092ccf1522811efdae7dcad97eeccf1f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

092ccf1522811efdae7dcad97eeccf1f_JaffaCakes118
Size

2.6MB
MD5

092ccf1522811efdae7dcad97eeccf1f
SHA1

83125582bfab04ed5d3de404df68b10a6d9571ec
SHA256

203f49e4f0d1bde37324101a264c196304c386ed4f4be4b5a919fc80934ce74f
SHA512

b7a18fa479e9d79f5fc330302066e82d937b2558419934480bde96299ecba3b5ec578e852657dc9c78ba64388ca9e622ef646c58420ed2013e47119875391628
SSDEEP

24576:AYLSCmU0HgfZPTSCN86R9Yg7sGvUoj35GJ:G3AfZ7SyYg7s+F35Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
092ccf1522811efdae7dcad97eeccf1f_JaffaCakes118

Files

092ccf1522811efdae7dcad97eeccf1f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

49788a1e2c95df9cc8e036aebffcb100

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
InterlockedIncrement
IsBadWritePtr
GetTimeZoneInformation
GetShortPathNameA
GetProfileStringA
GetPrivateProfileSectionNamesA
GetPrivateProfileIntA
GetDriveTypeA
InterlockedDecrement
DeviceIoControl
CancelIo
GetCommandLineA
DuplicateHandle
CreatePipe
ReadProcessMemory
lstrcpyW
GetModuleHandleA
WriteProcessMemory
VirtualAllocEx
VirtualFreeEx
CreateThread
GetThreadPriority
GetCurrentThread
GetComputerNameA
GetSystemTime
SystemTimeToTzSpecificLocalTime
GetStdHandle
WaitForMultipleObjects
ReleaseMutex
CreateMutexA
ProcessIdToSessionId
Process32Next
lstrcpyA
CreateToolhelp32Snapshot
GetProcessHeap
HeapAlloc
LoadResource
LockResource
CreateDirectoryA
FindResourceA
GetEnvironmentVariableA
OpenProcess
Process32First
SizeofResource
HeapFree
GetFileTime
FileTimeToLocalFileTime
SetFileAttributesA
FileTimeToSystemTime
GetCurrentThreadId
SetUnhandledExceptionFilter
VirtualQuery
GetModuleFileNameA
ExitProcess
GetCurrentProcessId
GetLocaleInfoA
SetEndOfFile
GetFileSize
SetEnvironmentVariableA
SetLastError
GetLastError
GetCurrentProcess
LocalFree
LocalAlloc
RaiseException
UnhandledExceptionFilter
IsDebuggerPresent
CompareStringW
CompareStringA
GetStartupInfoA
GetCurrentDirectoryA
RemoveDirectoryA
GlobalSize
MulDiv
GetLongPathNameA
GlobalAlloc
WinExec
GetVersionExA
GlobalLock
WideCharToMultiByte
MultiByteToWideChar
CreateProcessA
CopyFileA
DeleteFileA
GetTickCount
GetTempFileNameA
PeekNamedPipe
TerminateProcess
GetTempPathA
MoveFileA
GetProcAddress
LoadLibraryA
GlobalFree
DeleteCriticalSection
WaitForSingleObject
CreateEventA
GlobalUnlock
InitializeCriticalSection
SetThreadPriority
ResetEvent
SetEvent
GetPrivateProfileStringA
WritePrivateProfileStringA
CloseHandle
CreateFileA
WriteFile
ReadFile
FindClose
FreeLibrary
EnterCriticalSection
GetFileAttributesA
FindNextFileA
LeaveCriticalSection
Sleep
FindFirstFileA
SetFilePointer
GetLogicalDriveStringsA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
SetHandleCount
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetFileType
HeapReAlloc
RtlUnwind
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
VirtualAlloc
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetSystemTimeAsFileTime

