1522f9e7bca7bd4ce779f65830b81d7a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1522f9e7bca7bd4ce779f65830b81d7a_JaffaCakes118
Size

1.1MB
MD5

1522f9e7bca7bd4ce779f65830b81d7a
SHA1

2217740e59a3cfb5bc3b55f9d246e9f37f5aabb0
SHA256

93dfb42093f8a50e23fe4a21ebd44283f7e062f213cf600a0402b59bf71272a5
SHA512

83750ad2be1b811a6b169a3a4698a3e228b271e2854093a1836abd8b4eff54399c9a0b0f2c768905a19878a167e131c7c61276a8cc3debc3bfc99557628c0405
SSDEEP

12288:cfkOmEBYy/IaUjFRD5Aw+Sf7Gos20boQZwTaF3okr:HxWN/IJiROGom0dGvr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1522f9e7bca7bd4ce779f65830b81d7a_JaffaCakes118

Files

1522f9e7bca7bd4ce779f65830b81d7a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6239ae8040a8577f7399e7f911ed98f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

conf.pdb

Imports

msvcrt

_controlfp
_except_handler3
??3@YAXPAX@Z
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
malloc
realloc
free
memmove
_purecall
??2@YAPAXI@Z
_adjust_fdiv

advapi32

CryptDestroyHash
CryptReleaseContext
CryptAcquireContextA
RegCreateKeyA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
ChangeServiceConfigA
RegFlushKey
CloseServiceHandle
RegEnumKeyExA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
StartServiceA
ControlService
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyA
RegSetValueExA
CryptCreateHash
CryptHashData
CryptGetHashParam
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA

kernel32

GetComputerNameA
IsDBCSLeadByte
HeapDestroy
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
OpenEventA
GetVersionExA
LocalAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetShortPathNameA
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
SetLastError
GetTimeFormatA
GetDateFormatA
FormatMessageA
CompareFileTime
SystemTimeToFileTime
CreateMutexA
ReleaseMutex
ResumeThread
FindClose
FindFirstFileA
TerminateThread
GetCurrentProcessId
LockResource
FindNextFileA
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
DuplicateHandle
GetStartupInfoA
GlobalFree
GlobalHandle
LocalReAlloc
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
GetProcessHeap
HeapAlloc
VirtualFree
VirtualAlloc
OpenProcess
GetSystemDirectoryA
CreateProcessA
GetModuleHandleA
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
GetUserDefaultLCID
GetSystemDefaultLCID
FileTimeToSystemTime
lstrcatA
CompareStringA
GetLocalTime
SetEndOfFile
lstrlenW
SetFilePointer
ReadFile
MulDiv
GetTickCount
lstrcpynA
lstrlenA
MultiByteToWideChar
CreateThread
ResetEvent
Sleep
lstrcpyA
lstrcmpA
DeleteFileA
SetEvent
CloseHandle
WriteFile
GetLastError
WaitForSingleObject
LocalFree
GetProcAddress
FreeLibrary
InterlockedDecrement
QueryPerformanceFrequency
SetPriorityClass
GetPriorityClass
GetSystemInfo
GetStringTypeExA
SetErrorMode
GetFileAttributesA
CreateDirectoryA
RtlUnwind
GetTempPathA
GetTempFileNameA
CreateFileA
FreeResource
CreateEventA
LoadLibraryA

gdi32

GetTextExtentPointA
GetSystemPaletteUse
GetSystemPaletteEntries
PatBlt
StretchBlt
GetMapMode
SetBkColor
ExtTextOutA
CreatePalette
CreatePen
MoveToEx
LineTo
SelectPalette
RealizePalette
SetBkMode
SetTextColor
GetTextMetricsA
GetTextExtentPoint32A
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetObjectA
CreateRectRgnIndirect
CreateDCA
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
GetDeviceCaps
CreateFontIndirectA
CreateSolidBrush
GetStockObject
SelectObject
DeleteObject
CreateDIBSection

