fb8c0dc99fca18a6142680b0d29aa4f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb8c0dc99fca18a6142680b0d29aa4f2_JaffaCakes118
Size

89KB
MD5

fb8c0dc99fca18a6142680b0d29aa4f2
SHA1

0281b2851e4e6d8c352bf072f78013a6fe4af629
SHA256

ba15eb93080c075f335dd1f114b1959342a6e98d6dfaf12757e8fe69f077e4ae
SHA512

4eec3e5d04808c2333bf362e93886c9ff8a6346cbd2ab2d8f1d9fc82cb719405298c4a946d5c7bf4b2d94bbf4941ee06890fe43cd46140a38e0ce54e225a7952
SSDEEP

1536:twnJCC1SWjTq8yAKqmMIykJXw/Z4RogaO6sUxp15O+7gyYAcPhzHnaC6f+DM6XvE:twJP1SWjm8ytqmMHkJXU4yO6sqpNOAmI

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
fb8c0dc99fca18a6142680b0d29aa4f2_JaffaCakes118
unpack001/uninstall.exe
unpack001/webcam.exe

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
static1/unpack001/uninstall.exe	nsis_installer_1

Files

fb8c0dc99fca18a6142680b0d29aa4f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b711f65a9aff6a22fb2f57f0ac8bda33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
ExitProcess
lstrcpynA
SetFileTime
GetWindowsDirectoryA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
MulDiv
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetCommandLineA

user32

SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
CreateWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
CreateDialogParamA
EmptyClipboard
DestroyWindow
SetWindowLongA
LoadImageA
GetDC
EnableWindow
PeekMessageA
DispatchMessageA
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
GetDlgItem

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
license.txt
uninstall.exe
.exe windows:4 windows x86 arch:x86

b711f65a9aff6a22fb2f57f0ac8bda33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
ExitProcess
lstrcpynA
SetFileTime
GetWindowsDirectoryA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
MulDiv
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetCommandLineA

user32

SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
CreateWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
CreateDialogParamA
EmptyClipboard
DestroyWindow
SetWindowLongA
LoadImageA
GetDC
EnableWindow
PeekMessageA
DispatchMessageA
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
GetDlgItem

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
webcam.exe
.exe windows:4 windows x86 arch:x86

4cbcdd217d6cd0e86b2871abdecd55fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
GetFileAttributesA
CreateMutexA
SetLastError
SetConsoleCtrlHandler
GetModuleHandleA
GetCommandLineA
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
DeleteFileA
GetTempPathA
FreeLibrary
GetCurrentThreadId
GetProcAddress
LoadLibraryA
lstrcatA
GetVersionExA
GetSystemInfo
CreateDirectoryA
GetWindowsDirectoryA
GetShortPathNameA
GetLocalTime
LCMapStringA
GetOEMCP
lstrcpynA
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapAlloc
HeapFree
ExitProcess
GetVersion
GetStartupInfoA
RtlUnwind
GetPrivateProfileStringA
lstrcmpA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetLastError
IsBadStringPtrA
CompareStringA
IsBadWritePtr
GetFileSize
ReadFile
GetModuleFileNameA
WideCharToMultiByte
lstrcmpiA
CreateFileA
WriteFile
GetCurrentProcessId
Sleep
GetTickCount
CreateThread
MultiByteToWideChar
lstrlenA
LocalAlloc
LCMapStringW
lstrcpyA
LocalFree
WaitForSingleObject
TerminateThread
GetACP
CloseHandle

user32

EndPaint
GetSysColor
BeginPaint
IsWindowEnabled
SetCursor
LoadCursorA
MoveWindow
DestroyWindow
GetAsyncKeyState
GetWindowPlacement
PostQuitMessage
SetWindowPlacement
LoadIconA
LoadMenuA
GetSubMenu
PostThreadMessageA
IsWindow
GetCursorPos
TrackPopupMenu
DestroyMenu
PtInRect
GetMessageA
IsDialogMessageA
TranslateMessage
GetProcessWindowStation
GetThreadDesktop
OpenWindowStationA
SetProcessWindowStation
OpenInputDesktop
SetThreadDesktop
CloseWindowStation
DispatchMessageA
RegisterWindowMessageA
LoadImageA
DestroyIcon
CallWindowProcA
GetWindowDC
DrawTextA
GetClientRect
ReleaseDC
PostMessageA
GetParent
SetDlgItemTextA
wsprintfA
PeekMessageA
GetWindowRect
wsprintfW
ScreenToClient
GetClassNameA
SetWindowTextA
WinHelpA
InvalidateRect
GetWindow
GetWindowTextA
CreateWindowExA
SetWindowLongA
GetTopWindow
wvsprintfA
EnableWindow
SetTimer
SendDlgItemMessageA
SetDlgItemInt
GetDlgItem
SendMessageA
GetDlgItemTextA
IsWindowVisible
ShowWindow
KillTimer
LoadStringA
MessageBoxA
GetWindowLongA
GetDlgItemInt
CreateDialogParamA
SetForegroundWindow

gdi32

SetBkMode
SetBkColor
SetTextColor
GetObjectA
CreateFontIndirectA
SelectObject
GetStockObject
DeleteObject

comdlg32

GetOpenFileNameA

advapi32

CloseServiceHandle
DeleteService
RegOpenKeyExA
RegQueryValueExA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenServiceA
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegCreateKeyA
RegOpenKeyA
StartServiceCtrlDispatcherA
OpenSCManagerA
StartServiceA
CreateServiceA
ControlService

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
Shell_NotifyIconA

ole32

CreateItemMoniker
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
GetRunningObjectTable

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantInit

winmm

PlaySoundA

comctl32

ord17

ws2_32

WSACleanup

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
webcam.hlp

Sharing

General

Malware Config

Signatures

Files

b711f65a9aff6a22fb2f57f0ac8bda33

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 109KB

.ndata Size: - Virtual size: 32KB

.rsrc Size: 16KB - Virtual size: 20KB

b711f65a9aff6a22fb2f57f0ac8bda33

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 109KB

.ndata Size: - Virtual size: 32KB

.rsrc Size: 16KB - Virtual size: 20KB

4cbcdd217d6cd0e86b2871abdecd55fa

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

winmm

comctl32

ws2_32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 14KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 109KB

.ndata
Size: - Virtual size: 32KB

.rsrc
Size: 16KB - Virtual size: 20KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 109KB

.ndata
Size: - Virtual size: 32KB

.rsrc
Size: 16KB - Virtual size: 20KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 14KB

.rsrc
Size: 8KB - Virtual size: 6KB