f9d4964439da04e9fd2ac058bda088ff_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f9d4964439da04e9fd2ac058bda088ff_JaffaCakes118
Size

628KB
MD5

f9d4964439da04e9fd2ac058bda088ff
SHA1

ca5a6bab14aa79e45431e0621ea6858cc1c6b49c
SHA256

1a8287ae64e9b7181dcbcd7e364dbff8fbd35c971b58d90b5d2141d295f99085
SHA512

a9d4e817764cbfe16504d923a7cd78e465f78cd4652b5f1793dc73b2b4645d2674e9da965668e801bf0c4f87f9c59928d89154d574ce76e4b91f6850ec155ded
SSDEEP

6144:vFL3dyPfaUBzoSovZZLqak2vtb5RrBX+x63fG++mZDevD3+wtVz6FpAgFlzFmYAN:5APyU4ZPR4xCfvxiOwcpApifk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9d4964439da04e9fd2ac058bda088ff_JaffaCakes118

Files

f9d4964439da04e9fd2ac058bda088ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

075aebb58daed102698ea5bcf0bf28c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetShortPathNameA
GetCurrentDirectoryA
SetErrorMode
RtlUnwind
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetDriveTypeA
ExitProcess
HeapAlloc
HeapFree
HeapReAlloc
VirtualAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
ExitThread
CreateThread
HeapSize
SetStdHandle
GetFileType
GetACP
IsValidCodePage
LockFile
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
VirtualFree
HeapDestroy
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetFileSize
CreateFileA
LocalFileTimeToFileTime
GetOEMCP
GetCPInfo
GlobalFlags
SystemTimeToFileTime
GetThreadLocale
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
InterlockedIncrement
LocalLock
LocalUnlock
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LocalAlloc
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpA
InterlockedDecrement
GetModuleFileNameW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetComputerNameA
OpenProcess
TerminateProcess
SetLastError
GetStringTypeExA
lstrlenA
lstrcmpiA
CompareStringW
CompareStringA
GetVersion
MultiByteToWideChar
CreateMutexA
GetModuleHandleA
GetCurrentProcessId
CreateSemaphoreA
ReleaseSemaphore
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
CloseHandle
GetVersionExA
SleepEx
FindFirstFileA
FindNextFileA
FindClose
InterlockedExchange
GetLastError
GetTickCount
CreateDirectoryA
DeleteFileA
MoveFileA
FormatMessageA
LocalFree
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FindResourceA
LoadResource
LockResource
UnhandledExceptionFilter
SizeofResource

user32

GetTabbedTextExtentA
GetSysColorBrush
DeleteMenu
SetParent
GetDCEx
LockWindowUpdate
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CheckRadioButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
EnableMenuItem
SendDlgItemMessageA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetForegroundWindow
DispatchMessageA
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
DestroyCursor
BeginDeferWindowPos
EndDeferWindowPos
SetCursorPos
CreateWindowExA
SetScrollPos
MessageBeep
IsChild
SetCapture
ScreenToClient
InflateRect
PtInRect
IsZoomed
RegisterWindowMessageA
GetClassNameA
GetSysColor
ReuseDDElParam
DestroyMenu
WinHelpA
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
GetFocus
EqualRect
SetWindowLongA
GetKeyState
GetDlgCtrlID
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetActiveWindow
InvalidateRect
InsertMenuItemA
CreatePopupMenu
GetClassInfoA
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
BringWindowToTop
SetMenu
GetWindow
ShowWindow
GetWindowLongA
IsWindow
TranslateAcceleratorA
UnhookWindowsHookEx
GetMenuState
GetMenuStringA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
IsClipboardFormatAvailable
ShowOwnedPopups
PostQuitMessage
GetMessageA
TranslateMessage
RedrawWindow
IsWindowVisible
GetCursor
SetCursor
HideCaret
GetParent
ClientToScreen
GetClientRect
CheckMenuItem
CharUpperA
DefWindowProcA
UnregisterClassA
ValidateRect
WindowFromPoint
KillTimer
SetRect
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetMenuItemInfoA
CreateDialogIndirectParamA
GetScrollPos
GetNextDlgTabItem
LoadIconA
LoadCursorA
GetLastActivePopup
FindWindowA
UpdateWindow
IsIconic
SetWindowTextA
DialogBoxParamA
GetDlgItem
SetWindowPos
EndDialog
GetWindowTextA
SendMessageA
EnableWindow
SetMenuDefaultItem
GetCursorPos
TrackPopupMenu
LoadImageA
GetDC
ReleaseDC
CreateIconIndirect
DestroyIcon
GetSystemMetrics
SetForegroundWindow
GetDesktopWindow
SetTimer
GetWindowRect
GetMenu
PostMessageA
LoadMenuA
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuItemID
GetMenuItemCount
AppendMenuA
MessageBoxA
UnpackDDElParam

gdi32

SelectClipRgn
CreateRectRgn
GetPixel
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
CreatePatternBrush
CreateSolidBrush
GetBkColor
CreateRectRgnIndirect
SetAbortProc
AbortDoc
SetRectRgn
CombineRgn
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
Rectangle
SetBkMode
RestoreDC
SaveDC
ExtTextOutA
CreateFontIndirectA
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
StretchDIBits
GetCharWidthA
PatBlt
GetTextExtentPoint32A
SetPixel
StretchBlt
DPtoLP
CreateDCA
GetObjectA
CreatePen
SetMapMode
StartDocA
StartPage
EndPage
EndDoc
GetTextMetricsA
GetDeviceCaps
CreateFontA
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteObject
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
GetJobA
DocumentPropertiesA

advapi32

GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegSetValueA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegCreateKeyA

shell32

ExtractIconA
DragQueryFileA
DragFinish
ExtractIconExA
SHGetSpecialFolderPathA
ShellExecuteA
Shell_NotifyIconA
SHGetFileInfoA

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
UrlUnescapeA
PathIsUNCA

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit

ws2_32

shutdown
WSASendDisconnect
WSAStartup
htons
ntohl
send
recv
WSAConnect
WSAEventSelect
WSAWaitForMultipleEvents
ioctlsocket
closesocket
WSARecv
ntohs
inet_ntoa
WSACreateEvent
WSASend
WSACloseEvent
WSAGetOverlappedResult
getpeername
WSASocketA
WSAGetLastError
setsockopt
bind
listen
getsockname
htonl
gethostbyname
inet_addr
gethostname
WSAAccept

prxerdrv

?g_dwProcId@@3KC
?g_hWnd@@3RAUHWND__@@A

prxernsp

?g_hNspWnd@@3RAUHWND__@@A
?g_nDnsMode@@3HC
?g_dwNspProcId@@3KC

wininet

InternetOpenUrlA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
HttpQueryInfoA
InternetQueryDataAvailable
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetCloseHandle
InternetGetLastResponseInfoA

Sections

.text
Size: 404KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

075aebb58daed102698ea5bcf0bf28c1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

ws2_32

prxerdrv

prxernsp

wininet

Sections

.text Size: 404KB - Virtual size: 400KB

.rdata Size: 112KB - Virtual size: 111KB

.data Size: 12KB - Virtual size: 42KB

.rsrc Size: 96KB - Virtual size: 96KB

.text
Size: 404KB - Virtual size: 400KB

.rdata
Size: 112KB - Virtual size: 111KB

.data
Size: 12KB - Virtual size: 42KB

.rsrc
Size: 96KB - Virtual size: 96KB