0a8b4ad523b6014f101b4cdf3c9dca9e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a8b4ad523b6014f101b4cdf3c9dca9e_JaffaCakes118
Size

1020KB
MD5

0a8b4ad523b6014f101b4cdf3c9dca9e
SHA1

7d1205f67305df4dc1c2604da3bc734bd932d977
SHA256

f3370222f817d2c59c4551fca4fd1c7af377a6cebf7fd829a5cb88bdc8b8b799
SHA512

816b2b7c8f4557bcab4cfb0610863daae2be987c7407f0e8e1977805cd19b3412f78c711c74dd548e7afc1af98fc85b625f5c9702acbf9ff7070cfc68d529be1
SSDEEP

12288:yaVk10D1+2VVzJIfO6WOXMvvCmfy9p9M8mx98R3UwTv7GmkihIHOY1EP9u:Lk10D1+2VVzJh6Wqa4Gtx9Ghmc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a8b4ad523b6014f101b4cdf3c9dca9e_JaffaCakes118

Files

0a8b4ad523b6014f101b4cdf3c9dca9e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

66a7d92c816a178c6232a5e550853c73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\aaaprog\a_c\a_x\se\Release\SE5.pdb

Imports

wsock32

send
gethostname
recv
htons
htonl
connect
select
__WSAFDIsSet
setsockopt
closesocket
inet_ntoa
socket
WSAStartup
WSAIsBlocking
gethostbyname
WSAGetLastError
ntohl
getsockname

mpr

WNetAddConnection2A
WNetCancelConnection2A

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wskrnlac

?InstallTaskKeys@@YAHH@Z
?GetHKL@@YAPAUHKL__@@XZ

wininet

InternetReadFile
InternetOpenA
InternetCloseHandle
InternetOpenUrlA

winmm

timeKillEvent
timeGetTime

kernel32

GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
ResumeThread
WaitForSingleObject
EnumResourceLanguagesA
ConvertDefaultLocale
DeleteFileA
ReadFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
FindClose
GetVolumeInformationA
GetFullPathNameA
FileTimeToLocalFileTime
lstrcmpW
InterlockedIncrement
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
RaiseException
TerminateProcess
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
ExitThread
CreateThread
GetFileType
GetStartupInfoA
GetCommandLineA
HeapReAlloc
SetStdHandle
HeapSize
QueryPerformanceCounter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetUnhandledExceptionFilter
VirtualProtect
GetSystemInfo
VirtualQuery
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetDriveTypeA
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetEnvironmentVariableA
GetLocaleInfoW
MulDiv
lstrcpynA
ExpandEnvironmentStringsA
GetCurrentDirectoryA
GetSystemDirectoryA
SetLastError
GetPrivateProfileStringA
WritePrivateProfileStringA
Beep
GetCurrentThread
GetCurrentProcess
GetSystemDefaultLangID
GetFileTime
FileTimeToSystemTime
FindFirstFileA
FindNextFileA
SetFilePointer
WriteFile
GetWindowsDirectoryA
HeapAlloc
HeapFree
IsBadWritePtr
IsBadReadPtr
GetProcessHeap
DeviceIoControl
CreateEventA
GetFileSize
CreateFileA
GetCurrentThreadId
FreeResource
UnmapViewOfFile
RemoveDirectoryA
CreateDirectoryA
FormatMessageA
LocalFree
GetFileAttributesA
CreateMutexA
CloseHandle
GetComputerNameA
MoveFileExA
GetModuleFileNameA
lstrcmpA
GetModuleHandleA
ExitProcess
lstrcatA
GetCurrentProcessId
OpenProcess
InterlockedDecrement
GetLastError
FindResourceA
LoadResource
LockResource
SizeofResource
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcmpiA
CompareStringW
CompareStringA
GetVersion
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
lstrlenA
_lopen
_lread
_lcreat
GlobalUnlock
GlobalFree
_lclose
GlobalAlloc
GlobalLock
GetLocalTime
GetTimeZoneInformation
GetTickCount
_lwrite
lstrcpyA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep

user32

TabbedTextOutA
DrawTextExA
GrayStringA
ClientToScreen
BeginPaint
EndPaint
DestroyMenu
GetMessageA
TranslateMessage
ValidateRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowTextA
IsDialogMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextLengthA
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
GetKeyState
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowPlacement
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetThreadDesktop
GetUserObjectInformationA
SetWindowRgn
DrawTextA
LoadBitmapA
CopyRect
GetWindowDC
SystemParametersInfoA
PeekMessageA
RedrawWindow
IsWindowVisible
UpdateWindow
PostMessageA
SetRect
RegisterWindowMessageA
GetWindowTextA
SendMessageTimeoutA
MoveWindow
SetWindowLongA
IsWindow
GetMessagePos
GetParent
KillTimer
PtInRect
SetCursor
GetForegroundWindow
GetWindowRect
MapVirtualKeyExA
ToAsciiEx
GetCursor
GetCursorPos
WindowFromPoint
AttachThreadInput
DrawIconEx
GetSysColorBrush
IsRectEmpty
GetSysColor
GetDC
ReleaseDC
EnumChildWindows
ShowWindow
SetTimer
SetDlgItemTextA
GetSystemMetrics
LoadIconA
SetForegroundWindow
GetDesktopWindow
GetClientRect
IsIconic
FindWindowA
PostQuitMessage
SendMessageA
SetWindowPos
EnableWindow
GetWindowLongA
GetClassNameA
DdeInitializeA
DdeCreateStringHandleA
DdeConnectList
DdeFreeStringHandle
DdeUninitialize
DdeQueryNextServer
DdeDisconnectList
GetWindowThreadProcessId
DdeQueryConvInfo
DdeClientTransaction
DdeGetData
CharUpperA
GetWindow
MessageBoxA
wsprintfA
LoadCursorA

gdi32

DPtoLP
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateRectRgn
CombineRgn
CreateFontIndirectA
GetStockObject
GetDIBits
GetDeviceCaps
GetSystemPaletteEntries
SelectPalette
RealizePalette
CreatePalette
DeleteDC
DeleteObject
StretchBlt
BitBlt
SelectObject
CreateCompatibleDC
GetObjectA
CreateCompatibleBitmap
CreateBitmap
SetMapMode
ScaleViewportExtEx

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

CloseServiceHandle
GetTokenInformation
OpenProcessToken
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCreateKeyA
GetUserNameA
CreateServiceA
OpenSCManagerA
OpenServiceA
DeleteService
LookupAccountSidA
RegEnumKeyA
OpenThreadToken
AllocateAndInitializeSid
EqualSid
FreeSid
RegOpenKeyExA
RegQueryValueA

shell32

ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

comctl32

_TrackMouseEvent
ord17

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA

ole32

CoCreateInstance
CoInitializeSecurity
CoUninitialize
CoInitialize
CoInitializeEx

oleaut32

SysAllocString
VariantCopy
VariantChangeType
VariantClear
SysFreeString
VariantInit

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 688KB - Virtual size: 684KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66a7d92c816a178c6232a5e550853c73

Headers

File Characteristics

PDB Paths

Imports

wsock32

mpr

version

wskrnlac

wininet

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oleacc

Sections

.text Size: 688KB - Virtual size: 684KB

.rdata Size: 132KB - Virtual size: 128KB

.data Size: 28KB - Virtual size: 197KB

.rsrc Size: 168KB - Virtual size: 165KB

.text
Size: 688KB - Virtual size: 684KB

.rdata
Size: 132KB - Virtual size: 128KB

.data
Size: 28KB - Virtual size: 197KB

.rsrc
Size: 168KB - Virtual size: 165KB