1462238b9c7061aeb0802a8c95758f1c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1462238b9c7061aeb0802a8c95758f1c_JaffaCakes118
Size

536KB
MD5

1462238b9c7061aeb0802a8c95758f1c
SHA1

194d8bd31b74d9e3125f9712498ac9c9510902be
SHA256

a0b88c1eb4b1899e6e6776ec17adc1f7543ea07e03c42b1d6fbdb4ec9c4ff7df
SHA512

8811dccd2af6869dd06c5636ff25774bad57dff99b1572e9d6f6525bce20522e35ffb31138af9df471cb6e6e58b461adc73d439028c3d4354a6df89e76dcc4ac
SSDEEP

6144:qjPEWz67OK4pS9mYPNnOW7bDdagbTzSNtC96IDNFcFtYvR26oqyGONYNRmI:qKOVg9AQVpb8C96IDQF+vR26oPn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1462238b9c7061aeb0802a8c95758f1c_JaffaCakes118

Files

1462238b9c7061aeb0802a8c95758f1c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

464aad35af5427d4555be778937a48a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveInAddBuffer
mixerGetControlDetailsA
waveOutGetNumDevs
mixerGetNumDevs
waveInGetDevCapsA
waveInGetNumDevs
mixerClose
mixerOpen
waveInReset
waveOutGetDevCapsA
waveInStop
waveInUnprepareHeader
waveOutClose
waveOutWrite
waveOutPrepareHeader
waveOutOpen
waveInStart
waveInOpen
waveInClose
mixerGetDevCapsA
mixerGetLineControlsA
waveOutUnprepareHeader
waveInPrepareHeader
mixerGetLineInfoA
mixerSetControlDetails

msacm32

acmFormatSuggest
acmFormatEnumA
acmStreamOpen
acmMetrics
acmDriverOpen
acmDriverClose
acmDriverDetailsA
acmStreamClose
acmDriverEnum
acmStreamUnprepareHeader
acmStreamConvert
acmStreamPrepareHeader

ws2_32

connect
setsockopt
socket
getsockopt
WSAStartup
gethostbyname
ntohl
inet_addr
send
ntohs
recv
htonl
htons
closesocket

dinput

DirectInputCreateA

dsound

ord12
ord7

kernel32

DuplicateHandle
GetCurrentProcess
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DeleteFileA
GetVolumeInformationA
GetFullPathNameA
GetThreadLocale
GlobalFlags
SizeofResource
LocalAlloc
InitializeCriticalSection
TlsAlloc
CreateFileA
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
GlobalHandle
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
FindResourceExA
DeleteCriticalSection
GetTimeZoneInformation
GetSystemTime
HeapFree
GetFileAttributesA
GetFileTime
WaitForMultipleObjects
HeapAlloc
GetStartupInfoA
RaiseException
CreateThread
ExitThread
HeapSize
GetACP
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetVersionExA
GetFileSize
CreateDirectoryA
GetProfileStringA
InterlockedExchange
WaitForSingleObject
ReleaseMutex
SetEvent
Sleep
CloseHandle
CreateEventA
CreateMutexA
FindFirstFileA
FindNextFileA
SuspendThread
lstrcpynA
lstrcmpA
FormatMessageA
ResumeThread
SetLastError
InterlockedIncrement
LocalFree
InterlockedDecrement
GetCurrentThreadId
LoadLibraryA
GetVersion
GlobalAddAtomA
GlobalGetAtomNameA
lstrcmpiA
GlobalFree
GlobalFindAtomA
GlobalDeleteAtom
LoadResource
LockResource
FindResourceA
ExitProcess
ResetEvent
FindClose
GetModuleHandleA
MulDiv
GetCurrentProcessId
MultiByteToWideChar
GetTickCount
CreateProcessA
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentThread
SetThreadPriority
LoadLibraryW
GetProcAddress
FreeLibrary
GetUserDefaultLangID
lstrlenW
WideCharToMultiByte
GetCommandLineA
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetModuleFileNameA
GetLocalTime
GetLastError
TerminateProcess
HeapReAlloc
TlsSetValue
RtlUnwind

user32

BeginPaint
GetWindowDC
ClientToScreen
EndPaint
DrawTextA
GrayStringA
DestroyMenu
TabbedTextOutA
ValidateRect
GetMessageA
SetCursor
SetWindowContextHelpId
MapDialogRect
InflateRect
WindowFromPoint
TranslateMessage
CharUpperA
LoadStringA
PtInRect
LoadCursorA
GetSysColorBrush
InvalidateRect
CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
RegisterClipboardFormatA
GetClassNameA
PostThreadMessageA
CheckDlgButton
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
SetFocus
AdjustWindowRectEx
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemID
TrackPopupMenu
GetDC
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetFocus
SetForegroundWindow
LoadMenuA
GetSubMenu
EnableMenuItem
ModifyMenuA
BringWindowToTop
keybd_event
DrawIcon
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
ScreenToClient
PostQuitMessage
GetDesktopWindow
IntersectRect
UnregisterHotKey
RegisterHotKey
CallNextHookEx
GetKeyState
KillTimer
SetTimer
GetAsyncKeyState
GetMenuState
SetMenuItemBitmaps
ShowWindow
MoveWindow
UnhookWindowsHookEx
SetWindowsHookExA
PostMessageA
IsIconic
CopyRect
GetSystemMetrics
MessageBeep
CreatePopupMenu
AppendMenuA
SetWindowTextA
IsDialogMessageA
GetCursorPos
IsRectEmpty
GetClientRect
GetWindowRect
LoadIconA
SetRect
SendMessageA
ReleaseDC
GetMenuCheckMarkDimensions
GetWindowTextLengthA
LoadBitmapA
GetWindowTextA
GetMenu
GetMenuItemCount
EnableWindow
CreateDialogIndirectParamA
IsWindow
CheckMenuItem
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
RestoreDC
SetBkMode
IntersectClipRect
GetStockObject
SelectObject
SaveDC
ScaleWindowExtEx
DeleteDC
PatBlt
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
SetWindowExtEx
DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
TextOutA
ExtTextOutA
RectVisible
GetMapMode
Escape
DPtoLP
GetBkColor
LPtoDP
GetTextColor
EnumFontFamiliesExA
BitBlt
CreateCompatibleDC
GetTextExtentPointA
CreateDIBitmap

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA

shell32

Shell_NotifyIconA
ShellExecuteA
SHGetSpecialFolderPathA

comctl32

ImageList_Destroy
ord17
ImageList_ReplaceIcon
ImageList_Create
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

oledlg

ord8

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemAlloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoTaskMemFree
CoInitializeEx

olepro32

ord253

oleaut32

VariantChangeType
SysAllocString
VariantCopy
VariantTimeToSystemTime
SysAllocStringByteLen
VariantClear
SysStringLen
SysAllocStringLen
SysFreeString

Sections

.text
Size: 380KB - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 40KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.heb
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

464aad35af5427d4555be778937a48a8

Headers

File Characteristics

Imports

winmm

msacm32

ws2_32

dinput

dsound

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 380KB - Virtual size: 376KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 40KB - Virtual size: 56KB

.rsrc Size: 36KB - Virtual size: 32KB

.heb Size: - Virtual size: 1B

.text
Size: 380KB - Virtual size: 376KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 40KB - Virtual size: 56KB

.rsrc
Size: 36KB - Virtual size: 32KB

.heb
Size: - Virtual size: 1B