07905c119a3bfd3b833b0c75ebac5486_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07905c119a3bfd3b833b0c75ebac5486_JaffaCakes118
Size

516KB
MD5

07905c119a3bfd3b833b0c75ebac5486
SHA1

5bc9ce4792ec240837ff9cc389cbbf20aaf1f9d4
SHA256

bb99222725a74b21ddd51290ddb1a96260e7ae07024c489157fee6a2a9cac2bc
SHA512

70ad609e15b87a17a61723ed6e06c42737a17fc23c60a6ef000dece7c08411702f3d5dadc94dc7003b23cb81217aeb5b0be2f30aaa3d425b929db0b3156940d7
SSDEEP

12288:FCMOUYmUcCdKusTwn+nKW9T7P6FbiyiLr:0DUvUbdKusTwn+n99T7P6Rb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07905c119a3bfd3b833b0c75ebac5486_JaffaCakes118

Files

07905c119a3bfd3b833b0c75ebac5486_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ceffa014225721665ceac6358cc089b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

htonl
inet_addr
ntohs
getsockname
getpeername
gethostname
inet_ntoa
WSAStartup
WSACleanup
setsockopt
bind
listen
accept
select
__WSAFDIsSet
closesocket
shutdown
recv
send
WSAGetLastError
htons
socket
connect
gethostbyname
getservbyname
ioctlsocket

winmm

timeGetTime

kernel32

EnterCriticalSection
GetSystemInfo
GetVersion
lstrlenA
GetCurrentProcess
GetProfileStringA
InitializeCriticalSection
DeleteCriticalSection
WaitForSingleObject
WaitForMultipleObjects
CreateThread
GetLocalTime
DebugBreak
GetComputerNameA
ResumeThread
IsBadWritePtr
IsBadReadPtr
DeviceIoControl
Beep
GetCurrentThreadId
GetSystemDirectoryA
GetSystemTime
FlushFileBuffers
CreateDirectoryA
MoveFileA
SetErrorMode
GetDriveTypeA
GetLogicalDriveStringsA
FileTimeToSystemTime
GetFileTime
SetFilePointer
SetFileTime
SystemTimeToFileTime
SetEndOfFile
GetVersionExA
SetThreadPriority
LeaveCriticalSection
OpenEventA
GlobalUnlock
GlobalLock
GlobalAlloc
SetProcessShutdownParameters
TerminateProcess
CreateProcessA
GetCurrentProcessId
ReleaseMutex
CreateMutexA
GetStdHandle
AllocConsole
MoveFileExA
FormatMessageA
SetLastError
WriteConsoleA
OpenProcess
QueryPerformanceCounter
QueryPerformanceFrequency
SearchPathA
GlobalFree
CopyFileA
FreeLibrary
DeleteFileA
GetModuleFileNameA
FindFirstFileA
FindNextFileA
FindClose
Sleep
CreateFileA
GetLastError
WriteFile
ReleaseSemaphore
ReadFile
CloseHandle
CreateSemaphoreA
LoadLibraryA
GetProcAddress
OutputDebugStringA
GetModuleHandleA
TlsSetValue
DuplicateHandle
TlsAlloc
TlsFree
TlsGetValue
GetStartupInfoA
GetCurrentThread