advapi32

RegEnumKeyA
RegOpenKeyExA
RegCloseKey
InitializeAcl
RegQueryValueExA
AdjustTokenPrivileges
InitializeSecurityDescriptor
OpenProcessToken
RegSaveKeyA
AddAccessAllowedAce
GetSidSubAuthority
SetSecurityDescriptorDacl
RegSetKeySecurity
LookupPrivilegeValueA
GetSidLengthRequired
RegCreateKeyExA
InitializeSid
GetAce
RegRestoreKeyA
SetFileSecurityA
RegSetValueExA
RegEnumValueA
RegOpenKeyA
DuplicateTokenEx
GetUserNameW
RegDeleteValueA
RegQueryInfoKeyA
RegQueryValueA
RegEnumKeyExA
RegDeleteKeyA

comctl32

ImageList_Create
ord17
ImageList_Destroy
ImageList_GetIconSize
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_DragMove
ImageList_EndDrag
ImageList_DragLeave
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_AddMasked
ImageList_Merge
CreateToolbarEx
_TrackMouseEvent
ImageList_DragShowNolock
ImageList_BeginDrag
PropertySheetA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseColorA

gdi32

DeleteObject
CreateDIBitmap
GetStockObject
TextOutA
SelectObject
CreateHatchBrush
CreateSolidBrush
SetTextColor
FillRgn
LineTo
CreatePolygonRgn
CreatePen
CreateFontA
DeleteDC
Polyline
SetDIBits
BitBlt
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleDC
GetCurrentObject
GetObjectA
Polygon
PolyPolyline
SetBkMode
SetBkColor
CreateBitmap
CreateFontIndirectA
GetTextExtentPoint32A
SetTextAlign
ExtTextOutA
CreatePatternBrush
SetBrushOrgEx
StretchBlt
GetPixel
SetPixel
GetTextMetricsA
GetClipBox
SetViewportOrgEx
CreateFontIndirectW
GetDIBits
GetBitmapDimensionEx
PolyTextOutA
PolyDraw
SetStretchBltMode
SetDIBitsToDevice
MoveToEx

msacm32

acmStreamPrepareHeader
acmStreamSize
acmStreamConvert
acmStreamOpen
acmStreamClose
acmStreamUnprepareHeader
acmDriverDetailsA
acmDriverOpen
acmFormatTagEnumA
acmFormatDetailsA
acmDriverEnum
acmDriverClose
acmFormatEnumA

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
CLSIDFromString
CoTaskMemAlloc
CoCreateInstance

oleaut32

OleLoadPicturePath
OleLoadPicture
SysAllocString
SysFreeString
VariantInit
VariantClear

shell32

SHGetPathFromIDListA
ShellExecuteA
DragQueryFileA
DragAcceptFiles
Shell_NotifyIconA
SHChangeNotify
ShellExecuteExA
SHBrowseForFolderA
SHGetMalloc
DragFinish

