsrc Size: 3KB - Virtual size: 3KB

.data
Size: 1018KB - Virtual size: 1020KB

.bss
Size: 50KB - Virtual size: 52KB

.text
Size: 377KB - Virtual size: 380KB

.rsrc
Size: 612KB - Virtual size: 616KB

.rdata
Size: 59KB - Virtual size: 60KB

.data
Size: 1.4MB - Virtual size: 1.4MB

.idata
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 615KB - Virtual size: 2.1MB

.rsrc
Size: 3KB - Virtual size: 3KB