36bc314f356d4cab68d367689d58ace9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36bc314f356d4cab68d367689d58ace9_JaffaCakes118
Size

840KB
MD5

36bc314f356d4cab68d367689d58ace9
SHA1

2b1bf65386ab5dff5723567073d42eeea27bfaa4
SHA256

f04e484399efeb37e50bd3f3a01c91a6725ba6a5b5aa2dbe762e2b1a3bc5566f
SHA512

4d84fe1aad6b2607cad9e2c912dad43a0debf357bc167258a1da87c028cbeaba1f4e1c96243e2cf7f79e5334fe12f4d3c6e83a8e65b20ac095b42c5f46178443
SSDEEP

24576:twGsFx2Cu6GyUQJ11y63Ms+PpyLHIymiWY/t:uGsFx2Cu6GyUQJ11y6c7puHZL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36bc314f356d4cab68d367689d58ace9_JaffaCakes118

Files

36bc314f356d4cab68d367689d58ace9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec2fc35b15903ea37fea59641da84dea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessVersion
GetCPInfo
GetOEMCP
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
TlsGetValue
GetCurrentDirectoryA
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapAlloc
TlsSetValue
LocalReAlloc
GetStartupInfoA
RaiseException
CreateThread
ExitThread
TerminateProcess
GetACP
SetStdHandle
GetFileType
HeapSize
HeapReAlloc
FatalAppExitA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
HeapFree
ExitProcess
GlobalHandle
GlobalReAlloc
TlsFree
GetModuleFileNameA
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
GlobalLock
GlobalUnlock
WriteFile
SetCommTimeouts
CreateEventA
ReadFile
GetLastError
GetOverlappedResult
Sleep
ResetEvent
GetProfileStringA
GlobalFlags
TlsAlloc
LocalAlloc
SetFileTime
SetErrorMode
SetFileAttributesA
GetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
EnterCriticalSection
GetFileSize
GetFileAttributesA
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
lstrcmpA
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalAlloc
GetCurrentThread
SizeofResource
ResumeThread
SuspendThread
SetThreadPriority
LocalFree
SetEvent
FormatMessageA
GlobalGetAtomNameA
GetVersion
GetCurrentThreadId
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
FindResourceA
GlobalFree
LockResource
GetModuleHandleA
LoadResource
MulDiv
IsBadWritePtr
UnhandledExceptionFilter
GetShortPathNameA
GetTickCount
PurgeComm
lstrcmpiA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
CreateFileA
GetCurrentProcess
DuplicateHandle
MultiByteToWideChar
InterlockedDecrement
WideCharToMultiByte
SetLastError
GetCommProperties
InterlockedIncrement
GetProcAddress
lstrcatA
CloseHandle
GetUserDefaultLangID
lstrcpyA
lstrlenA
WinExec
FreeLibrary
GetWindowsDirectoryA
LoadLibraryA
GetVersionExA
GetSystemDirectoryA
GlobalMemoryStatus
WaitForSingleObject
GetCommandLineA
CreateProcessA
FreeEnvironmentStringsA
GetExitCodeProcess
FreeEnvironmentStringsW
VirtualFree
VirtualAlloc

user32

LoadStringA
GetFocus
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
wvsprintfA
GetCursorPos
ValidateRect
GetMessageA
GetDialogBaseUnits
PostQuitMessage
ShowOwnedPopups
WindowFromPoint
WaitMessage
KillTimer
AdjustWindowRectEx
SetFocus
GetClassNameA
GetDesktopWindow
GetSysColorBrush
DestroyMenu
GetWindowThreadProcessId
InsertMenuA
DeleteMenu
GetMenuStringA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
SetTimer
BeginDeferWindowPos
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
EndDeferWindowPos
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GetSystemMetrics
CharUpperA
wsprintfA
OemToCharA
CharToOemA
DrawStateA
CopyRect
LoadCursorA
CopyIcon
GetParent
ReleaseDC
GetWindowRect
InflateRect
InvalidateRect
IsWindow
SetWindowLongA
SetCursor
SetCapture
PtInRect
ReleaseCapture
MessageBeep
DestroyCursor
LoadIconA
SendMessageA
SetRect
MessageBoxA
RedrawWindow
GetDC
GetSysColor
EqualRect
DeferWindowPos
GetSubMenu
GetMenuItemID
GetWindowTextA
PostMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
GetWindowLongA
GetClientRect
SetWindowRgn
EnableWindow
GetWindowPlacement
IsIconic
GetKeyState
DrawFocusRect
DefDlgProcA
ExcludeUpdateRgn
IsWindowUnicode
UnregisterClassA
HideCaret
CharNextA
ShowCaret

gdi32

CreateRoundRectRgn
CreateSolidBrush
RoundRect
CreatePen
GetDeviceCaps
StartDocA
FrameRgn
EndPage
AbortDoc
StartPage
GetTextExtentPoint32A
GetTextMetricsA
EndDoc
GetObjectA
FillRgn
CreateFontIndirectA
DeleteDC
SaveDC
CombineRgn
SelectObject
SelectPalette
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
SetTextAlign
SetTextJustification
LineTo
SetMapperFlags
GetCurrentPositionEx
SetTextCharacterExtra
SetArcDirection
PolyDraw
ArcTo
SetColorAdjustment
PolyBezierTo
PolylineTo
GetClipRgn
CreateRectRgn
DeleteObject
ExtSelectClipRgn
PlayMetaFileRecord
SelectClipPath
EnumMetaFile
PlayMetaFile
GetObjectType
GetWindowExtEx
ExtCreatePen
GetViewportExtEx
CreatePatternBrush
CreateDIBPatternBrushPt
CreateHatchBrush
RectVisible
TextOutA
PtVisible
Escape
GetDCOrgEx
ExtTextOutA
DPtoLP
SetAbortProc
CreateBitmap
CreateCompatibleDC
CreateDCA
GetTextExtentPointA
PatBlt
BitBlt
CreateDIBitmap
GetStockObject
MoveToEx

comdlg32

GetOpenFileNameA
CommDlgExtendedError
PrintDlgA
PageSetupDlgA
GetFileTitleA
GetSaveFileNameA

winspool.drv

ClosePrinter
EnumPrintersA
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegQueryValueA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyA

shell32

ShellExecuteA
DragAcceptFiles
DragFinish
SHGetFileInfoA
DragQueryFileA

comctl32

ord17

wsock32

getsockname
accept
ioctlsocket
getpeername
ntohs
WSAGetLastError
htonl
closesocket
gethostbyname
inet_addr
send
WSAAsyncSelect
inet_ntoa
socket
recvfrom
sendto
connect
WSASetLastError
WSAStartup
WSACleanup
bind
htons
recv

Sections

.text
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.grdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ec2fc35b15903ea37fea59641da84dea

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

Sections

.text Size: 444KB - Virtual size: 443KB

.rdata Size: 60KB - Virtual size: 58KB

.data Size: 132KB - Virtual size: 151KB

.idata Size: 16KB - Virtual size: 13KB

.rsrc Size: 72KB - Virtual size: 68KB

.reloc Size: 36KB - Virtual size: 34KB

.grdata Size: 76KB - Virtual size: 76KB

.text
Size: 444KB - Virtual size: 443KB

.rdata
Size: 60KB - Virtual size: 58KB

.data
Size: 132KB - Virtual size: 151KB

.idata
Size: 16KB - Virtual size: 13KB

.rsrc
Size: 72KB - Virtual size: 68KB

.reloc
Size: 36KB - Virtual size: 34KB

.grdata
Size: 76KB - Virtual size: 76KB