3acc3ba27a08269bd17c7bb02cd4a96a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3acc3ba27a08269bd17c7bb02cd4a96a_JaffaCakes118
Size

139KB
MD5

3acc3ba27a08269bd17c7bb02cd4a96a
SHA1

18477073111f8ff85fcd20b30e791bab57059d2c
SHA256

d6afa7150f0535207dca951b2d808b1ecbaa23d82b1327e2ac14b8ffed579ab0
SHA512

2a86f66fd517b5982178afa38f5d6cd7fbecf903a9046698123b115190cfe0c029e05d26c35f5fe1b4a95228dfe59784268b6e491488cb82be01c92d18b8e618
SSDEEP

3072:sWwClXvR/GR9ccaYH2gGM0PL/jvZqnr3OwazlTMPvId4pAgGb319j/BCw:sWwqvR/ulHnGTjjQeIPvI2KdXj/BCw

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MYDEDF~1.EXE
unpack001/autoplay.exe

Files

3acc3ba27a08269bd17c7bb02cd4a96a_JaffaCakes118
.cab
MYDEDF~1.EXE
.exe windows:4 windows x86 arch:x86

a2fa66eb889f856076be46ac5bfcea0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaAryMove
__vbaLenBstr
__vbaStrVarMove
__vbaPut3
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaRaiseEvent
ord516
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord666
__vbaAryDestruct
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaVarIndexLoad
__vbaBoolVarNull
_CIsin
__vbaErase
__vbaVarZero
ord632
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
ord528
__vbaStrCmp
__vbaAryConstruct2
__vbaVarTstEq
__vbaPutOwner3
__vbaI2I4
__vbaVarLikeVar
DllFunctionCall
__vbaRedimPreserve
_adj_fpatan
__vbaFixstrConstruct
__vbaRedim
__vbaUI1ErrVar
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
__vbaStr2Vec
__vbaExceptHandler
ord712
__vbaStrToUnicode
ord713
_adj_fprem
_adj_fdivr_m64
ord607
ord608
__vbaFPException
ord717
__vbaUbound
__vbaStrVarVal
__vbaVarCat
__vbaLsetFixstrFree
ord644
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaR8Str
__vbaNew2
__vbaInStr
__vbaVar2Vec
_adj_fdiv_m32i
_adj_fdivr_m32i
ord573
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
__vbaDerefAry1
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaAryLock
__vbaVarDup
__vbaStrToAnsi
__vbaFpI4
ord617
_CIatan
__vbaStrMove
ord619
__vbaR8IntI4
__vbaStrVarCopy
_allmul
_CItan
__vbaAryUnlock
_CIexp
__vbaI4ErrVar
__vbaFreeStr
__vbaFreeObj
ord581

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
autoplay.exe
.exe windows:4 windows x86 arch:x86

13d6453e6cc8f6e5884eed662d2291b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

kernel32

WritePrivateProfileStringA
SetErrorMode
HeapFree
HeapAlloc
RtlUnwind
SetEnvironmentVariableA
ExitProcess
FindNextFileA
GetStartupInfoA
GetCommandLineA
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
HeapSize
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetOEMCP
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
DeleteFileA
CloseHandle
CreateFileA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetTempPathA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetModuleFileNameA
GetWindowsDirectoryA
OpenFile
FindFirstFileA
GetPrivateProfileSectionNamesA
Sleep
CreateProcessA
FreeLibrary
TerminateProcess
GetExitCodeProcess
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
FindClose
lstrcpynA
GetFileTime
GetFileSize
GetVersionExA
GetFileAttributesA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedIncrement
GlobalFree
GetDriveTypeA
GlobalAlloc
lstrcmpA
GetCurrentThread
GlobalLock
GlobalUnlock
MulDiv
SetLastError
InterlockedDecrement
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetSystemDirectoryA
ReadFile
GetUserDefaultLCID
GlobalMemoryStatus
GetLastError
GetCommModemStatus
GetSystemInfo
GetEnvironmentStringsW
GetComputerNameA

user32

EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
ClientToScreen
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
PostQuitMessage
GetCursorPos
ValidateRect
GetActiveWindow
TranslateMessage
GetMessageA
CreateDialogIndirectParamA
EndDialog
CharUpperA
GetClassNameA
GetSysColorBrush
DestroyMenu
LoadStringA
SetDlgItemTextA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
IsWindowVisible
GetNextDlgTabItem
GetTopWindow
GetCapture
WinHelpA
UnregisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
DestroyIcon
GetParent
wsprintfA
PostMessageA
GetKeyboardType
LoadCursorFromFileA
ShowCursor
FrameRect
GetClientRect
LoadCursorA
IntersectRect
PtInRect
SetRectEmpty
UnionRect
RedrawWindow
SetTimer
KillTimer
GetUpdateRect
SendMessageA
GetWindowRect
GetSystemMetrics
CopyRect
SetCursor
RegisterHotKey
UpdateWindow
LoadIconA
MessageBoxA
FindWindowA
EnableWindow
GetDC
IsWindowEnabled
ShowWindow
SetWindowTextA
IsDialogMessageA
ReleaseDC
LoadImageA
GetClassInfoA
GetWindowTextA
RegisterClassA

gdi32

GetObjectA
DeleteDC
CreatePalette
GetDIBColorTable
SelectObject
CreateCompatibleDC
BitBlt
RealizePalette
SelectPalette
DeleteObject
CreateSolidBrush
SetTextColor
GetDeviceCaps
SetBkColor
CreateCompatibleBitmap
CreateBitmap
GetTextExtentPoint32A
TextOutA
SetBkMode
GetStockObject
CreateFontIndirectA
GetClipBox
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
PtVisible
RectVisible
ExtTextOutA
Escape
CreateHalftonePalette

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
GetUserNameA
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA
ShellExecuteExA

comctl32

ord17
ImageList_Destroy
ImageList_GetIcon
ImageList_LoadImageA

wsock32

WSAStartup
bind
htonl
socket
connect
ioctlsocket
closesocket
WSACleanup
htons

Sections

.text
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2fa66eb889f856076be46ac5bfcea0e

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 100KB - Virtual size: 99KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 3KB

13d6453e6cc8f6e5884eed662d2291b7

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

Sections

.text Size: 196KB - Virtual size: 192KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 68KB - Virtual size: 92KB

.rsrc Size: 56KB - Virtual size: 54KB

.text
Size: 100KB - Virtual size: 99KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 3KB

.text
Size: 196KB - Virtual size: 192KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 68KB - Virtual size: 92KB

.rsrc
Size: 56KB - Virtual size: 54KB