0659c98187a1ab55955b39bf33de28d6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0659c98187a1ab55955b39bf33de28d6_JaffaCakes118
Size

612KB
MD5

0659c98187a1ab55955b39bf33de28d6
SHA1

aaedb833025baaa690967d482e6f257061ef87d2
SHA256

3e226ca6e6385d4096f9f8a34fa44b44bb05378684ddf20aa5ab0f1a96fbdf13
SHA512

1379bc6cb8dc1b186e760db216b4b213aef3cd19c4cfd2e1a26a584b400c1b8663d2268c3553132d85de284bd5c595b23b242885631f0e8d26224676917b448c
SSDEEP

12288:n0DaqiQNzcLRL3etlgD/xBR708YzwJrp3j0WJtbZU8JFtrymB:n0ZoLRL3eLgDZ0SFp3j0Ktb/JFwE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0659c98187a1ab55955b39bf33de28d6_JaffaCakes118

Files

0659c98187a1ab55955b39bf33de28d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c4a23aba6b9f5cd550ae7e97c6c407a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
HeapAlloc
GetStartupInfoA
RaiseException
RtlUnwind
HeapFree
HeapSize
TerminateProcess
GetACP
LCMapStringA
LCMapStringW
GetCurrentDirectoryA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
SizeofResource
GetTickCount
GetTimeZoneInformation
HeapReAlloc
UnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
GlobalUnlock
TlsFree
GetEnvironmentStringsW
SetStdHandle
CompareStringA
CompareStringW
LocalFileTimeToFileTime
SetErrorMode
GlobalFlags
GetOEMCP
GetCPInfo
SetLastError
GetProcessVersion
GetCurrentThread
GetDiskFreeSpaceA
GetTempFileNameA
GetFullPathNameA
GetShortPathNameA
GetStringTypeExA
FindClose
GetVolumeInformationA
FindFirstFileA
UnlockFile
MoveFileA
SetEndOfFile
SetFilePointer
LockFile
FlushFileBuffers
TlsGetValue
ReadFile
DuplicateHandle
EnterCriticalSection
LocalReAlloc
TlsSetValue
LeaveCriticalSection
GlobalReAlloc
GlobalLock
SetHandleCount
GetStdHandle
GlobalHandle
DeleteFileA
lstrlenA
GetSystemDirectoryA
ReleaseMutex
CreateProcessA
WaitForSingleObject
CloseHandle
GetExitCodeProcess
GetPrivateProfileSectionA
lstrcpynA
GetCommandLineA
lstrcpyA
CreateMutexA
GetLastError
GetPrivateProfileIntA
GetFileAttributesA
GetTempPathA
CreateDirectoryA
GetWindowsDirectoryA
lstrcatA
GetPrivateProfileStringA
CopyFileA
WritePrivateProfileStringA
InterlockedDecrement
GetVersionExA
FreeLibrary
GetModuleFileNameA
LoadLibraryA
IsBadCodePtr
InitializeCriticalSection
GetProfileStringA
DeleteCriticalSection
TlsAlloc
GlobalAlloc
LocalAlloc
GetThreadLocale
GlobalFree
lstrlenW
LocalFree
FormatMessageA
InterlockedIncrement
MultiByteToWideChar
WideCharToMultiByte
LoadResource
MulDiv
FindResourceA
GlobalGetAtomNameA
LockResource
GetCurrentThreadId
GlobalFindAtomA
lstrcmpiA
GlobalAddAtomA
GetCurrentProcess
GlobalDeleteAtom
GetModuleHandleA
FileTimeToLocalFileTime
GetFileSize
GetFileTime
WriteFile
FileTimeToSystemTime
CreateFileA
Sleep
SystemTimeToFileTime
SetFileTime
GetLocalTime
GetVersion
lstrcmpA
CreateThread
GetFileType
GetEnvironmentVariableA
SetEnvironmentVariableA
GetProcAddress

