068f9cd3c8922d56a46031b831c185e0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

068f9cd3c8922d56a46031b831c185e0_JaffaCakes118
Size

480KB
MD5

068f9cd3c8922d56a46031b831c185e0
SHA1

e517ead5b456f56067555bbbc851ffdf7cbc1bd7
SHA256

a536306d6a5acb6e73befa394b0796903fdbea401ea0b6e52d29a51eb3926f81
SHA512

0f02a806086c47d2eeada42d626ab9575efd6c5a8ce9e3553e96fe0fc1d6cb1a1832bfa1b6265f7fdb760079da616c76e6baa09d35eaecaaa0161fd0adf7ed01
SSDEEP

6144:ykxM16D1xH1LXI4Fc0LrIqk2r1Lznay6g7wFUTWKpn95HJP6Kk:NOUDT1LXPm+M2r1LzV7wOWKzd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
068f9cd3c8922d56a46031b831c185e0_JaffaCakes118

Files

068f9cd3c8922d56a46031b831c185e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de599c36b2c3d5e030f0710d7edb8007

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
GetOEMCP
GetACP
GetCPInfo
ReadFile
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
CompareStringA
WideCharToMultiByte
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
SetUnhandledExceptionFilter
FlushFileBuffers
WriteFile
HeapSize
GetCurrentProcess
TerminateProcess
HeapReAlloc
HeapAlloc
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapFree
RaiseException
RtlUnwind
CompareStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetLocaleInfoW
CreateDirectoryA
GetTempFileNameA
GetShortPathNameA
OpenFile
GetWindowsDirectoryA
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetFilePointer
SetEndOfFile
GetVersion
OpenMutexA
CreateMutexA
GetTempPathA
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleA
lstrlenA
RemoveDirectoryA
GetModuleFileNameA
GetTickCount
Sleep
DeleteFileA
GetFileAttributesA
LoadLibraryA
GetProcAddress
FreeLibrary
GetSystemDirectoryA
GetDiskFreeSpaceExA
GetCurrentThreadId
InterlockedDecrement
GlobalAlloc
GlobalLock
GlobalUnlock
CreateThread
WaitForSingleObject
EnterCriticalSection
SetEvent
LeaveCriticalSection
CloseHandle
CreateEventA
FindFirstFileA
WritePrivateProfileStringA
FindNextFileA
FindClose
lstrcpyA
GetVersionExA
GetLastError
GetPrivateProfileStringA
MultiByteToWideChar
SetEnvironmentVariableA

user32

IsDlgButtonChecked
SetDlgItemTextA
EndDialog
GetDlgItemTextA
CheckRadioButton
FillRect
SetWindowRgn
IsZoomed
GetSystemMetrics
SetFocus
LoadStringA
GetScrollInfo
GetScrollRange
GetScrollPos
SetTimer
SetCapture
ReleaseCapture
GetDlgItem
KillTimer
LoadImageA
IsWindow
GetWindowRect
GetDlgCtrlID
LoadAcceleratorsA
RegisterClassExA
LoadCursorA
LoadIconA
GetClassInfoExA
IsWindowEnabled
SetCursor
DrawStateA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
PostQuitMessage
SetForegroundWindow
IsIconic
DialogBoxParamA
CheckMenuItem
GetSystemMenu
InsertMenuA
RegisterWindowMessageA
IsMenu
GetMenuItemInfoA
SetMenuItemInfoA
SetRectEmpty
IntersectRect
GetKeyState
SetWindowsHookExA
UnhookWindowsHookEx
WindowFromPoint
CallNextHookEx
DefWindowProcA
GetWindowLongA
SetWindowLongA
CreateWindowExA
DestroyWindow
SetWindowPos
CreatePopupMenu
AppendMenuA
CreateMenu
GetMenuState
ModifyMenuA
FindWindowA
GetDesktopWindow
PtInRect
SystemParametersInfoA
LoadMenuA
GetMenuItemCount
GetMenuStringA
GetMenuItemID
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
GetSubMenu
GetCursorPos
TrackPopupMenu
DestroyMenu
GetDC
EnableWindow
MoveWindow
CopyRect
SetWindowTextA
GetWindowDC
OffsetRect
GetFocus
ReleaseDC
InvalidateRect
BeginPaint
GetClientRect
DrawTextA
EndPaint
CallWindowProcA
GetParent
wsprintfA
MessageBoxA
ClientToScreen
ScreenToClient
ShowWindow
UpdateWindow
PostMessageA
SendMessageA

gdi32

Rectangle
SetROP2
CreateSolidBrush
GetClipBox
GetTextExtentPoint32A
CreateFontIndirectA
ExtTextOutA
StretchBlt
SetTextColor
CreatePen
MoveToEx
LineTo
SetBkMode
GetStockObject
GetObjectA
SetBkColor
CombineRgn
CreateRectRgn
GetPixel
DeleteDC
BitBlt
CreateCompatibleBitmap
SelectObject
DeleteObject
CreateCompatibleDC

comctl32

ImageList_GetImageCount
_TrackMouseEvent
ImageList_Draw
ImageList_Create
ImageList_AddMasked
ImageList_Destroy
InitCommonControlsEx
FlatSB_EnableScrollBar
InitializeFlatSB

shell32

DragFinish
Shell_NotifyIconA
DragAcceptFiles
SHFileOperationA
ShellExecuteA
SHGetFileInfoA
SHBrowseForFolderA
SHGetPathFromIDListA
DragQueryFileA

comdlg32

GetOpenFileNameA

ws2_32

ntohl
closesocket
connect
setsockopt
socket
WSAStartup
WSACleanup
inet_ntoa
ntohs
htonl
send
recv
inet_addr
htons

advapi32

OpenServiceA
OpenSCManagerA
RegCloseKey
DeleteService
ControlService
CreateServiceA
StartServiceA
QueryServiceStatus
CloseServiceHandle
ChangeServiceConfigA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

ole32

CoInitialize
StringFromCLSID
CoInitializeSecurity
CoCreateInstance
CoUninitialize

oleaut32

SysAllocString
SysStringByteLen
SysAllocStringByteLen
SysFreeString
VariantInit
VariantClear
GetErrorInfo

atl

ord39
ord42
ord47

Sections

.text
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tqn
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ifc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nkh
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mjg
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

de599c36b2c3d5e030f0710d7edb8007

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

shell32

comdlg32

ws2_32

advapi32

ole32

oleaut32

atl

Sections

.text Size: 256KB - Virtual size: 252KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 24KB - Virtual size: 33KB

.rsrc Size: 36KB - Virtual size: 33KB

.tc Size: 28KB - Virtual size: 28KB

.tqn Size: 4KB - Virtual size: 4KB

.tc Size: 28KB - Virtual size: 28KB

.ifc Size: 4KB - Virtual size: 4KB

.tc Size: 28KB - Virtual size: 28KB

.nkh Size: 4KB - Virtual size: 4KB

.tc Size: 28KB - Virtual size: 28KB

.mjg Size: 4KB - Virtual size: 4KB

.text
Size: 256KB - Virtual size: 252KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 24KB - Virtual size: 33KB

.rsrc
Size: 36KB - Virtual size: 33KB

.tc
Size: 28KB - Virtual size: 28KB

.tqn
Size: 4KB - Virtual size: 4KB

.tc
Size: 28KB - Virtual size: 28KB

.ifc
Size: 4KB - Virtual size: 4KB

.tc
Size: 28KB - Virtual size: 28KB

.nkh
Size: 4KB - Virtual size: 4KB

.tc
Size: 28KB - Virtual size: 28KB

.mjg
Size: 4KB - Virtual size: 4KB