2c7d838fc2823a1ee28b076a423519f6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2c7d838fc2823a1ee28b076a423519f6_JaffaCakes118
Size

2.2MB
MD5

2c7d838fc2823a1ee28b076a423519f6
SHA1

bf8f38606d0f449b6e59ee46055f488b3936ce32
SHA256

768c5805c850745865ff09091b9ec3df9eb67308630b4fd3f0b98c267de51f2a
SHA512

0888ae5822cf0efa54a512234234171a289afe61ce0f8907bbaec9ae8e29a347e00d1f4e16e092034d0152721103751dd5af86793e707ebddfdd4f80020cd75f
SSDEEP

24576:cMQ3wdSu3veRtHKzP8mpHYyOZ8EyKiyc9XkbfLb7RGKjE2juXdeVxcFedDoZ+Loe:G3wUufJowPIa0bfdljOUrUedkZ3pC/1H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c7d838fc2823a1ee28b076a423519f6_JaffaCakes118

Files

2c7d838fc2823a1ee28b076a423519f6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

48ae29c31a244474d088080eb26d6523

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipFree
GdipAlloc
GdipCreateFromHDC
GdipDrawImageI
GdipDrawImageRectI
GdipCloneImage
GdipCreateBitmapFromFile
GdiplusShutdown
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipGetImageThumbnail
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipDeleteGraphics
GdipCreateBitmapFromHBITMAP

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
CM_Request_Device_EjectW
CM_Get_Parent
SetupDiDestroyDeviceInfoList

winmm

waveInClose
mmioClose
mmioAscend
mmioWrite
waveInAddBuffer
waveInReset
waveInGetErrorTextA
mmioDescend
waveOutUnprepareHeader
waveOutClose
waveOutReset
waveOutOpen
waveOutPrepareHeader
waveOutWrite
waveOutGetErrorTextA
waveInUnprepareHeader
waveInOpen
waveInStart
mmioRead
mmioCreateChunk
mmioOpenA
waveInPrepareHeader

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW

ole32

StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CLSIDFromString
CLSIDFromProgID
CoInitializeEx
CoInitializeSecurity
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID

kernel32

SetHandleCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
QueryPerformanceCounter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
GetTimeZoneInformation
VirtualFree
HeapAlloc
HeapSize
HeapReAlloc
InitializeCriticalSectionAndSpinCount
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetProcessHeap
WriteConsoleA
GetConsoleOutputCP
GetLocaleInfoW
CompareStringW
SetEnvironmentVariableA
CreateFileW
SetConsoleMode
ReadConsoleInputA
CreateFileMappingA
GlobalFree
GlobalReAlloc
GlobalAlloc
SizeofResource
LoadLibraryW
SetConsoleCtrlHandler
GetVersion
GlobalMemoryStatus
FlushConsoleInputBuffer
OpenEventA
UnmapViewOfFile
MapViewOfFile
IsValidCodePage
GetACP
OutputDebugStringW
WriteConsoleW
GetStdHandle
DebugBreak
ExitProcess
GetFileType
SetStdHandle
IsBadReadPtr
HeapValidate
GetStartupInfoA
GetCommandLineA
ExitThread
CreateThread
VirtualQuery
GetSystemInfo
VirtualAlloc
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException
RtlUnwind
GetTickCount
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
GetModuleFileNameA
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
VirtualProtect
GetFileTime
GetFileSizeEx
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
GetModuleHandleW
InterlockedIncrement
GlobalFlags
SetErrorMode
GetModuleFileNameW
WritePrivateProfileStringA
InterlockedExchange
GetCurrentThread
GetLocaleInfoA
ConvertDefaultLocale
EnumResourceLanguagesA
ReleaseSemaphore
CreateSemaphoreA
GetAtomNameA
GetCurrentProcessId
lstrcmpA
CompareStringA
lstrcmpW
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
GetThreadLocale
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
DuplicateHandle
SuspendThread
SetThreadPriority
GetModuleHandleA
SetLastError
lstrcatA
ReadFile
GetFullPathNameA
GetCurrentThreadId
FreeResource
GlobalLock
GlobalUnlock
MulDiv
CreateEventA
ResumeThread
SetEvent
GetSystemDirectoryA
GetShortPathNameA
Module32First
GetLogicalDriveStringsA
CreateToolhelp32Snapshot
Process32First
Process32Next
QueryDosDeviceA
Sleep
GetLastError
OpenProcess
TerminateProcess
FreeLibrary
InterlockedDecrement
FormatMessageA
LocalAlloc
LoadLibraryA
GetProcAddress
LocalFree
MultiByteToWideChar
lstrcpyA
CreateDirectoryA
CopyFileA
lstrlenA
WaitForSingleObject
DeleteFileA
FindNextFileA
GetFileSize
SetFileAttributesA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileA
CloseHandle
DeviceIoControl
GetDriveTypeA
GetVolumeInformationA
GetFileAttributesA
OutputDebugStringA
GetTempPathA
RemoveDirectoryA
HeapFree

