ff1f82eb5a5b6a6c0c3969422db86dd7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ff1f82eb5a5b6a6c0c3969422db86dd7_JaffaCakes118
Size

1.1MB
MD5

ff1f82eb5a5b6a6c0c3969422db86dd7
SHA1

b3eea3571f3fabb89b2099472ce77d098c04b2be
SHA256

33a24fe282ae344c7573dd6b84eff515a8394b89cb7f4ae4baf5ef9781cbb3e5
SHA512

db0265628786539cbfc2e1763fb2f84583e64cdda0600d5584977688f3cc7ebaa8877e5cae44905968eadd30177173f7bd2cada18e182e51bb1b77bbc8e48671
SSDEEP

12288:leLKaPos26A2u3sLzICWR0Op72nUrXAodo1Mo4dSELnS:rs2x22sLzIf7gnWAuo1Hp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff1f82eb5a5b6a6c0c3969422db86dd7_JaffaCakes118

Files

ff1f82eb5a5b6a6c0c3969422db86dd7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd13593376ccf381af67418fb4e8e3c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\sandbox\88273\Muroc\framework\Release\iFrmewrk.pdb

Imports

psregapi

?DeleteValue@CRegApi@@QAEJPBD@Z
?DeleteKey@CRegApi@@QAEJPBD@Z
?QueryValue@CRegApi@@QAEJPBDAAJ@Z
??BCRegApi@@QBEPAUHKEY__@@XZ
?CreateKey@CRegApi@@QAEJPAUHKEY__@@PBDKKAAK@Z
?SetValue@CRegApi@@QAEJPBDK0@Z
?SetValue@CRegApi@@QAEJPBDPBEK@Z
?SetValue@CRegApi@@QAEJPBDJ@Z
?QueryValue@CRegApi@@QAEJPBDPADAAK@Z
??0CRegApi@@QAE@XZ
?OpenKey@CRegApi@@QAEJPAUHKEY__@@PBDK@Z
??1CRegApi@@UAE@XZ
?QueryValue@CRegApi@@QAEJPBDPAEAAK@Z
?CloseKey@CRegApi@@QAEJXZ

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

winmm

PlaySoundA

intstngs

??1CIntelSettings@@QAE@XZ
??0CIntelSettings@@QAE@W4IT_SETTING_LOC@@KH@Z
?GetSetting@CIntelSettings@@QAEJW4INTEL_SETTING@@PADK@Z

murocapi

ord30
ord96

libeay32

ord962
ord265
ord266
ord267
ord269
ord268
ord333
ord464
ord469
ord2206
ord3171
ord3024
ord3106
ord477
ord479
ord274
ord276
ord275
ord2927
ord3315
ord264

kernel32

EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
FileTimeToSystemTime
GetCPInfo
GetOEMCP
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetCurrentDirectoryA
MoveFileA
DeleteFileA
ReadFile
SetFilePointer
FlushFileBuffers
VirtualProtect
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetFullPathNameA
GetShortPathNameA
FindResourceExA
LocalUnlock
LocalLock
SetErrorMode
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
GetFileTime
GetTickCount
GetTempFileNameA
GetDiskFreeSpaceA
HeapAlloc
HeapFree
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
TerminateProcess
GetDriveTypeA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
ExitThread
CreateThread
HeapSize
FatalAppExitA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetConsoleCtrlHandler
GetLocaleInfoW
SetEnvironmentVariableA
GlobalHandle
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
DeleteCriticalSection
InitializeCriticalSection
SuspendThread
ResumeThread
SetThreadPriority
InterlockedDecrement
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetModuleHandleA
GlobalFree
CopyFileA
MulDiv
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
GetCurrentThreadId
lstrcatA
WinExec
lstrcpyA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CreateFileA
WriteFile
RaiseException
LocalFree
LocalAlloc
GetSystemTime
SystemTimeToFileTime
CompareFileTime
GetVolumeInformationA
SetLastError
lstrcpynA
ReleaseMutex
LoadLibraryA
GetProcAddress
FreeLibrary
CreateEventA
ResetEvent
WaitForSingleObject
SetEvent
OpenMutexA
CreateMutexA
CloseHandle
Sleep
TerminateThread
GetFileAttributesA
GetWindowsDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetSystemDirectoryA
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiW
lstrlenW
lstrcmpiA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GlobalReAlloc
LeaveCriticalSection
InterlockedIncrement
LockFile

