ff6e93a5dac433c098863d2610592f3d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ff6e93a5dac433c098863d2610592f3d_JaffaCakes118
Size

2.3MB
MD5

ff6e93a5dac433c098863d2610592f3d
SHA1

1e1de2c4a5f9e4bb9966cc0083652a58b6db5562
SHA256

1eeeb3b4ce52acb9d2f50ba510215c5fe5f48fb8561c2e8f9e6f790658caaaa5
SHA512

5e10462eb55972ef3895b6282fa6cde555b3b576c5162404730fac6edd0d37db83e835cd6059eaf955eabe178b341888f0365c326c63e64d826b5753bbf09cf5
SSDEEP

6144:Dj/lWkmjJo8uhYL+MtxrCXLfuI33syBbT8yx3aA71NZTcIn:DxWkmdFcYL+MtVar8GRZY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff6e93a5dac433c098863d2610592f3d_JaffaCakes118

Files

ff6e93a5dac433c098863d2610592f3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c27e9bf02c83eab6c249de26684a3aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

comctl32

InitCommonControls

gdi32

SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
ScaleViewportExtEx
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
GetTextColor
GetBkColor
GetMapMode
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
DPtoLP
LPtoDP
GetObjectA
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateSolidBrush

kernel32

GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
HeapFree
RaiseException
CreateThread
ExitThread
HeapSize
HeapReAlloc
GetACP
SetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
HeapAlloc
GetEnvironmentStrings
GetEnvironmentStringsW
LockResource
GetStdHandle
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
TerminateProcess
ExitProcess
RtlUnwind
GetProfileStringA
SetErrorMode
WritePrivateProfileStringA
SizeofResource
GetOEMCP
GetCPInfo
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GetProcessVersion
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
DuplicateHandle
GlobalAlloc
lstrcmp
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
FormatMessageA
LocalFree
CreateEventA
SuspendThread
ResumeThread
SetEvent
WaitForSingleObject
SetLastError
GlobalLock
GlobalUnlock
GlobalFree
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetVersion
lstrcat
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpi
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpy
GetModuleHandleA
GetProcAddress
MulDiv
lstrlenW
WideCharToMultiByte
lstrlen
GetModuleFileNameA
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
SetProcessPriorityBoost
ReleaseMutex
CreateMutexA
GetLastError
GetFileSize
CreateFileA
WriteFile
CloseHandle
GetTickCount
MultiByteToWideChar
GetSystemDirectoryA
lstrcpyn
CreateProcessA
CreateDirectoryA
FreeEnvironmentStringsW
Sleep

oleaut32

SafeArrayAccessData
SysAllocStringLen
SysFreeString
VariantClear
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
VariantTimeToSystemTime
SysStringLen
SafeArrayUnaccessData

olepro32

OleCreateFontIndirect

shell32

SHGetSpecialFolderPathA
ShellExecuteEx
SHChangeNotify

sensapi

IsNetworkAlive

user32

MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessage
SetDlgItemTextA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
SetActiveWindow
ScreenToClient
CopyRect
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetNextDlgGroupItem
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
SetForegroundWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
IntersectRect
GetWindowPlacement
GetSystemMetrics
OffsetRect
PostMessageA
EnableWindow
LoadIconA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
RegisterClipboardFormatA
SystemParametersInfoA
GetWindow
SetFocus
GetWindowRect
UpdateWindow
GetDlgCtrlID
GetParent
IsIconic
GetFocus
IsChild
IsWindow
GetClientRect
AdjustWindowRectEx
KillTimer
SetRect
CopyAcceleratorTableA
wvsprintfA
wsprintfA
FindWindowA
MessageBoxA
RedrawWindow
InvalidateRect
LoadBitmapA
PostQuitMessage
SendMessageA
GetDesktopWindow
DefDlgProcA
IsWindowUnicode
SetTimer
PtInRect
InflateRect
GetClassNameA
GetSysColorBrush
LoadCursorA
DestroyMenu
CharUpperA
MapDialogRect
SetWindowContextHelpId
SetCursor
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GetForegroundWindow
LoadStringA
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
GetWindowTextA
CharNextA

wininet

InternetGetLastResponseInfoA
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetQueryDataAvailable
InternetGetConnectedState

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

iphlpapi

GetAdaptersInfo

ole32

CoTaskMemAlloc
CoTaskMemFree
StgCreateDocfileOnILockBytes
OleInitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
CoInitialize
CoCreateInstance
CoUninitialize
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleUninitialize

oledlg

OleUIBusyA

urlmon

URLDownloadToFileA

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0c27e9bf02c83eab6c249de26684a3aa

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

oleaut32

olepro32

shell32

sensapi

user32

wininet

winspool.drv

comdlg32

iphlpapi

ole32

oledlg

urlmon

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rsrc Size: 8KB - Virtual size: 8KB

.idata Size: 12KB - Virtual size: 12KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rsrc
Size: 8KB - Virtual size: 8KB

.idata
Size: 12KB - Virtual size: 12KB