12de71d41ba969fd2c702d6a7404dfcf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

12de71d41ba969fd2c702d6a7404dfcf_JaffaCakes118
Size

824KB
MD5

12de71d41ba969fd2c702d6a7404dfcf
SHA1

710f146da2f481eaf173dab198b812bdabda7122
SHA256

78c36b66f7beff9f3a74d00a143a10d1ecea606ded02428a35a7932ddb919180
SHA512

682a6a78bf0131a0649ed17a7dbd45fa7aca84ac76607c847b1def62043f747b3aab0d8d986b29d335fd12972bb5fe726c0a175c60378d2cb0e74b3919010c13
SSDEEP

12288:7ZQrMo2Z7KgtJfO9Un3j9WqiRWxl/xJLSunM2+sY5atwt:7bZ7KiFnxWfwl/lM/sov

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12de71d41ba969fd2c702d6a7404dfcf_JaffaCakes118

Files

12de71d41ba969fd2c702d6a7404dfcf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28a5882f8093db39212a4fba6d6b534e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGetLastResponseInfoA
FtpCommandA
InternetCloseHandle
InternetOpenA
InternetFindNextFileA
FtpFindFirstFileA
FtpOpenFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA

msimg32

TransparentBlt

kernel32

RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
HeapFree
CreateThread
ExitThread
TerminateProcess
SetStdHandle
GetFileType
HeapSize
HeapReAlloc
GetTimeZoneInformation
GetACP
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateEventA
CloseHandle
WaitForSingleObject
SetThreadPriority
SetEvent
GetTickCount
Sleep
ResumeThread
SuspendThread
GetModuleFileNameA
GetModuleHandleA
SetFilePointerEx
GetFileSizeEx
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
lstrcpyA
WinExec
lstrlenA
lstrcatA
MultiByteToWideChar
GetProcAddress
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
GetCurrentThreadId
GetVersion
LockResource
LoadResource
FindResourceA
SetLastError
MulDiv
SizeofResource
GetCurrentDirectoryA
WritePrivateProfileStringA
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GetFileTime
GlobalUnlock
GetProfileStringA
GetFileSize
GetFileAttributesA
GlobalFree
GlobalAlloc
lstrcmpA
GetCurrentThread
FindNextFileA
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
FormatMessageA
LocalFree
GetThreadLocale
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
GlobalLock
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement

user32

RegisterClipboardFormatA
PostThreadMessageA
GetSysColorBrush
GetClassNameA
WindowFromPoint
MapDialogRect
SetWindowContextHelpId
EndDialog
CreateDialogIndirectParamA
PostQuitMessage
GetDesktopWindow
CharUpperA
GetMessageA
GetActiveWindow
ValidateRect
GetCursorPos
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetNextDlgGroupItem
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
MessageBoxA
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
SetWindowsHookExA
CallNextHookEx
GetClassLongA
UnhookWindowsHookEx
CallWindowProcA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SetRect
CopyAcceleratorTableA
CharNextA
LoadStringA
ClientToScreen
DestroyMenu
GetTopWindow
GetWindow
IsWindowVisible
RemovePropA
GetPropA
SetPropA
GetWindowLongA
MsgWaitForMultipleObjects
PeekMessageA
DispatchMessageA
TranslateMessage
LoadImageA
FrameRect
FillRect
IsRectEmpty
LoadCursorA
CopyIcon
InflateRect
GetSysColor
SetCursor
GetMessagePos
ScreenToClient
PtInRect
GetParent
MessageBeep
SetWindowLongA
ReleaseCapture
GetDC
ReleaseDC
LockWindowUpdate
SetTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetWindowRect
IsWindow
KillTimer
LoadIconA
wsprintfA
PostMessageA
EnableWindow
LoadBitmapA
InvalidateRect
CopyRect
SendMessageA
UnregisterClassA

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
SetMapMode
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
PatBlt
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
SetBkMode
RestoreDC
SaveDC
DeleteDC
SetBkColor
SetTextColor
GetClipBox
DeleteObject
GetTextExtentPoint32A
CreateFontIndirectA
GetStockObject
GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetTextExtentPointA
CreateDIBitmap
BitBlt

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
Shell_NotifyIconA
SHGetSpecialFolderPathA

comctl32

_TrackMouseEvent
ord17

oledlg

ord8

ole32

CoInitialize
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
CoUninitialize
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

wsock32

WSAGetLastError
WSAStartup
WSACleanup
gethostbyname
inet_addr

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 577KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

28a5882f8093db39212a4fba6d6b534e

Headers

File Characteristics

Imports

wininet

msimg32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

Sections

.text Size: 180KB - Virtual size: 180KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 577KB - Virtual size: 596KB

.text
Size: 180KB - Virtual size: 180KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 577KB - Virtual size: 596KB