172383c3b0a9f851de29e332741e25fa_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

172383c3b0a9f851de29e332741e25fa_JaffaCakes118
Size

355KB
MD5

172383c3b0a9f851de29e332741e25fa
SHA1

532d7212989e6226cb6b819a6fb3965231dd6860
SHA256

a7442b4318f1e9ffee8d66c4ada22603d7dc7703cffcc159821c5d9434b9c3bb
SHA512

4f98208108da184ca1f7b65fb23cea1eedd3e0710689b27297b9b56082cc54b8f80f704ae7deb44cb8c37c0dcb42896358dece7cb3a28f551587a834583a4d16
SSDEEP

6144:iMuKUF4fi3HOc13mVad5g34FGhnhKb5EoCWtR2PdGlXyk96kAD:WF4mHIcy4Fgn0b5MDPdGd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
172383c3b0a9f851de29e332741e25fa_JaffaCakes118

Files

172383c3b0a9f851de29e332741e25fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099e53671d8bccac83e82aacdaad8f61

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA
waveOutClose
waveOutGetDevCapsA
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite
waveInStart
waveInReset
waveInPrepareHeader
waveInOpen
waveInGetNumDevs
waveInGetDevCapsA
waveInClose
waveInAddBuffer
mmioSeek
mmioRead
mmioOpenA
mixerClose
mixerGetControlDetailsA
mixerGetDevCapsA
mixerGetID
mixerGetLineControlsA
mixerGetLineInfoA
mixerGetNumDevs
mixerOpen
mixerSetControlDetails
mmioAscend
mmioClose
mmioDescend
waveInUnprepareHeader

wsock32

WSACleanup
WSAStartup
gethostbyname
gethostname
getsockname
ioctlsocket
inet_addr

ole32

CLSIDFromProgID
CoCreateInstance
CoInitializeEx
CoRegisterClassObject
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CreateOleAdviseHolder
CreateStreamOnHGlobal
IsAccelerator
OleInitialize
OleLockRunning
OleRegEnumVerbs
OleRegGetMiscStatus
OleRegGetUserType
OleSaveToStream
OleUninitialize
StringFromCLSID
WriteClassStm
CLSIDFromString

opengl32

glTexCoord4dv
glVertex4f
glTexCoord3fv
glPixelTransferi
glNormal3fv
glLightModelf
glGetFloatv
glFogfv
glEvalCoord2dv
glEvalCoord1dv
glEvalCoord1d
glCullFace
glAccum
glColor3bv
glClearAccum
glBlendFunc
wglGetPixelFormat

crypt32

CertCreateCertificateContext
CertCloseStore
CertNameToStrA
CertOpenStore
CertFreeCertificateContext
CertOpenSystemStoreA
CertFindCertificateInStore
CertGetIssuerCertificateFromStore
CertEnumCertificatesInStore
CertGetSubjectCertificateFromStore

shlwapi

StrCmpNIA
StrChrA

advapi32

OpenServiceA
StartServiceA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyA
RegFlushKey
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
AdjustTokenPrivileges
ChangeServiceConfigA
CloseServiceHandle
ControlService
CryptAcquireContextA
CryptCreateHash
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptReleaseContext
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
RegSetValueExA
QueryServiceStatus
RegCloseKey
RegCreateKeyA
RegCreateKeyExA

