3fa85cca124078c9410825c2cc774650_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3fa85cca124078c9410825c2cc774650_JaffaCakes118
Size

1.5MB
MD5

3fa85cca124078c9410825c2cc774650
SHA1

3edd68a6f1d685415e990b27ea18f97faf88fba2
SHA256

717423980af5c5f48b40912014d24f104756f94b70d3ef686a33dd872fd74347
SHA512

f4c4c308de08e99a6924cc3b89851cadd651e9b07cba5c5abf201d28da335df0da71c2e2f39319e8f0522ac6375b9bf73bb7f790415767f0e140f46c2f686f47
SSDEEP

24576:CUjnIp5SoQpX0+8WhO9qgIXdAA0GPXC0Z4X5nPx9pGHMtYTkxocqoYQB+Byv0Orh:/cCuTWhiqFdAGPS0ZmpfoHQYTqX/B+BM

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Jurassic Park/getdir.dll
unpack001/Jurassic Park/mirc.exe

Files

3fa85cca124078c9410825c2cc774650_JaffaCakes118
.zip
Jurassic Park/aliases/aliases-1
Jurassic Park/aliases/aliases-2
Jurassic Park/aliases/aliases-3
.js
Jurassic Park/aliases/aliases-4
.js
Jurassic Park/channels/channels.txt
Jurassic Park/control.ini
Jurassic Park/design/Side.jpg
.jpg
Jurassic Park/design/Thumbs.db
Jurassic Park/design/default.jpg
.jpg
Jurassic Park/design/jp.ico
Jurassic Park/design/main_top.jpg
.jpg
Jurassic Park/download/Thumbs.db
Jurassic Park/getdir.dll
.dll windows:4 windows x86 arch:x86

07a4affe293c5e15e0ff78fd59666613

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetWindowsDirectoryA
GetProcessHeap
lstrcmpiA
GetTempPathA
GetSystemDirectoryA

user32

CharUpperA
wsprintfA

shell32

SHGetSpecialFolderPathA

Exports

Exports

DLLInfo
GetDir
LoadDll
UnloadDll

Sections

.text
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 137B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Jurassic Park/intro.wav
Jurassic Park/kick.txt
Jurassic Park/logo.jpg
.jpg
Jurassic Park/mirc.exe
.exe windows:4 windows x86 arch:x86

df929926909c465d3fc659b1e9681333

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeEndPeriod
timeSetEvent
timeKillEvent
mciGetErrorStringA
timeGetDevCaps
mixerClose
mixerSetControlDetails
mciGetDeviceIDA
mciSendStringA
timeBeginPeriod
sndPlaySoundA
mixerGetLineControlsA
mixerGetLineInfoA
mixerOpen
mixerGetControlDetailsA

wsock32

recvfrom
sendto
getsockname
bind
WSACleanup
socket
listen
inet_addr
WSAAsyncGetHostByAddr
WSAAsyncGetHostByName
WSACancelAsyncRequest
ntohl
gethostname
recv
send
htons
connect
WSAGetLastError
accept
WSAAsyncSelect
shutdown
closesocket
ioctlsocket
htonl
setsockopt
WSASetLastError
WSAStartup
ntohs