user32

DestroyMenu
GetMenuItemInfoA
IsZoomed
GetAsyncKeyState
WindowFromPoint
GetDialogBaseUnits
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
UnionRect
IsClipboardFormatAvailable
GetTabbedTextExtentA
RegisterClipboardFormatA
GetDCEx
LockWindowUpdate
PostThreadMessageA
GetSystemMenu
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ScrollWindowEx
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
WinHelpA
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
GetWindowTextLengthA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
PeekMessageA
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
RegisterClassA
UnregisterClassA
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
SetWindowPos
IntersectRect
GetWindowPlacement
EndPaint
BeginPaint
GetWindowDC
GetKeyNameTextA
GetMenuState
AppendMenuA
UnpackDDElParam
SendNotifyMessageA
DrawFocusRect
SetProcessDefaultLayout
MessageBoxA
SetWindowsHookExA
CallNextHookEx
UnhookWindowsHookEx
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
DrawStateA
MessageBeep
GetMessagePos
IsWindow
InvalidateRect
ScreenToClient
SetCursor
EnumChildWindows
CopyIcon
SetWindowLongA
DestroyIcon
DestroyCursor
SetLayeredWindowAttributes
GetDesktopWindow
SetMenuDefaultItem
FlashWindowEx
GetWindowLongA
CallWindowProcA
GetCursorPos
GetDoubleClickTime
AdjustWindowRectEx
LoadIconA
CharLowerA
CharLowerW
CharUpperA
CharUpperW
MapVirtualKeyA
GetWindowRect
EnableWindow
SendMessageA
IsRectEmpty
PtInRect
SetRect
SetRectEmpty
OffsetRect
CopyRect
SetForegroundWindow
SetParent
IsChild
GetLastActivePopup
ShowScrollBar
IsIconic
DrawMenuBar
SetMenu
GetMenu
LoadMenuA
RemoveMenu
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuStringA
GetMenuItemID
GetMenuItemCount
EnableMenuItem
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
BringWindowToTop
TranslateAcceleratorA
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
CheckMenuItem
DeleteMenu
CreatePopupMenu
RegisterWindowMessageA
EnumWindows
GetWindowTextA
UpdateWindow
GetFocus
GetParent
GetSysColor
SystemParametersInfoA
LoadImageA
FindWindowExA
GetIconInfo
GetDC
ReleaseDC
DrawIconEx
FindWindowA
GetClassNameA
PostQuitMessage
GetMessageA
TranslateMessage
ValidateRect
MapWindowPoints
wsprintfA
EqualRect
ClientToScreen
GetMonitorInfoA
MonitorFromPoint
InflateRect
DrawFrameControl
PostMessageA
SetWindowRgn
GetClientRect
IsWindowVisible
RedrawWindow
SetTimer
KillTimer
GetCapture
SetCapture
RegisterClassExA
GetSysColorBrush
LoadCursorA
ReleaseCapture
GetSystemMetrics
GetWindow

gdi32

CreateRectRgnIndirect
PatBlt
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
CreateHatchBrush
CreateDCA
SetRectRgn
GetTextMetricsA
StretchDIBits
GetCharWidthA
CreateFontA
GetTextColor
GetRgnBox
EnumFontFamiliesExA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
CopyMetaFileA
GetDeviceCaps
SetBkMode
SetBkColor
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
BitBlt
RoundRect
ExtCreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
LPtoDP
DPtoLP
GetMapMode
GetBkColor
CreatePen
GetTextExtentPoint32A
GetPixel
DeleteObject
StretchBlt
FrameRgn
CreateCompatibleDC
EqualRgn
CombineRgn
CreateRoundRectRgn
CreatePolygonRgn
CreateRectRgn
CreateCompatibleBitmap
GetObjectA
CreateFontIndirectA
GetStockObject
GetDCOrgEx
CreateSolidBrush
SelectPalette
CreateBitmap
CreatePatternBrush
CreateDIBPatternBrushPt
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
StartDocA
GetWindowExtEx
GetViewportExtEx
SelectClipPath
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
PlayMetaFileRecord

comdlg32

PageSetupDlgA
ReplaceTextA
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
GetFileTitleA
PrintDlgA
FindTextA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA
GetJobA

advapi32

CheckTokenMembership
AllocateAndInitializeSid
RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
SetFileSecurityA
GetFileSecurityA
FreeSid

shell32

SHGetFileInfoA
SHAppBarMessage
ShellExecuteA
DragFinish
DragQueryFileA
Shell_NotifyIconA
ExtractIconA

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_SetBkColor
ImageList_GetIconSize
_TrackMouseEvent
ord13
ImageList_Read
ImageList_Write
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ord17
ImageList_GetImageInfo
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CLSIDFromProgID
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
CreateBindCtx
CoTreatAsClass
CLSIDFromString
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CoDisconnectObject
CoCreateInstance
StringFromGUID2
CoGetClassObject
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleRun
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StringFromCLSID
StgOpenStorageOnILockBytes

oleaut32

SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SafeArrayLock
SysAllocString
SysReAllocStringLen
VarDateFromStr
VarBstrFromDec
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SysFreeString
SafeArrayAllocData
LoadTypeLi
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SystemTimeToVariantTime
VarDecFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
OleCreateFontIndirect

Sections

.text
Size: 712KB - Virtual size: 710KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 4KB - Virtual size: 966B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.krdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fd13593376ccf381af67418fb4e8e3c0

Headers

File Characteristics

PDB Paths

Imports

psregapi

version

winmm

intstngs

murocapi

libeay32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 712KB - Virtual size: 710KB

.rdata Size: 140KB - Virtual size: 136KB

.data Size: 20KB - Virtual size: 32KB

.idata Size: 20KB - Virtual size: 19KB

.didat Size: 4KB - Virtual size: 966B

.rsrc Size: 48KB - Virtual size: 47KB

.krdata Size: 72KB - Virtual size: 72KB

.text
Size: 712KB - Virtual size: 710KB

.rdata
Size: 140KB - Virtual size: 136KB

.data
Size: 20KB - Virtual size: 32KB

.idata
Size: 20KB - Virtual size: 19KB

.didat
Size: 4KB - Virtual size: 966B

.rsrc
Size: 48KB - Virtual size: 47KB

.krdata
Size: 72KB - Virtual size: 72KB