user32

IntersectRect
GetWindow
SetWindowTextA
GetWindowTextA
RegisterClassExA
LoadCursorA
GetClassInfoExA
RegisterWindowMessageA
CallWindowProcA
DestroyWindow
IsWindow
GetKeyState
DestroyAcceleratorTable
IsChild
GetFocus
GetSysColor
ReleaseCapture
SetCapture
InvalidateRgn
EndPaint
BeginPaint
RedrawWindow
GetClassNameA
CreateWindowExA
RegisterClassA
GetMessageA
CreateAcceleratorTableA
IsWindowVisible
SetCursor
MessageBeep
LoadBitmapA
IsDialogMessageA
SetTimer
KillTimer
GetLastActivePopup
GetDoubleClickTime
CharUpperBuffA
CheckDlgButton
IsDlgButtonChecked
MoveWindow
CreateDialogParamA
DrawTextA
SetRect
GetScrollPos
GetSystemMetrics
SystemParametersInfoA
LoadImageA
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsWindowEnabled
GetDlgCtrlID
GetWindowPlacement
EqualRect
RemoveMenu
AppendMenuA
CharLowerA
InSendMessage
ModifyMenuA
GetMenuItemID
GetMenuItemCount
FindWindowExA
DrawIconEx
GetTopWindow
DrawEdge
SetParent
CheckRadioButton
ExitWindowsEx
LoadStringW
CheckMenuItem
TrackPopupMenuEx
GetForegroundWindow
GetMenu
GetSystemMenu
SetWindowPlacement
SendMessageTimeoutA
DeleteMenu
InsertMenuItemA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetDlgItemTextA
GetWindowTextLengthA
LoadMenuA
GetSubMenu
GetMenuItemInfoA
SetMenuItemInfoA
EnableMenuItem
InsertMenuA
MapWindowPoints
GetWindowRect
TrackPopupMenu
DestroyMenu
GetCursorPos
SetCursorPos
DestroyIcon
MessageBoxA
CharNextA
LoadAcceleratorsA
TranslateAcceleratorA
CopyAcceleratorTableA
SetFocus
wsprintfA
CharUpperA
CharToOemA
ShowWindow
OffsetRect
SetWindowRgn
SetWindowPos
GetDesktopWindow
DefWindowProcA
UnionRect
PtInRect
PostThreadMessageA
FindWindowA
SetForegroundWindow
GetWindowLongA
LoadIconA
LoadStringA
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageA
PeekMessageA
SetDlgItemTextA
GetClientRect
InvalidateRect
GetDC
FrameRect
FillRect
ReleaseDC
GetParent
SetWindowLongA
PostMessageA
DialogBoxParamA
EndDialog
SendMessageA
GetDlgItem
EnableWindow
SendDlgItemMessageA
WinHelpA
AdjustWindowRectEx
GetMessagePos
GetSysColorBrush
GetClassInfoA
GetIconInfo
UpdateWindow

winmm

mmioRead
waveOutClose
waveOutOpen
waveInClose
waveInOpen
waveOutGetDevCapsA
waveOutGetNumDevs
waveInGetDevCapsA
waveInGetNumDevs
PlaySoundA
mixerGetLineControlsA
mixerGetControlDetailsA
mixerSetControlDetails
mixerGetLineInfoA
mixerGetDevCapsA
mixerOpen
mixerGetNumDevs
mixerGetID
mmioClose
mmioAscend
mmioDescend
mmioOpenA
waveInStart
waveInPrepareHeader
waveInUnprepareHeader
waveInReset
waveInAddBuffer
waveOutUnprepareHeader
waveOutReset
waveOutPrepareHeader
waveOutWrite
mmioSeek
mixerClose

wsock32

gethostname
inet_addr
ioctlsocket
WSACleanup
WSAStartup
getsockname
gethostbyname

comctl32

ord6
ord8
CreateToolbarEx
ImageList_AddMasked
ImageList_DrawEx
ImageList_Destroy
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Create
PropertySheetA

ole32

IsAccelerator
CoTaskMemAlloc
CoTaskMemFree
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemRealloc
CoRegisterMessageFilter
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CoCreateInstance
CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
CLSIDFromString
CLSIDFromProgID
OleLockRunning
StringFromCLSID
OleSaveToStream
WriteClassStm
CreateOleAdviseHolder
OleUninitialize
OleInitialize

oleaut32

SysStringByteLen
RegisterTypeLi
OleCreatePropertyFrame
LoadRegTypeLi
VariantClear
VariantChangeType
SysStringLen
SysFreeString
OleCreateFontIndirect
VarUI4FromStr
SysAllocString
SysAllocStringLen
LoadTypeLi

shlwapi

StrChrA
StrCmpNIA

shell32

Shell_NotifyIconA
ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetFileInfoA

crypt32

CertGetIssuerCertificateFromStore
CertFreeCertificateContext
CertEnumCertificatesInStore
CertGetSubjectCertificateFromStore
CertOpenSystemStoreA
CertNameToStrA
CertCreateCertificateContext
CertFindCertificateInStore
CertOpenStore
CertCloseStore

nmas

CreateASObject
StartStopOldWB

mst120

T120_CreatePluggableTransport
T120_CreateAppletSAP
T120_QueryApplet
T120_CloseApplet
T120_LoadApplet

netapi32

Netbios

Sections

.text
Size: 340KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 660KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6239ae8040a8577f7399e7f911ed98f9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

advapi32

kernel32

gdi32

user32

winmm

wsock32

comctl32

ole32

oleaut32

shlwapi

shell32

crypt32

nmas

mst120

netapi32

Sections

.text Size: 340KB - Virtual size: 337KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 660KB - Virtual size: 656KB

.text
Size: 340KB - Virtual size: 337KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 660KB - Virtual size: 656KB