shlwapi

SHDeleteEmptyKeyA
SHDeleteKeyA

user32

SetWindowLongA
SetScrollInfo
GetScrollInfo
UpdateWindow
GetWindowTextA
GetSystemMetrics
EnableWindow
GetMenuItemCount
SetTimer
LoadImageA
SetPropA
KillTimer
SetMenuItemInfoA
FindWindowA
MoveWindow
CheckMenuItem
GetSubMenu
DeleteMenu
GetDesktopWindow
RemoveMenu
GetMenu
CheckMenuRadioItem
LoadIconA
CreateWindowExA
GetAsyncKeyState
GetWindowRect
IsWindow
InsertMenuItemA
ModifyMenuA
CallWindowProcA
GetWindowLongA
GetDC
DrawTextA
FrameRect
CreateDialogIndirectParamA
EmptyClipboard
CloseClipboard
IsClipboardFormatAvailable
SetClipboardData
OpenClipboard
GetClipboardData
LoadCursorA
ReleaseCapture
SetCapture
DestroyIcon
EnumWindows
SendMessageTimeoutA
WaitForInputIdle
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
GetPropA
GetKeyNameTextA
GetKeyState
MapVirtualKeyA
SetCursor
RemovePropA
GetMessageA
CreateDialogParamA
TranslateMessage
ScreenToClient
SetMenuDefaultItem
SetScrollPos
DrawIconEx
DefWindowProcA
RegisterClassA
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
GetIconInfo
DrawEdge
DrawStateA
InflateRect
DrawFocusRect
SetWindowWord
EndPaint
BeginPaint
GetWindowWord
GetCapture
GetFocus
GetDlgCtrlID
EndDialog
DialogBoxIndirectParamA
ScrollWindowEx
SetWindowPos
MapWindowPoints
DestroyCursor
ClientToScreen
IsWindowVisible
InsertMenuA
IsDialogMessageA
SetForegroundWindow
FindWindowExA
PostQuitMessage
GetWindowThreadProcessId
FlashWindowEx
wsprintfW
RegisterClassExA
TranslateMDISysAccel
DefMDIChildProcA
SetClassLongA
GetSysColorBrush
SetActiveWindow
GetCursor
SetWindowTextA
GetDlgItemInt
SetDlgItemInt
GetDlgItemTextA
IsWindowEnabled
FillRect
InvalidateRect
MonitorFromWindow
IsIconic
MonitorFromRect
IsZoomed
SetWindowPlacement
GetMonitorInfoA
GetClientRect
DialogBoxParamA
MapDialogRect
SetFocus
ReleaseDC
CreatePopupMenu
PostMessageA
GetWindowDC
GetParent
TrackPopupMenu
AppendMenuA
GetDlgItem
GetSysColor
SetDlgItemTextA
MessageBoxA
IsDlgButtonChecked
CheckDlgButton
DestroyMenu
SendDlgItemMessageA
SendMessageA
DestroyWindow
EnableMenuItem
GetCursorPos
GetWindowPlacement
ShowWindow

winmm

waveOutWrite
waveInGetNumDevs
waveInStop
waveInClose
waveInPrepareHeader
waveInUnprepareHeader
waveInOpen
waveInGetDevCapsA
mixerGetID
mixerSetControlDetails
mixerGetControlDetailsA
waveOutClose
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutReset
waveOutPause
waveOutOpen
waveOutSetVolume
waveOutRestart
waveOutGetVolume
waveOutGetNumDevs
waveOutGetDevCapsA
waveInReset
waveInAddBuffer
waveInMessage
waveInStart
mixerGetLineControlsA
mixerGetLineInfoA

ws2_32

select
socket
WSAGetLastError
__WSAFDIsSet
ioctlsocket
closesocket
WSACleanup
recv
inet_addr
htons
gethostbyname
gethostname
gethostbyaddr
WSAStartup
connect
send

gdiplus

GdipGetPropertyIdList
GdipBitmapLockBits
GdipGetPropertyItemSize
GdipGetImageHorizontalResolution
GdipGetImagePixelFormat
GdipSetPixelOffsetMode
GdipGetImageWidth
GdipCreateBitmapFromGdiDib
GdipDisposeImage
GdipSetInterpolationMode
GdipGetPropertyCount
GdipGetImageHeight
GdipSetCompositingMode
GdipAlloc
GdipDrawImageRectI
GdipFree
GdipGetImageGraphicsContext
GdipGetImageVerticalResolution
GdipGetPropertyItem
GdipCloneImage
GdipSetClipRectI
GdipCreateBitmapFromStream
GdipImageGetFrameCount
GdiplusStartup
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusShutdown
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipImageSelectActiveFrame
GdipDeleteGraphics

Sections

.rdata
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 806KB - Virtual size: 953KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

datnnba
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

49788a1e2c95df9cc8e036aebffcb100

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

comdlg32

gdi32

msacm32

ole32

oleaut32

shell32

shlwapi

user32

winmm

ws2_32

gdiplus

Sections

.rdata Size: 181KB - Virtual size: 181KB

.data Size: 806KB - Virtual size: 953KB

.rsrc Size: 1.7MB - Virtual size: 1.7MB

datnnba Size: - Virtual size: 4KB

.rdata
Size: 181KB - Virtual size: 181KB

.data
Size: 806KB - Virtual size: 953KB

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

datnnba
Size: - Virtual size: 4KB