11a36710a68d59e30ef3212544e27480_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

11a36710a68d59e30ef3212544e27480_JaffaCakes118
Size

928KB
MD5

11a36710a68d59e30ef3212544e27480
SHA1

7c3559bd80c34f60008eb6d85b1e877b7ab66aac
SHA256

d1e8c81ff98e67ff016ad407204cfb397961e7cdd64b66e964149f363cb6d6f9
SHA512

c1e8757fcd7f0943d9d12fb8d5565f707dfaad9f3ae131fdf8c5c5b95e0771c6311a2c1c0678f9702a9b7bde5d406585a5960c4dcf2124d4c1c1481c55f91f06
SSDEEP

12288:m6/F171qqzttnw9K4/3iW5wQRWO9nW/NuD1NGvnNfmfdV+U12bBLnJb9e:D/F171vfnw9K4/3yI9Ou1MnNfmSUKb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11a36710a68d59e30ef3212544e27480_JaffaCakes118

Files

11a36710a68d59e30ef3212544e27480_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d9fa051b694e5cbe1442e37ec2eae8cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

connect
gethostbyname
gethostbyaddr
inet_addr
socket
send
WSAStartup
WSACleanup
gethostname
WSAGetLastError
inet_ntoa
WSAIoctl
ioctlsocket
recv
htons
closesocket
WSASocketA

kernel32

ExitProcess
TerminateProcess
HeapSize
GetACP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
GetCommandLineA
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetSystemTimeAsFileTime
GetProfileStringA
InterlockedExchange
GetVersionExA
GetVersion
lstrlenA
lstrlenW
GetStartupInfoA
HeapReAlloc
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RaiseException
RtlUnwind
HeapAlloc
HeapFree
FindResourceExA
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetOEMCP
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFlags
GetCurrentThread
GetDiskFreeSpaceA
GetTempFileNameA
GlobalFree
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
IsBadReadPtr
IsBadWritePtr
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetCPInfo
LockResource
LoadResource
FindResourceA
lstrcmpiA
GetTickCount
Sleep
GlobalUnlock
GlobalLock
GlobalReAlloc
GlobalAlloc
GetLastError
GetProcAddress
FindFirstFileA
FindClose
MoveFileA
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpynA
LocalFree
SetLastError
InterlockedDecrement
InterlockedIncrement
GetLogicalDriveStringsA
GetDriveTypeA
GetDiskFreeSpaceExA
GetSystemInfo
GlobalMemoryStatus
GetModuleHandleA
SetFileAttributesA
IsDebuggerPresent
CreateThread
WaitForSingleObject
GetExitCodeThread
MoveFileExA
SetEvent
CopyFileA
GetFileAttributesA
CreateProcessA
OpenFile
EnumResourceNamesA
GetSystemDirectoryA
lstrcatA
WinExec
CreateEventA
OpenEventA
GetFileTime
GetVolumeInformationA
GetComputerNameA
GetFileSize
SetEndOfFile
GetModuleFileNameA
GetWindowsDirectoryA
LoadLibraryA
FormatMessageA
GetCurrentProcess
SetFileTime
CreateDirectoryA
LocalFileTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
SetFilePointer
MulDiv
GetTempPathA
DeleteFileA
LoadLibraryExA
FreeLibrary
SizeofResource
CreateFileA
CloseHandle
WriteFile
lstrcpyA
lstrcmpA
MultiByteToWideChar
WideCharToMultiByte
IsValidLocale