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

mpr

WNetCloseEnum
WNetOpenEnumA
WNetEnumResourceA

comctl32

ImageList_AddMasked
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create

kernel32

WaitForSingleObject
CreateEventA
GetSystemDefaultLangID
GetLocaleInfoA
GetSystemDefaultLCID
GetWindowsDirectoryA
WinExec
GlobalFree
GlobalAlloc
GlobalUnlock
lstrcatA
lstrcpyA
lstrlenA
lstrcatW
lstrlenW
GlobalLock
lstrcpyW
GetVersionExA
QueryPerformanceCounter
QueryPerformanceFrequency
QueryDosDeviceA
GetFileType
CreateFileA
GetFileAttributesA
WriteFile
MulDiv
FindClose
FindNextFileA
FindFirstFileA
GetModuleFileNameA
_lwrite
_lclose
_hwrite
GlobalSize
OpenFile
_hread
_llseek
_lopen
SetThreadPriority
GetCurrentProcess
GetCurrentThreadId
SetFilePointer
GetLastError
ReadFile
SetEndOfFile
LoadLibraryA
GetDiskFreeSpaceA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDriveStringsA
SetFileAttributesA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetLocalTime
lstrcmpA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
SetErrorMode
FindCloseChangeNotification
Sleep
FindNextChangeNotification
WaitForMultipleObjects
FindFirstChangeNotificationA
GetEnvironmentVariableA
GetShortPathNameA
CompareFileTime
GetFileTime
ReleaseMutex
CreateMutexA
GetTimeZoneInformation
LocalAlloc
LocalReAlloc
LocalFree
lstrcpynA
GetTempPathA
SizeofResource
GetSystemTimeAsFileTime
CreateThread
TlsGetValue
TlsSetValue
ExitThread
HeapFree
HeapAlloc
GetOEMCP
GetCPInfo
ExitProcess
GetModuleHandleA
TerminateProcess
RtlUnwind
GetProcAddress
FreeLibrary
SetEvent
CloseHandle
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
FindResourceA
LoadResource
LockResource
HeapReAlloc
SetConsoleCtrlHandler
GetTimeFormatA
GetDateFormatA
GetStartupInfoA
GetCommandLineA
EnterCriticalSection
DeleteFileA
MoveFileA
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
TlsFree
SetLastError
TlsAlloc
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA
SetEnvironmentVariableW
VirtualProtect
GetSystemInfo
VirtualQuery
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
RaiseException
InitializeCriticalSection
SetStdHandle
GetCurrentProcessId
HeapSize
CompareStringA
CompareStringW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
RemoveDirectoryA
GetACP
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
FlushFileBuffers
CreateDirectoryA

user32

DdeUnaccessData
DdeAccessData
DdeQueryStringA
DdeCreateDataHandle
DdeClientTransaction
DdeConnect
DdeCreateStringHandleA
DdeInitializeA
CallWindowProcA
SetKeyboardState
GetKeyboardState
ToAscii
ScrollDC
DrawIconEx
GetMessageA
GetWindowThreadProcessId
ClipCursor
FlashWindow
ShowScrollBar
CharLowerBuffA
CharLowerA
GetWindowDC
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
VkKeyScanA
GetKeyboardLayout
CopyAcceleratorTableA
MapVirtualKeyA
CallNextHookEx
GetCapture
GetSystemMetrics
SystemParametersInfoA
RedrawWindow
PeekMessageA
DefMDIChildProcA
GetMenuState
IsMenu
RemoveMenu
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuItemID
TrackPopupMenu
GetMenuCheckMarkDimensions
RegisterWindowMessageA
SetWindowsHookExA
LoadAcceleratorsA
DispatchMessageA
TranslateMessage
TranslateMDISysAccel
TranslateAcceleratorA
IsDialogMessageA
GetForegroundWindow
LoadMenuA
PostQuitMessage
DefFrameProcA
RegisterClassExA
UnhookWindowsHookEx
ChildWindowFromPoint
ValidateRect
InvertRect
DefWindowProcA
DrawFrameControl
RegisterClassA
CreateIconIndirect
FindWindowExA
FindWindowA
SetScrollInfo
EqualRect
DdeFreeDataHandle
WindowFromPoint
ScreenToClient
SetMenu
SetActiveWindow
SetWindowLongA
CreateDialogParamA
GetCursorPos
GetFocus
GetAsyncKeyState
GetWindowLongA
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
EmptyClipboard
CloseClipboard
SetClipboardData
GetWindowTextLengthA
GetWindowTextA
WinHelpA
LoadStringA
MessageBeep
GetTopWindow
IsZoomed
GetActiveWindow
IsWindow
IsCharAlphaNumericA
GetDesktopWindow
IsIconic
GetDialogBaseUnits
SetDlgItemInt
GetDlgItemInt
GetSystemMenu
CheckMenuItem
LoadCursorA
SetCursor
CreatePopupMenu
DestroyMenu
GetMenu
GetSubMenu
GetMenuItemCount
DeleteMenu
AppendMenuA
DrawMenuBar
FrameRect
FillRect
SetWindowTextA
DestroyIcon
LoadImageA
GetClientRect
GetParent
DrawFocusRect
GetSysColor
CheckDlgButton
IsWindowEnabled
GetKeyState
IsDlgButtonChecked
BeginPaint
EndPaint
SendMessageA
LoadBitmapA
InvalidateRect
UpdateWindow
KillTimer
EndDialog
SetRect
SetFocus
PostMessageA
PtInRect
LoadIconA
DdeNameService
DdeUninitialize
DdeDisconnect
DdeFreeStringHandle
DialogBoxParamA
IsChild
InsertMenuA
ModifyMenuA
GetNextDlgTabItem
EnableMenuItem
ChildWindowFromPointEx
GetScrollPos
GetScrollRange
SetScrollPos
CreateMenu
EnableWindow
ShowWindow
MoveWindow
SetWindowPos
SetTimer
wsprintfA
CreateWindowExA
SetScrollRange
GetIconInfo
DrawIcon
GetDlgCtrlID
DrawTextA
SetCapture
ReleaseCapture
GetWindowPlacement
SetWindowPlacement
SetForegroundWindow
BringWindowToTop
GetMenuStringA
SendDlgItemMessageA
GetDC
GetDlgItem
GetWindowRect
MapWindowPoints
ReleaseDC
IsWindowVisible
DestroyWindow
CopyRect
GetClassNameA
ClientToScreen
GetWindow

