05d3947aab9a184d7a61c23709aa21e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

05d3947aab9a184d7a61c23709aa21e6_JaffaCakes118
Size

1.1MB
MD5

05d3947aab9a184d7a61c23709aa21e6
SHA1

780a8892e4bf81bab7f8fe5b1f349d3c12f763c2
SHA256

d40b46fe319f6dbf27c8c633f53ba1884da0790d0221ddde46dcd3567998065b
SHA512

87bf342e5945f8c7b4e0ba6bcfd5eacf36723e03d2c56b789924b194947af8a0d15496ba62833cca49065241e5cf0b15e08ca888bef3a5cf279c9d689b5f101c
SSDEEP

12288:BAJjVicQ72si6TUXhIndBO+BGC3cEF+aKSwgRjloawhlYK10SucEP/SOLY0:iJ3KQXhI/3pwaFj2aIlY86x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05d3947aab9a184d7a61c23709aa21e6_JaffaCakes118

Files

05d3947aab9a184d7a61c23709aa21e6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7c3f2879581739cf263ebbfc5ac6955b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Work\越南Viettel\PC_Test\Release\UIMain\UIMain.pdb

Imports

kernel32

HeapFree
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitProcess
HeapReAlloc
RtlUnwind
RaiseException
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
GetFileSizeEx
GetStartupInfoW
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
SetEnvironmentVariableA
GetFileAttributesW
GetFileTime
FileTimeToLocalFileTime
SetErrorMode
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
FileTimeToSystemTime
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
CreateFileW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
lstrcmpA
GetModuleHandleA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
FormatMessageW
LocalFree
GetThreadLocale
ReadFile
CreatePipe
GetProcessHeap
HeapAlloc
GetCurrentProcessId
GetLocalTime
InterlockedCompareExchange
CopyFileW
Process32NextW
TerminateProcess
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
lstrcmpW
lstrcpyW
GlobalAlloc
GlobalFree
MulDiv
GlobalUnlock
GlobalLock
CreateProcessW
GetSystemWindowsDirectoryW
GetTickCount
ResetEvent
SetEvent
CreateThread
CreateEventW
InterlockedExchange
WideCharToMultiByte
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
FindClose
FindNextFileW
FindFirstFileW
CreateDirectoryW
Sleep
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
ReleaseMutex
GetCurrentThreadId
WaitForSingleObject
DeleteFileW
GetModuleFileNameW
CloseHandle
CreateMutexW
lstrcmpiW
lstrlenW
FreeResource
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
SetLastError
GetCPInfo
MultiByteToWideChar
lstrlenA
GetVersionExW
GetVersion
InterlockedIncrement
InterlockedDecrement
FindResourceW
LoadResource
LockResource
QueryPerformanceCounter
SizeofResource

