521ddc27c1c208bced43aada0416c9f0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

521ddc27c1c208bced43aada0416c9f0_JaffaCakes118
Size

944KB
MD5

521ddc27c1c208bced43aada0416c9f0
SHA1

96a22612d7e8dc0c50c6593fd8c0ff498cf4e9a2
SHA256

1a5201c4c52058720d2747982d7bcf0f5a177908333f2b8721c20a470b8b72b6
SHA512

26947b840cc8255998b19cbc909d4aff13a553c5d3bd81397450750e1b453bbe8904a7c4a2e702dd8fcc96539381e2444005b312e958eab9fe4486911511d4d6
SSDEEP

24576:FHy5Vrm55G7bY18rfhqXEAGXfYxMCJSuOIKe/9s:FHy5VCeY1YoXErPfKjK29s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
521ddc27c1c208bced43aada0416c9f0_JaffaCakes118

Files

521ddc27c1c208bced43aada0416c9f0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0a5a0a72066c14fcac9c6182e2c7c849

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\download_mgr\Release\flv_std_installer.pdb

Imports

kernel32

CreateMutexW
LocalFree
DebugBreak
SetEndOfFile
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
ExitProcess
HeapCreate
RtlUnwind
GetConsoleCP
SetStdHandle
MoveFileA
DeleteFileA
GetSystemTimeAsFileTime
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ExitThread
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
SystemTimeToFileTime
SetFilePointer
DosDateTimeToFileTime
GetStdHandle
GetStartupInfoW
CreateFileA
UnregisterWaitEx
TerminateProcess
GetSystemInfo
VirtualAlloc
SetLastError
FlushInstructionCache
FormatMessageW
WideCharToMultiByte
VirtualFree
GetCurrentProcess
GetPrivateProfileSectionW
GetCurrentProcessId
GetVersion
CloseHandle
GetCurrentThreadId
DeleteCriticalSection
lstrcmpiW
GetLocalTime
EnterCriticalSection
GetProcAddress
GetLastError
GetPrivateProfileIntW
RaiseException
GlobalUnlock
lstrlenW
MultiByteToWideChar
GetModuleFileNameW
LeaveCriticalSection
SizeofResource
Sleep
TerminateThread
LoadLibraryW
GlobalAlloc
InitializeCriticalSection
GetPrivateProfileStringW
GetTickCount
GetModuleHandleW
OutputDebugStringW
WaitForSingleObject
GlobalLock
InterlockedDecrement
GetExitCodeProcess
GetLongPathNameW
ReadDirectoryChangesW
SetEvent
InterlockedCompareExchange
QueryPerformanceFrequency
GetCurrentDirectoryW
InterlockedIncrement
LoadLibraryExW
LoadResource
QueryPerformanceCounter
FormatMessageA
GetModuleHandleA
ReadConsoleInputW
DuplicateHandle
FillConsoleOutputAttribute
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterW
WriteConsoleW
SetConsoleCursorPosition
ReadConsoleA
SetConsoleTextAttribute
GetNumberOfConsoleInputEvents
WriteConsoleInputW
SetNamedPipeHandleState
FlushFileBuffers
ReadFile
WriteFile
CreateNamedPipeW
ConnectNamedPipe
PeekNamedPipe
SetConsoleCtrlHandler
InterlockedExchange
CancelIo
RegisterWaitForSingleObject
CreateEventA
SetHandleInformation
UnregisterWait
QueueUserWorkItem
PostQueuedCompletionStatus
GetFileType
GetConsoleMode
CreateIoCompletionPort
GetQueuedCompletionStatus
SetErrorMode
ReleaseMutex
CreateThread
DeviceIoControl
CreateFileW
GetVersionExW
GetFileAttributesA
LockResource
FreeResource
FreeLibrary
FindResourceW
lstrlenA

user32

MoveWindow
GetWindow
CopyRect
CallWindowProcW
GetMonitorInfoW
DrawFrameControl
DestroyIcon
SetWindowTextW
EnableWindow
MapWindowPoints
IsWindowVisible
ReleaseCapture
MessageBoxW
PostThreadMessageW
GetKeyNameTextW
CreateWindowExW
FrameRect
ShowWindow
SetLayeredWindowAttributes
GetCursorPos
RedrawWindow
GetDlgItem
MonitorFromWindow
GetWindowTextW
BringWindowToTop
InvalidateRect
LoadIconW
RegisterClassExW
GetClassInfoExW
PtInRect
BeginPaint
SetFocus
GetClientRect
IsWindowEnabled
LoadCursorW
TrackMouseEvent
DestroyWindow
GetFocus
ScreenToClient
GetMessageW
SetForegroundWindow
DrawIconEx
GetKeyState
IsZoomed
KillTimer
PostMessageW
SetCapture
IsChild
FillRect
GetWindowDC
PostQuitMessage
SetActiveWindow
GetWindowRect
SetTimer
SetWindowRgn
MapVirtualKeyW
UpdateLayeredWindow
GetWindowTextLengthW
SetCursor
ClientToScreen
EndPaint
FindWindowW
CharNextW
GetDC
TranslateMessage
InflateRect
PeekMessageW
ReleaseDC
SetWindowLongW
SetWindowPos
LoadStringW
GetActiveWindow
IsWindow
EqualRect
PrintWindow
SendMessageW
DefWindowProcW
DispatchMessageW
OffsetRect
GetWindowThreadProcessId
AllowSetForegroundWindow
SystemParametersInfoW
GetForegroundWindow
AttachThreadInput
GetSystemMetrics
UnregisterClassA
SetRect
GetParent
GetWindowLongW