user32

GetAsyncKeyState
MapDialogRect
ShowOwnedPopups
IsZoomed
UnionRect
GetClassNameA
ReuseDDElParam
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
CharUpperA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CheckRadioButton
CheckDlgButton
GetMessageA
GetActiveWindow
ValidateRect
SendDlgItemMessageA
MapWindowPoints
SetActiveWindow
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetScrollPos
GetTopWindow
WinHelpA
RegisterClassA
SetWindowPlacement
GetDlgItem
GetWindowTextLengthA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowPos
IsIconic
GetWindowPlacement
EndPaint
wvsprintfA
GetWindowDC
DestroyMenu
RegisterWindowMessageA
IsMenu
GetMenu
SetMenu
PeekMessageA
TranslateMessage
DispatchMessageA
ExitWindowsEx
DrawIcon
LookupIconIdFromDirectory
CopyIcon
MessageBeep
LoadIconA
PostQuitMessage
MessageBoxA
SetWindowLongA
GetSystemMenu
SetParent
wsprintfA
GetDCEx
GetWindow
BeginDeferWindowPos
EndDeferWindowPos
KillTimer
WindowFromPoint
IsRectEmpty
EqualRect
SetTimer
GetDoubleClickTime
IsWindowVisible
GetKeyState
ShowScrollBar
IsChild
GetWindowTextA
PostMessageA
GetFocus
SetFocus
IntersectRect
DrawFrameControl
DrawFocusRect
RedrawWindow
UpdateWindow
IsWindow
OffsetRect
LoadImageA
EnableWindow
PtInRect
GetWindowLongA
SetCapture
GetCapture
ReleaseCapture
GetClipCursor
GetCursorPos
ClipCursor
SetCursor
ScreenToClient
ClientToScreen
InvertRect
GetParent
GetWindowRect
SendMessageA
InvalidateRect
SetRectEmpty
SetWindowRgn
GetClientRect
InflateRect
GetClassInfoA
DefWindowProcA
LoadCursorA
EndDialog
CreateDialogIndirectParamA
LoadStringA
LockWindowUpdate
BringWindowToTop
BeginPaint
UnpackDDElParam
GetMenuStringA
GetSubMenu
GrayStringA
TabbedTextOutA
DeleteMenu
LoadBitmapA
GetSysColorBrush
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
ModifyMenuA
GetMenuItemCount
InsertMenuA
AppendMenuA
GetSystemMetrics
GetDesktopWindow
GetDC
DrawTextA
ReleaseDC
DrawIconEx
DestroyIcon
SystemParametersInfoA
GetSysColor
CopyRect
FillRect
DrawEdge
SetRect
GetMenuItemInfoA
IsWindowUnicode
CharNextA
DefDlgProcA
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
CreateIconFromResource

gdi32

GetBitmapDimensionEx
CreateRectRgnIndirect
SaveDC
RestoreDC
SelectPalette
SetBkColor
SetBkMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
CreatePatternBrush
CreateBitmap
SetRectRgn
DPtoLP
StretchDIBits
GetCharWidthA
CreateFontA
EnumFontFamiliesExA
GetTextColor
EnumFontFamiliesA
RealizePalette
GetBkColor
GetDIBColorTable
CreatePalette
CreateHalftonePalette
GetTextMetricsA
GetStockObject
CreatePolygonRgn
CreateRectRgn
CombineRgn
GetCurrentObject
Escape
ExtTextOutA
TextOutA
RectVisible
PatBlt
PtVisible
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetBkMode
GetTextExtentPointA
CreateDIBitmap
GetDeviceCaps

comdlg32

FindTextA
ReplaceTextA
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegEnumValueA
GetUserNameA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueA
RegDeleteKeyA
RegEnumKeyExA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
SetFileSecurityA
GetFileSecurityA
RegEnumKeyA
RegCreateKeyA
RegSetValueA
RegCloseKey

shell32

DragFinish
SHGetFileInfoA
DragAcceptFiles
ExtractIconA
ShellExecuteA
DragQueryFileA

comctl32

ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetImageInfo
ImageList_Add
ImageList_Destroy
ImageList_Create
ord17
ImageList_DrawIndirect
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_Draw

Sections

.text
Size: 600KB - Virtual size: 596KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9fa051b694e5cbe1442e37ec2eae8cf

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 600KB - Virtual size: 596KB

.rdata Size: 140KB - Virtual size: 136KB

.data Size: 44KB - Virtual size: 63KB

.rsrc Size: 140KB - Virtual size: 137KB

.text
Size: 600KB - Virtual size: 596KB

.rdata
Size: 140KB - Virtual size: 136KB

.data
Size: 44KB - Virtual size: 63KB

.rsrc
Size: 140KB - Virtual size: 137KB