175327e0271d62e27d89d1e88b352f0e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

175327e0271d62e27d89d1e88b352f0e_JaffaCakes118
Size

298KB
MD5

175327e0271d62e27d89d1e88b352f0e
SHA1

6865d10c7b24579f5920a949c8a39eb5a42bca7e
SHA256

76819f7df0ed38e8a24e5af4db2deb0176eb48dcf63449deeb6b4d7e73db7bbd
SHA512

2239bf47844becd7b7a6585977933b8b740b9c3006b738da77e1c16d2c7045782442c17a4b1f0f1d5bfc9abab9cf908fa15417356bf05755b0b216e182e19641
SSDEEP

6144:KoWNGxg/LGSLLNHJsPkveypsOWweWu5cFuddPgdsa85LB0zkrLyw/r:KekLhLFJsMpTGek0sZB0I/y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
175327e0271d62e27d89d1e88b352f0e_JaffaCakes118

Files

175327e0271d62e27d89d1e88b352f0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e4b65d8db89b4f84e7149d316c4273f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

DeviceMode
EXTDEVICEMODE
ord201
GetJobW
GetPrinterDriverA
SetPrinterDataExA
WritePrinter
AddPrinterW
DeviceCapabilitiesW

msvcrt

_wremove
iswpunct
_strnset

ws2_32

socket
ntohs
closesocket
WSCInstallProvider
WSAEventSelect
WSADuplicateSocketW
WSACreateEvent
WSAAddressToStringA

opengl32

glVertex4iv
glTexCoord4sv
glTexCoord4i
glTexCoord4dv
glStencilOp
glRasterPos4fv
glRasterPos4dv
glPixelStorei
glNormal3dv
glMapGrid1d
glLighti
glGetTexLevelParameteriv
glGetTexLevelParameterfv
glGetPixelMapusv
glCopyTexImage1D
glColor3fv
GlmfCloseMetaFile
wglGetCurrentContext

shlwapi

SHCopyKeyA
SHAutoComplete
PathUnquoteSpacesW
PathUnquoteSpacesA
PathUnExpandEnvStringsW
PathStripPathW
PathSearchAndQualifyA
PathRenameExtensionW
PathRemoveFileSpecW
PathRemoveFileSpecA
PathRemoveExtensionW
PathRemoveBackslashW
PathRemoveArgsA
PathRelativePathToW
PathIsURLW
PathIsUNCServerW
PathIsRootW
ord16
SHDeleteKeyA
PathIsFileSpecW
PathIsDirectoryW
PathIsDirectoryEmptyW
PathIsContentTypeW
PathIsContentTypeA
PathGetArgsA
PathFindOnPathW
PathFindFileNameW
PathFindFileNameA
PathFindExtensionW
PathFileExistsW
PathFileExistsA
PathCompactPathExW
PathCombineW
PathAppendW
PathAppendA
PathAddExtensionW
PathAddBackslashW
HashData
SHDeleteKeyW
SHDeleteValueA
SHDeleteValueW
SHEnumKeyExW
SHGetValueA
SHGetValueW
SHQueryInfoKeyW
SHQueryValueExA
SHQueryValueExW
SHRegGetBoolUSValueA
SHRegSetUSValueA
SHSetValueA
SHSetValueW
StrCSpnA
StrCSpnW
StrChrA
StrCmpIW
StrCmpNIA
StrCmpNIW
StrCmpNW
StrCmpW
StrDupA
StrDupW
StrFormatByteSizeW
StrRChrIW
StrStrA
StrStrIA
StrStrIW
StrStrW
StrToIntA
StrToIntExA
StrToIntExW
StrToIntW
StrTrimA
UrlApplySchemeW
UrlCombineW
UrlCreateFromPathW
UrlUnescapeA
UrlUnescapeW
PathIsRelativeW

advapi32

AllocateAndInitializeSid
CreateProcessWithLogonW
ElfCloseEventLog
ElfDeregisterEventSource
EnumServicesStatusA
FreeSid
GetTokenInformation
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
LsaQueryInfoTrustedDomain
OpenProcessToken
OpenSCManagerA
OpenThreadToken
RegCloseKey
RegConnectRegistryW
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyA
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyA
RegEnumKeyExA
RegEnumKeyExW
RegEnumValueW
RegOpenKeyA
RegOpenKeyExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegQueryValueA
RegQueryValueExA
RegSetValueExA
RegSetValueExW
RegisterTraceGuidsA
SystemFunction001
SystemFunction024
SystemFunction025
SystemFunction026
TraceEvent
UnregisterTraceGuids
CloseServiceHandle

