f6da5d7688611a22b3d1edb73e1a08ce_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f6da5d7688611a22b3d1edb73e1a08ce_JaffaCakes118
Size

2.3MB
MD5

f6da5d7688611a22b3d1edb73e1a08ce
SHA1

daa850515fa10ebdc6975a3b7fd5a1ab0204d1c7
SHA256

2e8a50226e81200714da7ba9fb0d216687496fd2e87587de773d641ec04ebfdb
SHA512

b85420bed458fb103cdb98c9b862c4a2fb17890dad06d63230e0475afebe688cdda3704e950fb706ec47ff3f13ba625b3ca04807f608ba62a749d05107faedd3
SSDEEP

49152:buq8fCEbPDyIJmo+mdWIe1PQJOVmpjyCbbbbbbp:bx8fCE9hd+1Cgmpjy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6da5d7688611a22b3d1edb73e1a08ce_JaffaCakes118

Files

f6da5d7688611a22b3d1edb73e1a08ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22306a40aefc71fa55e3c0b99fb5d98b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
TerminateProcess
GetACP
GetFileType
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetStdHandle
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCommandLineA
HeapReAlloc
ExitProcess
GetTimeZoneInformation
GetStartupInfoA
GetLocalTime
RaiseException
HeapAlloc
HeapFree
RtlUnwind
GetProcessVersion
GetOEMCP
GlobalFlags
SetErrorMode
LocalReAlloc
GetFileTime
TlsGetValue
TlsFree
TlsSetValue
GlobalReAlloc
LocalAlloc
GlobalHandle
TlsAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpA
GlobalAlloc
GetCurrentThreadId
GlobalFree
FreeLibrary
GlobalFindAtomA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalUnlock
GlobalDeleteAtom
GlobalLock
GetThreadLocale
MulDiv
lstrcpynA
GetFullPathNameA
LoadLibraryA
GetVolumeInformationA
lstrcpyA
DuplicateHandle
UnlockFile
LockFile
GetPrivateProfileStringA
WritePrivateProfileStringA
GetSystemTimeAsFileTime
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcessId
GetModuleFileNameA
GetCurrentThread
CreateThread
QueryPerformanceFrequency
QueryPerformanceCounter
GetCPInfo
lstrcatA
lstrcmpiA
GetVersion
lstrlenW
lstrlenA
GetVersionExA
GetProcAddress
GetSystemTime
GetCurrentProcess
SetLastError
SizeofResource
SetHandleCount
GetStdHandle
FindFirstFileA
LeaveCriticalSection
EnterCriticalSection
LockResource
GetFileAttributesA
Beep
GetProfileStringA
DebugBreak
LoadResource
InitializeCriticalSection
DeleteCriticalSection
FindNextFileA
FindClose
DeleteFileA
CreateDirectoryA
GetTickCount
ReleaseMutex
CreateMutexA
FlushFileBuffers
SetEndOfFile
WriteFile
FormatMessageA
LocalFree
ReadFile
SetFilePointer
GetFileSize
GetLastError
CreateFileA
SetEvent
InterlockedExchange
InterlockedDecrement
TerminateThread
InterlockedIncrement
GetModuleHandleA
Sleep
OutputDebugStringA
CreateEventA
WaitForSingleObject
FindResourceA
CloseHandle
WaitForMultipleObjects

user32

PostThreadMessageA
SetParent
LockWindowUpdate
EndPaint
BeginPaint
GetWindowDC
CharUpperA
wsprintfA
UnhookWindowsHookEx
MessageBoxA
CharLowerW
GetWindowTextA
EnumWindows
DefWindowProcA
ScreenToClient
PtInRect
SetMenuDefaultItem
GetKeyState
SetCapture
ReleaseCapture
GetSubMenu
DeleteMenu
GrayStringA
TabbedTextOutA
GetSysColorBrush
GetMenuStringA
CharNextA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
ModifyMenuA
GetMenuItemCount
AppendMenuA
DrawTextA
DrawIconEx
SystemParametersInfoA
DrawEdge
SetRect
GetMenuItemInfoA
GetNextDlgGroupItem
RedrawWindow
LoadCursorA
FrameRect
LoadImageA
GetIconInfo
CreateIconIndirect
GetDC
ReleaseDC
RegisterClipboardFormatA
GetDCEx
DrawStateA
OffsetRect
DrawFocusRect
WindowFromPoint
GetActiveWindow
SetCursor
GetNextDlgTabItem
IsMenu
GetWindowLongA
DestroyIcon
DestroyCursor
ShowWindow
GetParent
ClientToScreen
EnableMenuItem
EnableWindow
GetKeyboardState
ToAscii
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
KillTimer
SetForegroundWindow
LoadBitmapA
InvalidateRect
CopyAcceleratorTableA
GetSystemMetrics
GetClientRect
DrawIcon
CopyRect
InflateRect
GetWindowRect
SetTimer
LoadIconA
GetCursorPos
CheckMenuItem
PostMessageA
SendMessageA
GetClassNameA
SetRectEmpty
DestroyMenu
LoadStringA
MapDialogRect
SetWindowContextHelpId
ValidateRect
PostQuitMessage
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EndDialog
CreateDialogIndirectParamA
UpdateWindow
MapWindowPoints
GetFocus
SetActiveWindow
AdjustWindowRectEx
EqualRect
DeferWindowPos
MessageBeep
GetSysColor
FillRect
IsIconic
IsWindowVisible
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
TrackPopupMenu
GetDesktopWindow
GetForegroundWindow
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
HideCaret
CallWindowProcA
GetDlgItem
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetWindow
RegisterWindowMessageA
IntersectRect
GetWindowPlacement
SetFocus
IsWindowEnabled
SetWindowPos
MoveWindow
GetDlgCtrlID
GetWindowTextLengthA
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemInt
IsWindow
SetWindowLongA
UnregisterClassA
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode

