45a69b689ba095654ada0d26ce7b1807_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45a69b689ba095654ada0d26ce7b1807_JaffaCakes118
Size

1024KB
MD5

45a69b689ba095654ada0d26ce7b1807
SHA1

cf3913962a7a0cff690546406715dcf5196bb377
SHA256

7d10509fc14142ff80876c2efde7b543faa65c67baf383572014fedb40ed3e09
SHA512

08b5ecfff3fb8cdec74828efbbc91ec2be06bb9b8c0d6dce3ca81a501d222f12e265be3d55ef53faf96e2d0c54da42f5e0023e3634e6358de79f57890ccfb5ce
SSDEEP

24576:tOCIzQHib1tXtRHY1lqOp4ILCKlAksoaq1HC0BG030h:s8iH9RHeJPB00Btk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45a69b689ba095654ada0d26ce7b1807_JaffaCakes118

Files

45a69b689ba095654ada0d26ce7b1807_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7bea358ee0d2d7673f9c8c89208fcd8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

midiStreamProperty
midiOutPrepareHeader
midiStreamOut
midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiStreamOpen
midiOutUnprepareHeader
PlaySoundA

kernel32

LocalAlloc
InitializeCriticalSection
TlsAlloc
GlobalFlags
GlobalHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GetProcessVersion
GetCPInfo
TlsGetValue
WritePrivateProfileStringA
RtlUnwind
GetCommandLineA
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetOEMCP
TerminateProcess
ExitThread
HeapSize
GetACP
LCMapStringA
LCMapStringW
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetEnvironmentVariableW
SetEnvironmentVariableA
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetStdHandle
GetDriveTypeA
GetVolumeInformationA
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
FindResourceA
LoadResource
LockResource
SizeofResource
CreateThread
Sleep
MulDiv
OpenFile
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
CreateFileA
CloseHandle
DeviceIoControl
GetVersionExA
GetFullPathNameA
GetTickCount
GetFileSize
GetFileTime
ResumeThread
SuspendThread
SetThreadPriority
FormatMessageA
GetCurrentThread
lstrcmpA
FileTimeToSystemTime
LocalFree
FileTimeToLocalFileTime
UnlockFile
SetEndOfFile
SetFilePointer
LockFile
FlushFileBuffers
MultiByteToWideChar
GetCurrentProcess
DuplicateHandle
InterlockedIncrement
WideCharToMultiByte
InterlockedDecrement
GlobalGetAtomNameA
GetVersion
GetCurrentThreadId
GlobalFindAtomA
lstrcmpiA
GlobalAddAtomA
SetLastError
GlobalDeleteAtom
lstrcpynA
ReadFile
WriteFile
ClearCommError
WaitCommEvent
GetLastError
GetOverlappedResult
SetCommTimeouts
WaitForMultipleObjects
GetCommMask
BuildCommDCBA
SetCommMask
GetCommState
GlobalSize
SetCommState
PurgeComm
UnmapViewOfFile
GlobalFree
GetProfileStringA
MapViewOfFile
CreateFileMappingA
CreateEventA
OpenEventA
SetEvent
ExpandEnvironmentStringsA
ResetEvent
OutputDebugStringA
GetTempPathA
GlobalAlloc
GlobalLock
DeleteFileA
SetFileAttributesA
GetFileAttributesA
RemoveDirectoryA
MoveFileA
CopyFileA
SetVolumeLabelA
CreateDirectoryA
SetCurrentDirectoryA
SetLocalTime
GetModuleHandleA
GetDiskFreeSpaceA
GlobalUnlock
CreateProcessA
WaitForSingleObject
lstrlenA
GlobalReAlloc
lstrcatA
FindFirstFileA
WinExec
lstrcpyA
GetCurrentDirectoryA
FindNextFileA
FindClose
GetFileType
GetLogicalDriveStringsA
GetStartupInfoA
ExitProcess
HeapDestroy

