149a892e7ed931d552ab6cfa01f4f601_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

149a892e7ed931d552ab6cfa01f4f601_JaffaCakes118
Size

2.6MB
MD5

149a892e7ed931d552ab6cfa01f4f601
SHA1

67114def379d1646f8d2e54851bc3d7854a6051d
SHA256

700ddf49154f8c44e68205f0dd868d3ff8d2d93467d503fedd2286a9b1c5cc38
SHA512

20c9fc566aa4ef452e22403b28dac87e0d8b1ab079c4d62bd5fccff4b2992688d9f52636293cf38f239081d0b4c1693cb7cf579a398ef94aba43146305bc2402
SSDEEP

49152:10KjShDUttHtW+InftIAiMfacCDWkqnV:a4S6W+In1IAiMfacCgV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
149a892e7ed931d552ab6cfa01f4f601_JaffaCakes118

Files

149a892e7ed931d552ab6cfa01f4f601_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8f601565eed2de0a15ffd9a41fca143

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAGetLastError
closesocket
WSAStartup
gethostname
WSACleanup
socket
inet_addr
gethostbyaddr
WSAIoctl

comctl32

ImageList_Destroy
ImageList_Create
PropertySheetA
ImageList_SetBkColor
ImageList_AddMasked
ImageList_Draw
ord17
ImageList_ReplaceIcon
ImageList_GetImageInfo
_TrackMouseEvent
ImageList_GetIcon
ImageList_GetImageCount

iphlpapi

GetAdaptersInfo

rpcrt4

RpcStringFreeA
UuidCreate
UuidToStringA

kernel32

GetCurrentThread
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
FindResourceExA
GetCurrentProcess
FlushFileBuffers
SetErrorMode
RtlUnwind
GetDriveTypeA
HeapAlloc
HeapReAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
SetEnvironmentVariableA
RaiseException
GetACP
WritePrivateProfileStringA
TerminateProcess
HeapSize
LCMapStringA
LCMapStringW
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
CompareStringA
CompareStringW
GetLocaleInfoW
GetProfileStringA
InterlockedExchange
lstrlenA
CreateFileA
CloseHandle
ReadFile
GetLastError
SetFilePointer
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetVersion
FindResourceA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrlenW
LoadLibraryA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalFree
SuspendThread
SetThreadPriority
ResumeThread
lstrcpynA
MulDiv
InterlockedIncrement
InterlockedDecrement
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcmpiA
SizeofResource
LoadResource
LockResource
lstrcatA
WinExec
lstrcpyA
GetWindowsDirectoryA
GetLocaleInfoA
DeviceIoControl
IsBadWritePtr
GetModuleHandleA
GetCurrentDirectoryA
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetSystemDefaultLangID
Sleep
GetDiskFreeSpaceA
GetSystemInfo
WriteFile
DeleteFileA
GetFileSize
SetEndOfFile
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateMutexA
LocalAlloc
GetFullPathNameA
LoadLibraryExA
GetFileAttributesA
FormatMessageA
LocalFree
WaitForSingleObjectEx
SetEvent
WaitForSingleObject
CreateEventA
CreateThread
GetCurrentThreadId
lstrcmpA
GetProcAddress
CreateDirectoryA
GetModuleFileNameA
FreeLibrary
SetLastError
ExitThread