gdi32

ExtTextOutA
SetMapMode
CreateFontA
StretchBlt
GetTextMetricsA
CreateCompatibleDC
DeleteObject
GetObjectA
CreateCompatibleBitmap
BitBlt
GetStockObject
SetTextColor
SetBkColor
DeleteDC
CreateBitmap
SetPixel
SelectObject
GetDeviceCaps
GetBkMode
GetPixel
CreateSolidBrush
CreateFontIndirectA
CreatePen
GetTextExtentPoint32A
Ellipse
GetTextExtentPoint32W
RectVisible
CreateDIBSection
PtVisible
Escape
PatBlt
TextOutA
GetBkColor
GetMapMode
LPtoDP
DPtoLP
GetWindowExtEx
GetViewportExtEx
RestoreDC
SaveDC
SetBkMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
SetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetClipBox
SetWindowExtEx
ExcludeClipRect
IntersectClipRect
SelectClipRgn
MoveToEx
LineTo
CreateRectRgn
CreatePatternBrush
CreateRectRgnIndirect
CombineRgn
StretchDIBits
SetRectRgn
GetTextColor
GetCharWidthA
GetTextExtentPointA
CreateDIBitmap

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
Shell_NotifyIconA
ShellExecuteExA

comctl32

ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_Draw
_TrackMouseEvent
ord17
ImageList_Destroy
ImageList_Create
ImageList_GetIcon
ImageList_AddMasked
ImageList_GetImageCount

oledlg

ord8

ole32

CoGetClassObject
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoTaskMemFree
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CLSIDFromString
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc

olepro32

ord253

oleaut32

SysAllocStringByteLen
SysAllocString
SysStringLen
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

wsock32

socket
recv
send
htons
htonl
ntohl
ntohs
bind
recvfrom
__WSAFDIsSet
select
sendto
WSAStartup
gethostbyname
ioctlsocket
connect
gethostname
inet_addr
closesocket
inet_ntoa
WSACleanup
WSAGetLastError

dsound

ord1

winmm

waveOutUnprepareHeader
PlaySoundA
waveInPrepareHeader
waveInAddBuffer
waveInClose
waveInStart
waveInUnprepareHeader
waveOutSetVolume
waveOutPrepareHeader
waveOutWrite
waveOutClose
waveOutOpen
waveInOpen

ippcore

ippCoreSetFlushToZero

ipps20

ippsAbs_16s_I
ippsDotProd_16s32s_Sfs
ippsRShiftC_16s
ippsZero_8u
ippsMulC_16s_Sfs
ippsRShiftC_16s_I
ippsLShiftC_16s
ippsMin_16s
ippsMax_16s
ippsSum_16s32s_Sfs
ippsAdd_16s_I
ippsSub_16s
ippsSub_16s_I
ippsMove_16s
ippsAddC_16s_I
ippsAdd_16s_ISfs
ippsLShiftC_16s_I
ippsZero_16s
ippsMalloc_8u
ippsMulC_16s_I
ippsCopy_16s
ippsFree