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
CreateDIBSection
ChoosePixelFormat
BitBlt
CreateFontA
CreateFontIndirectA
CreateFontIndirectW
CreateMetaFileA
CreatePen
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteMetaFile
DeleteObject
Ellipse
EnumFontFamiliesExA
ExtTextOutA
ExtTextOutW
GetClipBox
GetDeviceCaps
GetObjectA
GetObjectW
GetTextExtentPoint32W
GetTextExtentPointA
GetTextExtentPointW
GetTextMetricsA
LPtoDP
LineTo
MoveToEx
PatBlt
Polygon
Polyline
Rectangle
RestoreDC
SaveDC
SelectObject
SetBkColor
SetBkMode
SetMapMode
SetTextColor
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StretchBlt
CloseMetaFile
TextOutW

kernel32

GetTempPathA
GetTempFileNameW
GetTempFileNameA
GetSystemWindowsDirectoryA
GetSystemTimeAsFileTime
GetSystemTime
GetSystemPowerStatus
GetSystemInfo
GetSystemDirectoryW
GetSystemDirectoryA
GetSystemDefaultUILanguage
GetStringTypeExA
GetStdHandle
GetShortPathNameW
GetProfileIntA
GetTempPathW
GetProcAddress
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetLocaleInfoA
GetLocalTime
GetLastError
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetExitCodeThread
GetExitCodeProcess
GetEnvironmentVariableW
GetTickCount
GetTimeFormatW
GetUserDefaultLCID
GetUserDefaultUILanguage
GetVersion
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
HeapReAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadReadPtr
IsDBCSLeadByte
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LockResource
MapUserPhysicalPages
MoveFileExW
MoveFileW
MulDiv
MultiByteToWideChar
OpenFile
OpenMutexA
OpenThread
QueryPerformanceCounter
RaiseException
ReadConsoleOutputA
ReadFile
ReleaseMutex
RemoveDirectoryA
RemoveDirectoryW
ReplaceFileA
ResumeThread
RtlMoveMemory
SearchPathA
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleInformation
SetLastError
SetSystemTime
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStructW
_hwrite
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrlenA
lstrlenW
GetProcessHeap
LoadLibraryW
CloseHandle
CompareFileTime
CompareStringW
ConnectNamedPipe
CopyFileW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileW
CreateMutexA
CreateMutexW
CreateProcessW
CreateThread
CreateTimerQueueTimer
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeleteTimerQueueTimer
DeviceIoControl
DuplicateHandle
EndUpdateResourceW
EnterCriticalSection
EnumCalendarInfoW
EnumSystemCodePagesW
EnumTimeFormatsA
ExitProcess
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileW
FindNextFileW
FindResourceA
FlushFileBuffers
FlushInstructionCache
FormatMessageA
FormatMessageW
FreeLibrary
FreeLibraryAndExitThread
FreeResource
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW

rpcrt4

NdrVaryingArrayMemorySize
NdrOleFree
NdrOleAllocate
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrClientCall2
NdrCStdStubBuffer_Release
IUnknown_Release_Proxy
IUnknown_QueryInterface_Proxy
IUnknown_AddRef_Proxy
CStdStubBuffer_QueryInterface
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Disconnect
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_Connect
RpcImpersonateClient
CStdStubBuffer_AddRef