user32

GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
ValidateRect
GetActiveWindow
TranslateMessage
GetMessageA
DestroyMenu
CreateDialogIndirectParamA
EndDialog
wvsprintfA
PostQuitMessage
GetAsyncKeyState
SetScrollPos
GetTopWindow
wsprintfA
GetClassInfoA
RegisterClassA
GetDlgItem
GetWindowTextLengthA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
IntersectRect
DrawTextA
SetWindowTextA
GetWindowLongA
GetWindowTextA
GetWindowPlacement
WinHelpA
IsChild
GetCapture
DrawStateA
DrawFrameControl
SetRect
AdjustWindowRect
GetSysColorBrush
LoadStringA
DispatchMessageA
CopyIcon
SetWindowLongA
PtInRect
ReleaseCapture
SetCapture
DestroyCursor
GetKeyState
EqualRect
SetWindowPos
GetNextDlgTabItem
ClientToScreen
WindowFromPoint
GetWindow
GetMenu
IsMenu
LoadMenuA
GetMenuItemCount
GetMenuStringA
ModifyMenuA
IsWindowVisible
GetForegroundWindow
IsIconic
DrawIcon
AppendMenuA
PeekMessageA
InsertMenuA
RemoveMenu
MessageBoxA
GetSystemMetrics
MapDialogRect
GetIconInfo
MessageBeep
GetSystemMenu
EnableMenuItem
LoadCursorA
CopyRect
DrawIconEx
InflateRect
GetFocus
DrawFocusRect
GetDC
ReleaseDC
LoadBitmapA
SetActiveWindow
DrawAnimatedRects
FindWindowA
EnumChildWindows
SystemParametersInfoA
GetClassNameA
GetCursorPos
SetForegroundWindow
TrackPopupMenu
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
IsWindowEnabled
MoveWindow
IsDialogMessageA
PostMessageA
GetMenuItemID
SendDlgItemMessageA
ShowWindow
MapWindowPoints
GetSubMenu
SetMenuDefaultItem
LoadIconA
LoadImageA
DestroyIcon
RegisterWindowMessageA
KillTimer
SetTimer
IsWindow
SetCursor
GetClientRect
FillRect
OffsetRect
GetWindowRect
RedrawWindow
UpdateWindow
GetSysColor
SendMessageA
InvalidateRect
GetParent
EnableWindow
SetFocus
AdjustWindowRectEx
GetDesktopWindow
IsWindowUnicode
CharNextA
DefDlgProcA
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
ScreenToClient

gdi32

Rectangle
GetTextExtentPoint32A
CreateDCA
GetDeviceCaps
StretchBlt
SelectObject
ExtTextOutA
CreateFontA
GetTextFaceA
SetPixelV
GetPixel
SetDIBitsToDevice
CreateDIBSection
TextOutA
SetTextJustification
CreateDIBitmap
DeleteDC
SetStretchBltMode
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
SetBkColor
CreateBitmap
RectVisible
SetBkMode
SetTextColor
PatBlt
SaveDC
RestoreDC
GetStockObject
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
SetTextAlign
PtVisible
Escape
DPtoLP
EnumFontFamiliesExA
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
GetViewportOrgEx
SetViewportOrgEx
BitBlt
CreateFontIndirectA
DeleteObject
GetTextExtentPointA
CreateSolidBrush

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

shell32

SHGetMalloc
DragQueryFileA
ShellExecuteA
DragAcceptFiles
SHBrowseForFolderA
SHGetPathFromIDListA
DragFinish
ExtractIconExA
SHGetSpecialFolderPathA
SHAppBarMessage
Shell_NotifyIconA
SHGetFileInfoA

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CoInitializeEx

oleaut32

SysFreeString
SysAllocStringLen
SysStringLen
SysAllocString

wininet

InternetReadFile
InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetCloseHandle
HttpQueryInfoA
HttpSendRequestA
HttpAddRequestHeadersA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shlwapi

PathFindExtensionA
PathRemoveExtensionA

Sections

.text
Size: 572KB - Virtual size: 570KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 887KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e8f601565eed2de0a15ffd9a41fca143

Headers

File Characteristics

Imports

ws2_32

comctl32

iphlpapi

rpcrt4

kernel32

user32

gdi32

winspool.drv

shell32

ole32

oleaut32

wininet

version

shlwapi

Sections

.text Size: 572KB - Virtual size: 570KB

.rdata Size: 96KB - Virtual size: 92KB

.data Size: 100KB - Virtual size: 887KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 572KB - Virtual size: 570KB

.rdata
Size: 96KB - Virtual size: 92KB

.data
Size: 100KB - Virtual size: 887KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB