07dca37493a9b124c658f98dfa5595d2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07dca37493a9b124c658f98dfa5595d2_JaffaCakes118
Size

552KB
MD5

07dca37493a9b124c658f98dfa5595d2
SHA1

694de901c89d0191b761c90dc5e3fa64a54bf2ba
SHA256

1ef9bf381b776317ca98dd627e5b75e0ea5b80d176bfdc8f1ec65d3cfe89869d
SHA512

5ce237e4ce6b2d511af6ff6a8763214b5617dcf056e51771c1b90ba26e023ab7dab7c4d3b20a3dbb288f95e74c9bebed55ec625e36d42afb1dbb299445410215
SSDEEP

6144:JR40Lj5PWnVjjqF7ocGw5V5NVOtMA1+NWgEAE:JR4S5PM30aC5Nq4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07dca37493a9b124c658f98dfa5595d2_JaffaCakes118

Files

07dca37493a9b124c658f98dfa5595d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58129ce6bcc3a9a231ceaeef99750da3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostname
ioctlsocket
htonl
gethostbyname
WSACleanup
WSAStartup

rpcrt4

UuidCreate
RpcStringFreeA
UuidToStringA

comctl32

_TrackMouseEvent

wininet

InternetReadFile
HttpQueryInfoA
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

shlwapi

SHDeleteKeyA

kernel32

GetLastError
MulDiv
HeapAlloc
FlushInstructionCache
GetCurrentProcess
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcmpA
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
GetCurrentThreadId
CreateThread
ResetEvent
Sleep
DeleteFileA
LoadLibraryA
SetEvent
GetCurrentProcessId
WaitForSingleObject
CreateEventA
WriteProcessMemory
GetProcAddress
CloseHandle
CreateProcessA
GetCommandLineA
CopyFileA
lstrcatA
GetTempPathA
MoveFileA
GetVolumeInformationA
GetSystemDirectoryA
RemoveDirectoryA
SetFileAttributesA
GetWindowsDirectoryA
CreateDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetTickCount
GetSystemTime
SystemTimeToFileTime
GetUserDefaultLCID
SetLastError
lstrlenA
CreateMutexA
LockResource
GlobalFree
GlobalHandle
GetLocalTime
GetVersion
GetComputerNameA
ReadFile
SetFilePointer
CreateFileA
MoveFileExA
Process32Next
TerminateProcess
OpenProcess
Process32First
ResumeThread
GetPriorityClass
VirtualAlloc
VirtualFree
CreateRemoteThread
HeapDestroy
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
SetUnhandledExceptionFilter
GetStartupInfoA
ExitProcess
GetSystemTimeAsFileTime
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualProtect
RtlUnwind
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
IsBadReadPtr
IsBadCodePtr
GetOEMCP
SetHandleCount
GetCPInfo
GetStringTypeA
GetStringTypeW
lstrlenW
InterlockedDecrement
InterlockedIncrement
lstrcmpiA
GetShortPathNameA
lstrcpyA
CreateToolhelp32Snapshot
GetProcessHeap
HeapFree
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
HeapCreate
IsBadWritePtr
SetStdHandle
FlushFileBuffers
HeapSize
LCMapStringA
LCMapStringW
WriteFile
GetTimeZoneInformation
SetEndOfFile
CompareStringA
CompareStringW
ReleaseMutex
SetEnvironmentVariableA

user32

KillTimer
GetUpdateRgn
LoadImageA
ShowWindow
CharLowerA
CreateDialogParamA
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
RegisterClassExA
GetClassInfoExA
LoadCursorA
wsprintfA
CreateWindowExA
CreateAcceleratorTableA
CharNextA
PostQuitMessage
GetWindowRect
ExitWindowsEx
FindWindowExA
GetParent
GetClassNameA
SetWindowPos
DestroyWindow
GetDlgItem
IsWindow
SetTimer
DestroyAcceleratorTable
GetFocus
IsChild
GetWindow
SetFocus
BeginPaint
EndPaint
CallWindowProcA
FindWindowA
CreateDialogIndirectParamA
SetWindowContextHelpId
MapDialogRect
DrawTextA
SetActiveWindow
ScreenToClient
EnableWindow
GetPropA
SetPropA
EnumChildWindows
GetSystemMetrics
GetDesktopWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
GetClientRect
FillRect
SetCapture
ReleaseCapture
GetSysColor
UnregisterClassA
MessageBoxA
PostThreadMessageA
DefWindowProcA
GetWindowLongA
SetWindowLongA
SetDlgItemTextA
SendMessageA
EnumWindows
PostMessageA
GetForegroundWindow
RedrawWindow

gdi32

GetDIBits
SetTextColor
CreateRectRgn
FillRgn
SetStretchBltMode
SetDIBits
CreateFontIndirectA
SetBkMode
StretchBlt
SetBkColor
CreateSolidBrush
GetStockObject
GetObjectA
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
DeleteObject
SelectObject

advapi32

RegEnumValueA
RegQueryValueExA
GetUserNameA
RegCreateKeyA
RegOpenKeyA
RegQueryValueA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyA

shell32

Shell_NotifyIconA
ShellExecuteA
SHGetSpecialFolderPathA

ole32

CoTaskMemAlloc
CoCreateInstance
OleLockRunning
CreateStreamOnHGlobal
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoTaskMemFree
CoTaskMemRealloc
OleInitialize
OleUninitialize
CoInitialize
CoUninitialize
StringFromGUID2

oleaut32

VariantInit
SysAllocString
SysFreeString
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
SysAllocStringLen
VariantClear
OleCreateFontIndirect
SysStringByteLen
SysStringLen

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

58129ce6bcc3a9a231ceaeef99750da3

Headers

File Characteristics

Imports

wsock32

rpcrt4

comctl32

wininet

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 160KB - Virtual size: 160KB

.rdata Size: 40KB - Virtual size: 40KB

.data Size: 212KB - Virtual size: 212KB

.rsrc Size: 112KB - Virtual size: 112KB

.reloc Size: 24KB - Virtual size: 24KB

.text
Size: 160KB - Virtual size: 160KB

.rdata
Size: 40KB - Virtual size: 40KB

.data
Size: 212KB - Virtual size: 212KB

.rsrc
Size: 112KB - Virtual size: 112KB

.reloc
Size: 24KB - Virtual size: 24KB