3f8dcd38a2dabec2378183fc7940a9f9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f8dcd38a2dabec2378183fc7940a9f9_JaffaCakes118
Size

796KB
MD5

3f8dcd38a2dabec2378183fc7940a9f9
SHA1

f043e94be41b39c4bc6aae812b4e141b62cd0eab
SHA256

30864a7a2a291e415e6042251872b7673bd1313cea1a0832b0911c0a45ef2b4c
SHA512

b14a0a234abbb8e71ebf32bd43b242a163f77b9d7c95b73da34d11741fedfcb2052bf959d8078c909228b8a668d9650f6f747712bd9c92d801cb79277d8c75ea
SSDEEP

6144:ODjEBcUxEJvnV0CwP7wBpZcD5rVP+7IY+fnbbbbbptbbbbBbbbAb7YeXybbbbbbA:Qj9aEJvqrP7wBpmDrdf9fn2jTgg04X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f8dcd38a2dabec2378183fc7940a9f9_JaffaCakes118

Files

3f8dcd38a2dabec2378183fc7940a9f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

df304ed0a60b3462d04de4012fb06cdf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mumsg

??1CMsg@@QAE@XZ
??0CMsg@@QAE@XZ
?LoadWTF@CMsg@@QAEXPAD@Z
?Get@CMsg@@QAEPADH@Z

winmm

timeGetTime
sndPlaySoundA

ws2_32

inet_ntoa
WSAAsyncSelect
WSACleanup
send
htons
inet_addr
gethostbyname
connect
WSAStartup
WSAGetLastError
socket
recv
closesocket

wz_zp

BZ2_bzDecompressInit
BZ2_bzDecompress
BZ2_bzDecompressEnd

kernel32

GlobalFlags
SizeofResource
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
SetErrorMode
GetTickCount
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
HeapFree
GetACP
TerminateProcess
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
CompareStringA
CompareStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetExitCodeProcess
CreateProcessA
SetEnvironmentVariableA
GetProfileStringA
WritePrivateProfileStringA
GetPrivateProfileStringA
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
CreateEventA
GlobalAlloc
lstrcmpA
GetCurrentThread
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleFileNameA
GetThreadLocale
GetCurrentDirectoryA
SetFileAttributesA
GetLastError
CreateMutexA
Sleep
CreateDirectoryA
RemoveDirectoryA
GetFileAttributesA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
lstrcpynA
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
MulDiv
SetLastError
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcmpiA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
DeleteFileA
CopyFileA
CreateFileA
GetFileSize
ReadFile
WriteFile
CloseHandle
ResetEvent
WaitForSingleObject
SetUnhandledExceptionFilter

user32

CharUpperA
GetCursorPos
ValidateRect
GetMessageA
WindowFromPoint
SetWindowContextHelpId
MapDialogRect
CharNextA
LoadStringA
GetSysColorBrush
DestroyMenu
CopyAcceleratorTableA
GetNextDlgGroupItem
RegisterClipboardFormatA
PostThreadMessageA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckRadioButton
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
IsWindowVisible
GetTopWindow
GetCapture
WinHelpA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
IsWindowEnabled
CopyRect
UpdateWindow
LoadCursorA
CopyIcon
GetWindowRect
GetDC
ReleaseDC
InflateRect
SetWindowLongA
SetCursor
PtInRect
ReleaseCapture
SetCapture
MessageBeep
LoadImageA
GetDesktopWindow
IsChild
GetClassNameA
PeekMessageA
TranslateMessage
DispatchMessageA
KillTimer
PostQuitMessage
SetRect
IsIconic
GetSystemMetrics
DrawIcon
FindWindowA
SetTimer
LoadIconA
MessageBoxA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMenuCheckMarkDimensions
GetMenuState
GetClassInfoA
ModifyMenuA
RedrawWindow
IsWindow
GetSysColor
GetClientRect
GetParent
SendMessageA
InvalidateRect
EnableWindow
PostMessageA
LoadBitmapA
GetDlgItem
MoveWindow
wsprintfA
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
SetWindowPos

gdi32

GetClipBox
SetTextColor
SetBkColor
CreateBitmap
DeleteDC
SaveDC
RestoreDC
SelectObject
SelectPalette
SetBkMode
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
IntersectClipRect
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
PatBlt
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
DeleteObject
CreateSolidBrush
GetTextExtentPoint32A
CreateFontIndirectA
SetDIBitsToDevice
StretchDIBits
GetDIBits
CreatePalette
RealizePalette
GetStockObject
CreateFontA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateCompatibleBitmap
CreateCompatibleDC
CreateRectRgn
BitBlt
GetTextExtentPointA
CreateDIBitmap
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegQueryValueA
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey

shell32

SHFileOperationA
ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

OleFlushClipboard
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize

olepro32

ord253

oleaut32

VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
SysFreeString
VariantClear

wininet

FtpFindFirstFileA
InternetFindNextFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpGetFileA
InternetOpenA
InternetConnectA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetSetStatusCallback
FtpOpenFileA
InternetReadFile

Sections

.text
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 484KB - Virtual size: 481KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df304ed0a60b3462d04de4012fb06cdf

Headers

File Characteristics

Imports

mumsg

winmm

ws2_32

wz_zp

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Sections

.text Size: 228KB - Virtual size: 227KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 28KB - Virtual size: 219KB

.rsrc Size: 484KB - Virtual size: 481KB

.text
Size: 228KB - Virtual size: 227KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 28KB - Virtual size: 219KB

.rsrc
Size: 484KB - Virtual size: 481KB