user32

IsRectEmpty
RegisterClipboardFormatA
UnregisterClassA
CopyAcceleratorTableA
CharNextA
MessageBeep
GetClipboardFormatNameA
UnpackDDElParam
ReuseDDElParam
DestroyMenu
SetCursor
ReleaseCapture
TranslateAcceleratorA
GetCursorPos
GetMessageA
SetRectEmpty
EndDialog
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
IsWindowEnabled
MoveWindow
SetWindowTextA
RegisterWindowMessageA
GetClassInfoExA
GetClassInfoA
RegisterClassA
SendDlgItemMessageA
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
WinHelpA
TrackPopupMenu
GetDlgItem
GetWindowTextLengthA
GetKeyState
DestroyWindow
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
SetMenu
GetMenu
GetMessageTime
GetMessagePos
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
CharUpperA
PostThreadMessageA
GetWindowLongA
MapDialogRect
EnableWindow
SetWindowContextHelpId
SetForegroundWindow
OpenClipboard
SetClipboardViewer
WindowFromPoint
GetParent
IsChild
GetLastActivePopup
GetWindow
GetTopWindow
GetNextDlgGroupItem
GetDesktopWindow
GetFocus
SetCapture
GetCapture
SetActiveWindow
KillTimer
SetTimer
RedrawWindow
ShowOwnedPopups
IsWindowVisible
ValidateRect
InvalidateRgn
InvalidateRect
UpdateWindow
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
IsZoomed
IsIconic
PostMessageA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
IsWindow
ScreenToClient
LoadMenuA
SetMenuItemBitmaps
ModifyMenuA
InsertMenuItemA
GetSubMenu
GetMenuItemInfoA
GetMenuState
EnableMenuItem
CheckMenuItem
IsMenu
CreatePopupMenu
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetSysColorBrush
GetActiveWindow
PostQuitMessage
MessageBoxA
ShowWindow
LoadBitmapA
SetRect
CopyRect
FillRect
GetSysColor
GetAsyncKeyState
LoadIconA
GetClipboardData
CloseClipboard
GetForegroundWindow
FindWindowA
FindWindowExA
RegisterDeviceNotificationA
GetWindowTextA
GetWindowThreadProcessId
DdeInitializeA
DdeCreateStringHandleA
DdeConnect
DdeClientTransaction
DdeAccessData
DdeDisconnect
DdeFreeStringHandle
DdeUninitialize
LoadStringA
CreateWindowExA
GetMenuItemCount
GetMenuItemID
GetMenuItemRect
SetWindowPos
SendMessageA
PeekMessageA
DispatchMessageA
IsDialogMessageA
TranslateMessage
LoadCursorA
GetDC
ReleaseDC
GetUserObjectInformationW
GetProcessWindowStation
PtInRect
InflateRect
UnionRect
GetNextDlgTabItem
LoadAcceleratorsA

gdi32

GetStockObject
SelectPalette
RealizePalette
GetDIBits
GetDeviceCaps
GetObjectA
GetRgnBox
GetObjectType
GetBkColor
GetTextColor
GetMapMode
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
GetPixel
TextOutA
ExtTextOutA
GetTextExtentPoint32A
GetTextMetricsA
GetCharWidthA
Escape
CreateSolidBrush
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
IntersectClipRect
ExtSelectClipRgn
StretchDIBits
GetSystemPaletteEntries
BitBlt
SelectObject
DeleteDC
CreateCompatibleBitmap
CreateRectRgnIndirect
CreatePalette
CreateBitmap
CreateFontA
CreateFontIndirectA
CreatePatternBrush
CreateCompatibleDC
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegCloseKey
RegEnumKeyA
OpenThreadToken
RevertToSelf
SetThreadToken
RegisterEventSourceA
ReportEventA
DeregisterEventSource
GetUserNameA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyA
RegCreateKeyExA
RegOpenKeyA
RegQueryValueExA

shell32

DragQueryFileA
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
DragFinish

comctl32

InitCommonControlsEx
_TrackMouseEvent

oledlg

ord8

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear
SysAllocStringLen
VarDateFromStr
VarUdateFromDate
VariantChangeType
VariantCopy
SafeArrayDestroy
OleCreateFontIndirect
SysStringLen
SysAllocStringByteLen
VariantTimeToSystemTime
SystemTimeToVariantTime

ws2_32

__WSAFDIsSet
select
recv
send
gethostname
closesocket
inet_ntoa
getpeername
WSAGetLastError
connect
ioctlsocket
WSASetLastError
gethostbyname
inet_addr
getservbyname
htons
socket
WSAStartup
shutdown
WSACleanup

wininet

InternetGetLastResponseInfoA
FtpPutFileA
FtpCreateDirectoryA
InternetConnectA
InternetSetStatusCallback
InternetCloseHandle
InternetOpenA
InternetQueryOptionA

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 387KB - Virtual size: 387KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 330KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48ae29c31a244474d088080eb26d6523

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

setupapi

winmm

shlwapi

ole32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

oleaut32

ws2_32

wininet

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 387KB - Virtual size: 387KB

.data Size: 80KB - Virtual size: 106KB

.rsrc Size: 330KB - Virtual size: 330KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 387KB - Virtual size: 387KB

.data
Size: 80KB - Virtual size: 106KB

.rsrc
Size: 330KB - Virtual size: 330KB