gdi32

GetClipRgn
ExtSelectClipRgn
BitBlt
DeleteDC
CreateFontIndirectW
SetBkColor
SetBkMode
DeleteObject
SelectObject
SelectClipRgn
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
SaveDC
GetObjectW
CreateRectRgn
GetStockObject
OffsetViewportOrgEx
CreateRoundRectRgn
RectInRegion
CreateRectRgnIndirect
ExcludeClipRect
CreateDIBSection
SetTextColor
GetObjectA
ExtTextOutW
IntersectClipRect
CreatePolygonRgn
RestoreDC

advapi32

CryptDestroyHash
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW
CryptHashData
CryptReleaseContext
CryptAcquireContextW
CryptGetHashParam
CryptCreateHash

shell32

DragQueryFileW
SHGetFileInfoA
SHGetSpecialFolderPathW
ord165
ShellExecuteW

ole32

CoUninitialize
CoTaskMemRealloc
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoInitialize
ReleaseStgMedium
DoDragDrop
CoTaskMemFree
OleDuplicateData
CoTaskMemAlloc
RegisterDragDrop
CoCreateInstance

oleaut32

VarUI4FromStr

shlwapi

StrToIntW
PathFileExistsA
StrToIntA
StrCmpW

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

winmm

timeGetTime

gdiplus

GdipGetPropertyItem
GdipSetLinePresetBlend
GdipCreateSolidFill
GdipTranslateMatrix
GdipDisposeImageAttributes
GdipAlloc
GdipDisposeImage
GdipResetWorldTransform
GdipDeletePath
GdipTransformPath
GdipDeleteRegion
GdipRotateMatrix
GdipGetPathPointsI
GdipAddPathLineI
GdipGetPropertyItemSize
GdipSetCompositingMode
GdipTranslateWorldTransform
GdipCreateRegion
GdipCreateFromHDC
GdipGetPixelOffsetMode
GdipImageGetFrameDimensionsCount
GdipFillPath
GdipDeleteMatrix
GdipSetInterpolationMode
GdipCombineRegionRegion
GdipFillRectangleI
GdipCloneImage
GdipSetClipPath
GdipDrawLineI
GdipCreatePath
GdipCreateRegionRectI
GdipImageGetFrameDimensionsList
GdipSetImageAttributesWrapMode
GdipAddPathBezierI
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipGetClip
GdipDrawPath
GdipCreateMatrix
GdipTranslateTextureTransform
GdipDrawImageRectRectI
GdipGetImageHeight
GdipCreatePath2
GdipSetLineTransform
GdipCreateTexture2I
GdipCloneBrush
GdipCreateLineBrushFromRectI
GdiplusShutdown
GdipLoadImageFromStream
GdipDeleteBrush
GdipGetInterpolationMode
GdipGetPointCount
GdipSetClipRegion
GdipCreateImageAttributes
GdipDeletePen
GdipGetImageWidth
GdipSetPixelOffsetMode
GdipCreatePen1
GdipCreateFontFromDC
GdipDeleteStringFormat
GdipSetStringFormatTrimming
GdipCreateStringFormat
GdipImageRotateFlip
GdipSetStringFormatHotkeyPrefix
GdipSetPenDashStyle
GdipDrawString
GdipGetTextRenderingHint
GdipImageSelectActiveFrame
GdipSetStringFormatAlign
GdipDeleteFont
GdipSetStringFormatLineAlign
GdipMeasureString
GdipCreateBitmapFromHICON
GdipSetImageAttributesColorMatrix
GdipCreateFontFromLogfontA
GdipSetStringFormatFlags
GdiplusStartup
GdipImageGetFrameCount
GdipDrawRectangleI
GdipAddPathPieI
GdipFree
GdipSetCompositingQuality

iphlpapi

GetAdaptersInfo

ws2_32

FreeAddrInfoW
getsockopt
socket
GetAddrInfoW
inet_addr
closesocket
bind
setsockopt
shutdown
WSAGetLastError
WSASend
WSARecv
WSAIoctl
ioctlsocket
WSARecvFrom
WSASetLastError
WSAStartup
select
htons

Sections

.text
Size: 484KB - Virtual size: 483KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a5a0a72066c14fcac9c6182e2c7c849

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

winmm

gdiplus

iphlpapi

ws2_32

Sections

.text Size: 484KB - Virtual size: 483KB

.rdata Size: 122KB - Virtual size: 121KB

.data Size: 14KB - Virtual size: 23KB

.rsrc Size: 262KB - Virtual size: 262KB

.reloc Size: 48KB - Virtual size: 48KB

.text
Size: 484KB - Virtual size: 483KB

.rdata
Size: 122KB - Virtual size: 121KB

.data
Size: 14KB - Virtual size: 23KB

.rsrc
Size: 262KB - Virtual size: 262KB

.reloc
Size: 48KB - Virtual size: 48KB