gdi32

CreateCompatibleBitmap
LineTo
MoveToEx
CreatePen
SelectClipRgn
CombineRgn
CreateRectRgn
GetNearestColor
GetDeviceCaps
GetTextExtentPointA
CreateFontIndirectA
GetDIBits
CreateDIBitmap
ExtFloodFill
CreatePatternBrush
Rectangle
BitBlt
StretchBlt
GetStockObject
SetROP2
SetBkMode
GetTextCharset
PtInRegion
CreatePolygonRgn
Polyline
SetPixel
ExcludeClipRect
CreateBitmap
PatBlt
StretchDIBits
SetWindowOrgEx
GetObjectType
TextOutA
DeleteDC
CreateFontA
SetStretchBltMode
SetBrushOrgEx
CreateCompatibleDC
Ellipse
GetObjectA
CreateSolidBrush
CreateHatchBrush
GetTextMetricsA
SetTextColor
SetBkColor
ExtTextOutA
DeleteObject
SelectObject
RoundRect
GetPixel
SetPixelV

comdlg32

ChooseFontA
CommDlgExtendedError
GetOpenFileNameA
ChooseColorA

advapi32

RegEnumKeyA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegCreateKeyA
RegSetValueA
RegCloseKey
RegOpenKeyExA

shell32

SHGetSpecialFolderLocation
Shell_NotifyIconA
SHBrowseForFolderA
SHFileOperationA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetMalloc
DragQueryPoint
DragQueryFileA
DragFinish
ExtractIconExA
ExtractIconA
FindExecutableA
ShellExecuteA
DragAcceptFiles

ole32

ProgIDFromCLSID
CoCreateInstance
CLSIDFromProgID
OleInitialize
OleUninitialize

oleaut32

SetErrorInfo
LoadRegTypeLi
DispGetParam
VarR8FromCy
VarR8FromDate
VarCyFromR8
VarDateFromR8
VariantChangeType
SysAllocString
VariantClear
VariantInit
SysFreeString

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Jurassic Park/mirc.ini
Jurassic Park/perform.ini
Jurassic Park/popups.ini
Jurassic Park/quit.txt
Jurassic Park/quotes.txt
Jurassic Park/remote.ini
Jurassic Park/scripts/Autogreets
Jurassic Park/scripts/away
Jurassic Park/scripts/away scan
.js
Jurassic Park/scripts/mp3 player
.js
Jurassic Park/scripts/op protections
.vbs
Jurassic Park/scripts/pm blocker
Jurassic Park/scripts/services notices
.js
Jurassic Park/scripts/talker
Jurassic Park/scripts/welcome
Jurassic Park/servers.ini

Sharing

General

Malware Config

Signatures

Files

07a4affe293c5e15e0ff78fd59666613

Headers

File Characteristics

Imports

kernel32

user32

shell32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 664B

.rdata Size: 512B - Virtual size: 476B

.data Size: 512B - Virtual size: 137B

.reloc Size: 512B - Virtual size: 108B

df929926909c465d3fc659b1e9681333

Headers

File Characteristics

Imports

winmm

wsock32

version

mpr

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 96KB - Virtual size: 92KB

.data Size: 16KB - Virtual size: 171KB

.rsrc Size: 244KB - Virtual size: 240KB

.text
Size: 1024B - Virtual size: 664B

.rdata
Size: 512B - Virtual size: 476B

.data
Size: 512B - Virtual size: 137B

.reloc
Size: 512B - Virtual size: 108B

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 96KB - Virtual size: 92KB

.data
Size: 16KB - Virtual size: 171KB

.rsrc
Size: 244KB - Virtual size: 240KB