user32

GetProcessWindowStation
GetUserObjectInformationA
ExitWindowsEx
EnableWindow
GetSubMenu
SetMenuDefaultItem
TrackPopupMenu
GetMenuItemID
EnableMenuItem
DestroyMenu
LoadMenuA
ToAscii
VkKeyScanA
GetAsyncKeyState
MapVirtualKeyA
PeekMessageA
WaitMessage
IsIconic
WaitForInputIdle
GetParent
GetClipboardOwner
GetClipboardData
GetForegroundWindow
IsWindowVisible
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
DrawIconEx
SetClipboardViewer
IsWindow
EnumWindows
OpenDesktopA
EnumDesktopWindows
FindWindowA
GetClassNameA
ChangeClipboardChain
DestroyWindow
GetDesktopWindow
WindowFromPoint
GetWindowRect
RegisterWindowMessageA
mouse_event
wsprintfA
GetKeyboardState
keybd_event
GetThreadDesktop
OpenInputDesktop
SetThreadDesktop
CloseDesktop
GetCursorPos
SetCursorPos
GetDC
ReleaseDC
EnumDisplaySettingsA
GetDlgItemTextA
SetFocus
LoadStringA
GetScrollInfo
PostMessageA
SetDlgItemTextA
SetForegroundWindow
MessageBoxA
SystemParametersInfoA
SendMessageA
SendDlgItemMessageA
InvalidateRect
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
KillTimer
PostQuitMessage
SetTimer
LoadIconA
LoadCursorA
RegisterClassExA
AdjustWindowRect
CreateWindowExA
ShowWindow
GetSystemMetrics
SetWindowPos
IsRectEmpty
LoadImageA
GetWindowTextA
GetDlgItem
SetWindowTextA
GetWindowLongA
SetWindowLongA
EndDialog
DialogBoxParamA
GetIconInfo

gdi32

DeleteDC
GetDIBits
CreateDCA
DeleteObject
StretchBlt
PatBlt
SelectObject
CreateSolidBrush
CreateCompatibleDC
GetClipBox
GetStockObject
SetBkMode
GetSystemPaletteEntries
ExtEscape
GetPixel
CreateCompatibleBitmap
GetDeviceCaps
SetDIBColorTable
RealizePalette
SelectPalette
CreatePalette
CreateDIBSection
BitBlt
GdiFlush
GetBitmapBits
GetObjectA
SetBkColor

shell32

ShellExecuteA
Shell_NotifyIconA
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA

advapi32

GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCreateKeyA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
ImpersonateLoggedOnUser
DuplicateToken
RevertToSelf
OpenProcessToken
CryptAcquireContextA
CryptReleaseContext
CryptGenRandom
RegCloseKey

ole32

CoInitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

comctl32

InitCommonControlsEx

msvcrt

strrchr
strstr
strcspn
atoi
getenv
fopen
fgets
strchr
strncmp
toupper
strcmp
strspn
__mb_cur_max
_isctype
_pctype
exit
vsprintf
_iob
fprintf
__setusermatherr
vfprintf
sprintf
memcpy
memcmp
free
malloc
memset
__CxxFrameHandler
strlen
printf
strcpy
_errno
getchar
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_setmode
??3@YAXPAX@Z
strcat
_mbsicmp
_ismbcdigit
??2@YAPAXI@Z
realloc
calloc
_purecall
fclose
fread
_CxxThrowException
_endthreadex
_strdup
_beginthreadex
sscanf
_mbsnbcpy
_mbschr
_mbsstr
_mbstok
_itoa
time
memmove
_snprintf
strncat
tolower
abs
fflush
_fdopen
_dup2
_vsnprintf
ctime
setbuf
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
strncpy
_write
_read
_close
_stat
_strnicmp
_open_osfhandle
_stricmp

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0_Lockit@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1_Lockit@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

msvcirt

??6ostream@@QAEAAV0@K@Z
??6ostream@@QAEAAV0@PBD@Z
?cout@@3Vostream_withassign@@A
?endl@@YAAAVostream@@AAV1@@Z

Sections

.text
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ceffa014225721665ceac6358cc089b

Headers

File Characteristics

Imports

wsock32

winmm

kernel32

user32

gdi32

shell32

advapi32

ole32

version

comctl32

msvcrt

msvcp60

msvcirt

Sections

.text Size: 212KB - Virtual size: 208KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 40KB - Virtual size: 75KB

.rsrc Size: 224KB - Virtual size: 223KB

.text
Size: 212KB - Virtual size: 208KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 40KB - Virtual size: 75KB

.rsrc
Size: 224KB - Virtual size: 223KB