user32

MapDialogRect
PostQuitMessage
CharUpperW
GetMessageW
ValidateRect
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
SetRectEmpty
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
TrackPopupMenu
SetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
DefWindowProcW
CallWindowProcW
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CreateDialogIndirectParamW
DestroyWindow
EndDialog
GetMenuStringW
GetWindowTextLengthW
MessageBeep
GetFocus
SetWindowPos
IsWindowEnabled
SetWindowContextHelpId
IsDialogMessageW
SetDlgItemTextW
SendDlgItemMessageW
GetDlgItemTextW
GetDlgItem
GetDlgCtrlID
GetWindow
CharNextW
SetActiveWindow
LoadMenuW
CheckMenuItem
EnableMenuItem
IsCharAlphaW
GetKeyState
IsWindowVisible
GetCursorPos
SetForegroundWindow
wsprintfW
DrawIcon
IsIconic
GetSystemMenu
SetLayeredWindowAttributes
RedrawWindow
LoadCursorW
GetMessagePos
SetWindowLongW
SetTimer
KillTimer
GetWindowRect
EnableWindow
SetWindowTextW
PtInRect
ScreenToClient
GetWindowThreadProcessId
BringWindowToTop
SetFocus
FindWindowExW
EnumThreadWindows
ChildWindowFromPoint
FindWindowW
IsWindow
ShowWindow
DispatchMessageW
TranslateMessage
PeekMessageW
UpdateWindow
MessageBoxW
GetNextDlgGroupItem
IsRectEmpty
UnregisterClassW
DrawStateW
OffsetRect
GetClientRect
CopyAcceleratorTableW
PostThreadMessageW
MoveWindow
RegisterClipboardFormatW
CopyRect
ReleaseCapture
SetCapture
InvalidateRgn
GetWindowTextW
GetSysColor
FillRect
DrawEdge
SetRect
GetMenuItemInfoW
DrawTextW
SystemParametersInfoW
DrawIconEx
DestroyIcon
GetSystemMetrics
GetDesktopWindow
GetDC
ReleaseDC
AppendMenuW
GetMenuItemCount
ModifyMenuW
GetMenuState
GetMenuItemID
CreateMenu
CreatePopupMenu
GetSysColorBrush
LoadBitmapW
RemoveMenu
DeleteMenu
GetSubMenu
TabbedTextOutW
DrawTextExW
GrayStringW
DestroyCursor
GetWindowLongW
SendMessageW
IsMenu
GetNextDlgTabItem
DrawFocusRect
InflateRect
FrameRect
PostMessageW
GetActiveWindow
WindowFromPoint
ClientToScreen
InvalidateRect
SetCursor
GetParent
SetPropW

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreateRectRgnIndirect
GetMapMode
GetRgnBox
ScaleViewportExtEx
SetWindowOrgEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
CreateCompatibleDC
SetBkMode
RestoreDC
SaveDC
StretchDIBits
CreateFontW
GetCharWidthW
GetClipBox
GetTextColor
GetBkColor
SetDIBColorTable
GetDIBColorTable
StretchBlt
SetTextColor
SetBkColor
CreateBitmap
GetStockObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
PatBlt
SetPixel
GetPixel
GetObjectW
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
Ellipse
GetTextExtentPoint32W
CreateFontIndirectW
GetBkMode
CreatePen
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
SetMapMode

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueExW
RegCloseKey
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyW
RegOpenKeyExW
QueryServiceStatus
ControlService
StartServiceW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegSetValueExW

shell32

Shell_NotifyIconW
ExtractIconW
ShellExecuteW
SHFileOperationW
ShellExecuteExW

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFindExtensionW
PathIsUNCW
PathStripToRootW
PathAppendW
PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

CoCreateInstance
OleRun
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoInitialize
CoUninitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

SysAllocStringByteLen
SysStringLen
SysAllocString
SysAllocStringLen
OleCreateFontIndirect
VariantClear
VariantChangeType
VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysFreeString
VariantCopy
GetErrorInfo

gdiplus

GdiplusStartup
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCloneImage
GdipAlloc
GdiplusShutdown
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDisposeImage
GdipFree

ws2_32

WSAGetLastError
recvfrom
gethostname
inet_addr
setsockopt
WSASocketW
WSAStartup
WSACleanup
gethostbyname
sendto

rasapi32

RasGetConnectStatusW
RasValidateEntryNameW
RasGetErrorStringW

iphlpapi

GetAdaptersInfo
GetIfTable

Sections

.text
Size: 693KB - Virtual size: 693KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 259KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 118KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c3f2879581739cf263ebbfc5ac6955b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

ws2_32

rasapi32

iphlpapi

Sections

.text Size: 693KB - Virtual size: 693KB

.rdata Size: 259KB - Virtual size: 259KB

.data Size: 13KB - Virtual size: 31KB

.rsrc Size: 118KB - Virtual size: 120KB

.text
Size: 693KB - Virtual size: 693KB

.rdata
Size: 259KB - Virtual size: 259KB

.data
Size: 13KB - Virtual size: 31KB

.rsrc
Size: 118KB - Virtual size: 120KB