user32

SetPropW
SetWindowLongW
SetWindowPos
SetWindowTextW
SetWindowsHookExW
SystemParametersInfoA
TabbedTextOutW
ToAsciiEx
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UpdateWindow
ValidateRect
WaitForInputIdle
WaitMessage
WinHelpW
keybd_event
GetWindowLongW
GetWindowContextHelpId
GetUserObjectInformationW
GetThreadDesktop
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetQueueStatus
GetPropW
GetProcessWindowStation
GetParent
GetNextDlgGroupItem
GetMessageW
GetMessageTime
GetMessagePos
GetMenuState
GetMenuItemID
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
ScreenToClient
RemovePropW
ReleaseDC
RegisterWindowMessageW
RegisterShellHookWindow
PtInRect
PostThreadMessageW
PostQuitMessage
PeekMessageW
PeekMessageA
PackDDElParam
SetProcessWindowStation
ModifyMenuW
MessageBoxW
SetLayeredWindowAttributes
SetForegroundWindow
SetFocus
SetDebugErrorLevel
SetCursor
SetActiveWindow
SendDlgItemMessageA
GetInputState
GetForegroundWindow
GetFocus
GetDlgCtrlID
GetCursorPos
GetCursorInfo
GetClipboardSequenceNumber
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetCaretBlinkTime
GetCapture
GetAsyncKeyState
GetActiveWindow
FlashWindow
FillRect
ExitWindowsEx
EndPaint
EndDialog
EnableScrollBar
EnableMenuItem
DrawTextW
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DefWindowProcW
DdeUnaccessData
DdeClientTransaction
DdeAbandonTransaction
CreateWindowStationW
CreateWindowExW
CreateDialogIndirectParamW
CreateDesktopW
CreateCursor
CopyRect
CopyImage
CloseWindowStation
CloseDesktop
ClientToScreen
CheckMenuItem
CharUpperW
CallWindowProcW
CallNextHookEx
BeginPaint
AdjustWindowRectEx
SendMessageW
SendDlgItemMessageW
OpenInputDesktop
MapWindowPoints
MapDialogRect
LockSetForegroundWindow
LoadStringW
LoadCursorW
LoadBitmapW
IsWindowVisible
IsWindow
IsRectEmpty
IsIconic
IsClipboardFormatAvailable
InternalGetWindowText
InSendMessage
ImpersonateDdeClientWindow
GrayStringW
GetWindowTextW
GetWindowTextLengthW
GetWindowPlacement
GetNextDlgTabItem

msvcrt

_cexit
_controlfp
_c_exit
_adjust_fdiv
_acmdln
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__getmainargs
_except_handler3
_exit
_initterm
_purecall
exit
free
malloc
memmove
realloc
_XcptFilter

oleaut32

RegisterTypeLi
LoadTypeLi
OleCreateFontIndirect
OleCreatePropertyFrame
SysAllocString
SysAllocStringLen
SysFreeString
SysStringByteLen
SysStringLen
VarUI4FromStr
VariantChangeType
VariantClear
LoadRegTypeLi

shell32

SHGetMalloc
SHGetPathFromIDListA
Shell_NotifyIconA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetFileInfoA

gdi32

StretchBlt
SetWindowOrgEx
SetViewportOrgEx
SetTextColor
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
SaveDC
RestoreDC
RealizePalette
PatBlt
MoveToEx
LineTo
LPtoDP
GetTextMetricsA
GetTextExtentPointA
GetTextExtentPoint32A
GetSystemPaletteUse
GetSystemPaletteEntries
GetStockObject
GetObjectA
GetMapMode
GetDeviceCaps
ExtTextOutA
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreatePen
CreatePalette
CreateFontIndirectA
CreateDIBSection
CreateDCA
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap

comctl32

PropertySheetA
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create
ImageList_AddMasked
CreateToolbarEx
ord6
ord8
ImageList_DrawEx

kernel32

CompareFileTime
CompareStringA
CreateDirectoryA
CreateEventA
CloseHandle
CreateFileA
CreateMutexA
CreateProcessA
CreateThread
DeleteCriticalSection
DeleteFileA
DuplicateHandle
EnterCriticalSection
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FlushInstructionCache
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTickCount
GetTimeFormatA
GetUserDefaultLCID
GetVersionExA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
HeapAlloc
HeapDestroy
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
IsDBCSLeadByte
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LockResource
MulDiv
MultiByteToWideChar
OpenEventA
OpenProcess
QueryPerformanceCounter
QueryPerformanceFrequency
ReadFile
ReleaseMutex
ResetEvent
ResumeThread
RtlUnwind
SetEndOfFile
SetErrorMode
SetEvent
SetFilePointer
SetLastError
SetPriorityClass
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TerminateThread
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA
lstrlenW
FreeLibrary
FreeResource
GetComputerNameA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetFileAttributesA
GetLastError
FormatMessageA
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetPriorityClass
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetStringTypeExA
GetSystemDefaultLCID

Sections

.text
Size: 218KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

099e53671d8bccac83e82aacdaad8f61

Headers

File Characteristics

Imports

winmm

wsock32

ole32

opengl32

crypt32

shlwapi

advapi32

user32

msvcrt

oleaut32

shell32

gdi32

comctl32

kernel32

Sections

.text Size: 218KB - Virtual size: 220KB

.rdata Size: 30KB - Virtual size: 31KB

.data Size: 22KB - Virtual size: 23KB

.idata Size: 11KB - Virtual size: 11KB

.rsrc Size: 73KB - Virtual size: 75KB

.text
Size: 218KB - Virtual size: 220KB

.rdata
Size: 30KB - Virtual size: 31KB

.data
Size: 22KB - Virtual size: 23KB

.idata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 73KB - Virtual size: 75KB