ippsc20

ippsLSFDecode_G723_16s
ippsLSPToLPC_G729_16s
ippsInterpolate_G729_16s
ippsDecodeGain_G729_16s
ippsLSFDecodeErased_G729_16s
ippsIIR16sLow_G729_16s
ippsOpenLoopPitchSearch_G729A_16s
ippsMulC_NR_16s_Sfs
ippsAdaptiveCodebookSearch_G729A_16s
ippsAdaptiveCodebookGain_G729A_16s
ippsSynthesisFilterZeroStateResponse_NR_16s
ippsPreemphasize_G729A_16s
ippsLagWindow_G729_32s_I
ippsFixedCodebookSearch_G729A_32s16s
ippsLSPQuant_G729_16s
ippsLSPQuant_G729E_16s
ippsLSPToLSF_Norm_G729_16s
ippsOpenLoopPitchSearch_G729_16s
ippsAdaptiveCodebookSearch_G729D_16s
ippsSynthesisFilterLow_NR_16s_ISfs
ippsAdaptiveCodebookGain_G729_16s
ippsAdaptiveCodebookContribution_G729_16s
ippsAdaptiveCodebookSearch_G729_16s
ippsSynthesisFilter_NR_16s_ISfs
ippsInterpolateC_NR_G729_16s_Sfs
ippsPitchPostFilter_G723_16s
ippsDecodeAdaptiveVector_G723_16s
ippsHarmonicFilter_16s_I
ippsLSFQuant_G723_16s32s
ippsLPCToLSF_G723_16s
ippsLevinsonDurbin_G723_16s
ippsAdaptiveCodebookSearch_G723
ippsHarmonicNoiseSubtract_G723_16s_I
ippsHarmonicFilter_NR_16s
ippsHarmonicSearch_G723_16s
ippsIIR16s_G723_32s16s_Sfs
ippsSynthesisFilter_G723_16s32s
ippsOpenLoopPitchSearch_G723_16s
ippsAutoScale_16s_I
ippsIIR16s_G723_16s_I
ippsMul_NR_16s_Sfs
ippsAutoCorr_G723_16s
ippsHighPassFilter_G723_16s
ippsGainControl_G723_16s_I
ippsTiltCompensation_G723_32s16s
ippsIIR16s_G723_16s32s
ippsAutoScale_16s
ippsLSFToLPC_G723_16s
ippsConvPartial_16s32s
ippsACELPFixedCodebookSearch_G723_32s16s
ippsToeplizMatrix_G723_16s32s
ippsCrossCorr_NormM_16s
ippsMPMLQFixedCodebookSearch_G723
ippsAutoCorrLagMax_Inv_16s
ippsResidualFilter_AMRWB_16s_Sfs
ippsPhaseDispersionGetStateSize_G729D_16s
ippsHighPassFilterSize_G729
ippsWinHybridInit_G729E_16s
ippsWinHybridGetStateSize_G729E_16s
ippsPhaseDispersionInit_G729D_16s
ippsHighPassFilterInit_G729
ippsHighPassFilter_G729_16s_ISfs
ippsPhaseDispersion_G729D_16s
ippsDecodeGain_G729I_16s
ippsTiltCompensation_G729_16s
ippsResidualFilter_G729_16s
ippsLSFDecode_G729_16s
ippsToeplizMatrix_G729_16s32s
ippsShortTermPostFilter_G729_16s
ippsInvSqrt_32s_I
ippsRandomNoiseExcitation_G729B_16s
ippsDecodeAdaptiveVector_G729_16s_I
ippsPhaseDispersionUpdate_G729D_16s
ippsLSFToLSP_G729_16s
ippsLSFDecode_G729B_16s
ippsInterpolateC_G729_16s_Sfs
ippsMulPowerC_NR_16s_Sfs
ippsLevinsonDurbin_G729_32s16s
ippsWinHybrid_G729E_16s32s
ippsGainControl_G729_16s_I
ippsTiltCompensation_G729E_16s
ippsMulC_NR_16s_ISfs
ippsAutoCorr_NormE_16s32s
ippsSynthesisFilter_NR_16s_Sfs
ippsLongTermPostFilter_G729_16s
ippsFixedCodebookSearch_G729_32s16s
ippsLSPToLSF_G729_16s
ippsLSFQuant_G729B_16s
ippsGainControl_G729A_16s_I
ippsShortTermPostFilter_G729A_16s
ippsTiltCompensation_G729A_16s
ippsLongTermPostFilter_G729A_16s
ippsSynthesisFilter_G729E_16s_I
ippsSynthesisFilter_G729E_16s
ippsResidualFilter_G729E_16s
ippsFixedCodebookSearch_G729E_16s
ippsFixedCodebookSearch_G729D_16s
ippsLPCToLSP_G729_16s
ippsLPCToLSP_G729A_16s
ippsAutoCorr_NormE_NR_16s
ippsDotProdAutoScale_16s32s_Sfs
ippsLevinsonDurbin_G729B
ippsGainQuant_G729D_16s
ippsGainQuant_G729_16s

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 816KB - Virtual size: 812KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22306a40aefc71fa55e3c0b99fb5d98b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

dsound

winmm

ippcore

ipps20

ippsc20

iphlpapi

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 124KB - Virtual size: 120KB

.data Size: 116KB - Virtual size: 298KB

.rsrc Size: 816KB - Virtual size: 812KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 124KB - Virtual size: 120KB

.data
Size: 116KB - Virtual size: 298KB

.rsrc
Size: 816KB - Virtual size: 812KB