user32

GetClassNameA
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
WindowFromPoint
CreateDialogIndirectParamA
EndDialog
CharUpperA
CheckMenuItem
SetMenuItemBitmaps
GetDesktopWindow
UnregisterClassA
LoadStringA
GetSysColorBrush
GetScrollPos
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
GetWindowPlacement
IsWindowEnabled
PostQuitMessage
IsZoomed
GetSystemMenu
DeleteMenu
SetWindowLongA
CallWindowProcA
GetWindowLongA
SetFocus
SetMenu
IsIconic
DestroyAcceleratorTable
PeekMessageA
CreateCursor
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
GetMenuItemID
MoveWindow
InvalidateRgn
RegisterClipboardFormatA
CreatePopupMenu
ShowWindow
GetNextDlgTabItem
SetActiveWindow
SetCursorPos
SetCursor
InvertRect
ScrollDC
PostMessageA
TrackPopupMenu
DestroyMenu
ValidateRect
DestroyCursor
SetWindowPos
MessageBeep
IsClipboardFormatAvailable
EmptyClipboard
SetClipboardData
GetTopWindow
GetWindow
GetActiveWindow
OpenClipboard
GetClipboardData
CloseClipboard
SetWindowRgn
ScreenToClient
ChildWindowFromPointEx
WinHelpA
KillTimer
SetTimer
GetScrollRange
SetScrollRange
SetScrollPos
SetParent
IsWindowVisible
TranslateMessage
DispatchMessageA
UpdateWindow
GetDC
ReleaseDC
LoadImageA
MessageBoxA
LoadBitmapA
GetKeyState
DestroyIcon
IsChild
GetDlgCtrlID
IsRectEmpty
GetFocus
IntersectRect
EqualRect
GetMenu
GetSubMenu
EnableMenuItem
AdjustWindowRect
LoadCursorA
GetCapture
ClientToScreen
wsprintfA
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
LoadIconA
SendDlgItemMessageA
InvalidateRect
ReleaseCapture
GetMessagePos
PtInRect
GetClientRect
GetCursorPos
SetCapture
SystemParametersInfoA
EnableWindow
SetRect
IsWindow
RedrawWindow
CopyRect
FillRect
MapWindowPoints
CreateAcceleratorTableA
GetMessageA
SetRectEmpty
AdjustWindowRectEx
GetSystemMetrics
DrawFrameControl
DrawEdge
InflateRect
OffsetRect
DrawFocusRect
GetWindowRect
GetParent
SendMessageA
GetSysColor
AppendMenuA
CreateMenu
LockWindowUpdate
TranslateAcceleratorA

gdi32

GetStockObject
CreateFontIndirectA
BitBlt
RealizePalette
GetDeviceCaps
CreateSolidBrush
GetObjectA
CreatePalette
CreateCompatibleDC
CreatePen
PatBlt
GetTextExtentPoint32A
DeleteDC
SelectObject
SetBkColor
SetStretchBltMode
CreateCompatibleBitmap
CreateDIBitmap
CreateBitmap
CreatePolygonRgn
GetClipRgn
SelectClipRgn
CombineRgn
GetCurrentObject
CreateRectRgn
RoundRect
DeleteObject
FillRgn
CreatePatternBrush
CreateHatchBrush
Ellipse
DPtoLP
EndDoc
CreateBrushIndirect
Polygon
LPtoDP
EndPage
Chord
Pie
Arc
GetPixel
StartDocA
SetPixelV
CreateDCA
CreateRectRgnIndirect
StartPage
CreateDIBSection
GetDIBits
ExtCreateRegion
GetSystemPaletteEntries
CreateRoundRectRgn
SelectPalette
PathToRegion
EndPath
CreateEllipticRgn
GetClipBox
BeginPath
SaveDC
RestoreDC
SetTextColor
SetBkMode
SetPolyFillMode
GetWindowExtEx
SetMapMode
SetViewportOrgEx
SetROP2
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
ExcludeClipRect
ScaleWindowExtEx
MoveToEx
LineTo
ExtSelectClipRgn
GetViewportExtEx
PtVisible
TextOutA
ExtTextOutA
RectVisible
Escape
GetTextMetricsA
StretchBlt
Rectangle

comdlg32

PrintDlgA
CommDlgExtendedError
GetSaveFileNameA
ChooseColorA
GetFileTitleA
GetOpenFileNameA
ChooseFontA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyA
RegCreateKeyExA
RegQueryValueA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

Shell_NotifyIconA
ShellExecuteA

comctl32

ImageList_Destroy
ImageList_LoadImageA
ord17

oleaut32

VarDateFromStr

ws2_32

accept
listen
recv
connect
ioctlsocket
bind
send
htons
WSAStartup
WSACleanup
select
inet_ntoa
recvfrom
sendto
setsockopt
socket
getpeername
htonl
inet_addr
gethostbyname
WSAAsyncSelect
closesocket
gethostname
gethostbyaddr

Exports

Exports

GetLibInf
GetLibSock

Sections

.text
Size: 816KB - Virtual size: 812KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bea358ee0d2d7673f9c8c89208fcd8e

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oleaut32

ws2_32

Exports

Exports

Sections

.text Size: 816KB - Virtual size: 812KB

.rdata Size: 104KB - Virtual size: 102KB

.data Size: 112KB - Virtual size: 171KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 76KB - Virtual size: 75KB

.text
Size: 816KB - Virtual size: 812KB

.rdata
Size: 104KB - Virtual size: 102KB

.data
Size: 112KB - Virtual size: 171KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 76KB - Virtual size: 75KB