shfolder

SHGetFolderPathA

user32

SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextA
SetWindowTextW
SetWindowsHookExA
ShowWindow
WindowFromPoint
ValidateRect
UpdateWindow
UnregisterClassW
UnregisterClassA
UnionRect
UnhookWindowsHookEx
TranslateMessage
TranslateAcceleratorW
TranslateAcceleratorA
TrackPopupMenuEx
TrackPopupMenu
SystemParametersInfoA
SetWindowLongA
ActivateKeyboardLayout
AdjustWindowRect
AdjustWindowRectEx
AppendMenuA
AppendMenuW
BeginDeferWindowPos
BeginPaint
CallNextHookEx
CallWindowProcA
CallWindowProcW
CharLowerA
CharLowerW
CharNextA
CharNextExA
CharNextW
CharPrevA
CharPrevW
CharUpperA
CharUpperW
CheckDlgButton
CheckMenuItem
CheckMenuRadioItem
CheckRadioButton
ClientToScreen
CloseClipboard
CopyRect
CreateDialogParamW
CreatePopupMenu
CreateWindowExA
CreateWindowExW
DdeAbandonTransaction
DefWindowProcA
DefWindowProcW
DeferWindowPos
DeleteMenu
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxIndirectParamA
DialogBoxParamA
DialogBoxParamW
DispatchMessageA
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIconEx
DrawTextA
DrawTextExW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EnumChildWindows
EnumThreadWindows
EnumWindows
EqualRect
FillRect
FindWindowExA
FindWindowExW
GetActiveWindow
GetCapture
GetClassInfoA
GetClassInfoExA
GetClassInfoExW
GetClassInfoW
GetClassNameA
GetClassNameW
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetDlgItemTextW
GetFocus
GetForegroundWindow
GetGUIThreadInfo
GetKeyState
GetKeyboardLayoutList
GetLastActivePopup
GetMenu
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuItemInfoW
GetMenuState
GetMenuStringW
GetMessageExtraInfo
GetMessagePos
GetMessageW
GetMonitorInfoA
GetNextDlgGroupItem
GetNextDlgTabItem
GetParent
GetPropA
GetPropW
GetScrollBarInfo
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetWindow
GetWindowDC
GetWindowInfo
GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
InflateRect
InsertMenuA
InsertMenuItemA
InsertMenuItemW
InsertMenuW
IntersectRect
InvalidateRect
IsChild
IsDialogMessageA
IsDialogMessageW
IsDlgButtonChecked
IsIconic
IsMenu
IsWindow
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsA
LoadAcceleratorsW
LoadCursorA
LoadIconA
LoadImageA
LoadImageW
LoadMenuA
LoadMenuW
LoadStringA
LoadStringW
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxW
ModifyMenuW
MonitorFromPoint
MoveWindow
OffsetRect
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
PostQuitMessage
PostThreadMessageA
PtInRect
RedrawWindow
RegisterClassA
RegisterClassExA
RegisterClassExW
RegisterClassW
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
RemovePropW
ScreenToClient
SendDlgItemMessageA
SendDlgItemMessageW
SendMessageA
SendMessageCallbackW
SendMessageTimeoutA
SendMessageTimeoutW
SendMessageW
SetActiveWindow
SetCapture
SetClipboardData
SetCursor
SetDlgItemInt
SetDlgItemTextA
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetMenu
SetMenuDefaultItem
SetMenuItemBitmaps
SetMenuItemInfoA
SetMenuItemInfoW
SetParent
SetPropA
SetPropW
SetRect
SetRectEmpty
SetTimer
TrackMouseEvent

dbghelp

vc7fpo
lmi
UnDecorateSymbolName
SymGetLineNext64

Sections

.text
Size: 221KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e4b65d8db89b4f84e7149d316c4273f

Headers

File Characteristics

Imports

winspool.drv

msvcrt

ws2_32

opengl32

shlwapi

advapi32

gdi32

kernel32

rpcrt4

shfolder

user32

dbghelp

Sections

.text Size: 221KB - Virtual size: 224KB

.rdata Size: 29KB - Virtual size: 31KB

.data Size: 22KB - Virtual size: 23KB

.idata Size: 16KB - Virtual size: 19KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 221KB - Virtual size: 224KB

.rdata
Size: 29KB - Virtual size: 31KB

.data
Size: 22KB - Virtual size: 23KB

.idata
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 8KB - Virtual size: 7KB