user32

GetMenuStringA
GetDCEx
LockWindowUpdate
PostThreadMessageA
SetParent
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetSysColorBrush
ShowOwnedPopups
PostQuitMessage
EndDialog
CreateDialogIndirectParamA
SetRect
CopyAcceleratorTableA
CharUpperA
IsZoomed
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
CharNextA
MapDialogRect
SetWindowContextHelpId
MessageBeep
GetNextDlgGroupItem
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
DestroyIcon
LoadIconA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetTopWindow
MessageBoxA
WinHelpA
DrawTextA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
DestroyWindow
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetFocus
GetScrollPos
SetScrollPos
GetCursorPos
GetKeyState
DeleteMenu
InsertMenuA
RegisterClipboardFormatA
WindowFromPoint
GetClassNameA
GrayStringA
wsprintfA
GetCapture
SetCursor
LoadCursorA
DestroyCursor
BeginDeferWindowPos
InvalidateRect
EndDeferWindowPos
EqualRect
IsIconic
IsWindowVisible
SetCursorPos
GetDC
ReleaseDC
PtInRect
ReleaseCapture
OffsetRect
SetCapture
RedrawWindow
GetDlgCtrlID
IsChild
CreateWindowExA
SetTimer
ExitWindowsEx
PostMessageA
LoadStringA
GetSystemMetrics
GetWindow
GetDesktopWindow
GetWindowLongA
FindWindowA
SetForegroundWindow
GetParent
KillTimer
SetMenu
LoadImageA
ShowWindow
GetClientRect
UpdateWindow
SendMessageA
EnableWindow
GetWindowRect
InflateRect
ClientToScreen
ScreenToClient
GetSysColor
ScrollWindow
CopyRect
DefDlgProcA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
IsWindowUnicode

gdi32

ExcludeClipRect
SetWindowExtEx
ScaleWindowExtEx
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
RectVisible
TextOutA
PtVisible
Escape
CreateCompatibleDC
BitBlt
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetTextExtentPointA
SetViewportOrgEx
SetBkMode
SaveDC
RestoreDC
SetMapMode
GetTextMetricsA
DeleteDC
GetStockObject
GetBkColor
LPtoDP
DPtoLP
GetTextColor
ExtTextOutA
CreateRectRgnIndirect
CreateFontIndirectA
CombineRgn
SetRectRgn
CreateRectRgn
DeleteObject
GetMapMode
CreatePatternBrush
CreateBitmap
GetObjectA
GetDeviceCaps
SetTextColor
GetClipBox
SetBkColor
SelectClipRgn
IntersectClipRect
SelectObject
PatBlt
CreateDIBitmap

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

SetFileSecurityA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegDeleteValueA
RegSetValueExA
OpenProcessToken
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
GetFileSecurityA
RegCreateKeyA
RegSetValueA

shell32

ExtractIconA
SHGetFileInfoA
DragQueryFileA
DragFinish
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
Shell_NotifyIconA

comctl32

ord17

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
CoTaskMemAlloc
CoGetClassObject
CLSIDFromProgID
CreateILockBytesOnHGlobal
CoTaskMemFree
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoDisconnectObject
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
StgOpenStorageOnILockBytes
CLSIDFromString

olepro32

ord253

oleaut32

LoadTypeLi
SysStringLen
SysAllocStringByteLen
SysFreeString
SafeArrayUnaccessData
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
VariantCopy
VariantTimeToSystemTime
VariantChangeType
SysAllocStringLen
VariantClear
SysAllocString
VariantInit

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wininet

InternetConnectA
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetOpenA

Sections

.text
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9c4a23aba6b9f5cd550ae7e97c6c407a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

version

wininet

Sections

.text Size: 248KB - Virtual size: 246KB

.rdata Size: 60KB - Virtual size: 58KB

.data Size: 20KB - Virtual size: 37KB

.rsrc Size: 40KB - Virtual size: 39KB

�� Size: 240KB - Virtual size: 240KB

.text
Size: 248KB - Virtual size: 246KB

.rdata
Size: 60KB - Virtual size: 58KB

.data
Size: 20KB - Virtual size: 37KB

.rsrc
Size: 40KB - Virtual size: 39KB

��
Size: 240KB - Virtual size: 240KB