55669c9a0b2295e390b6f6694029178c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

55669c9a0b2295e390b6f6694029178c_JaffaCakes118
Size

5.3MB
MD5

55669c9a0b2295e390b6f6694029178c
SHA1

7f56c9a809b3b592aad808012ec1691a8b6d6dac
SHA256

e5fac98a900edefbbe2f7876e82b06608f1cd1505277f3f724ac0ab8b29042d1
SHA512

2e28d18b15e16e00fa09eca0519c73aefa3b0aad4de4bcccfcdec985ab3f764244116c24420ccb15767c98ea71fb7fc27cf098706d5353c6514fd3a6cf855d3a
SSDEEP

98304:aEOD2YVQxkprVYY1PaVfaSbr/vriWCdPIgxTrmFOQHyN+oWO8yEVVBoGa8bhf2fc:aEOD2YVQxkprVYY1PaVfaSbr/v+WIrTm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55669c9a0b2295e390b6f6694029178c_JaffaCakes118

Files

55669c9a0b2295e390b6f6694029178c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db4f115cfa6aa2ca1a6ff94e9d55cea1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetDefaultIMEWnd
ImmGetCompositionStringA
ImmGetCompositionWindow
ImmSetCompositionWindow
ImmGetIMEFileNameA
ImmGetOpenStatus
ImmSetOpenStatus
ImmGetConversionStatus
ImmSetConversionStatus
ImmReleaseContext
ImmGetDescriptionA
ImmGetContext

dsound

ord2
ord1

opengl32

glFogi
glColor3ub
glGetIntegerv
glTexEnvi
glClearColor
wglCreateContext
glGetString
wglMakeCurrent
wglDeleteContext
glFogf
glFogfv
glViewport
glBlendFunc
glReadPixels
glGetFloatv
glScalef
glStencilOp
glColorMask
glColor4f
glEnable
glDisable
glEnd
glVertex2f
glTexCoord2f
glColor4ub
glBegin
glColor3f
glTexImage2D
glBindTexture
glFlush
glClear
glPopMatrix
glAlphaFunc
glDepthFunc
glTranslatef
glRotatef
glLoadIdentity
glPushMatrix
glMatrixMode
glVertex3f
glNormal3f
glVertex3fv
glColor3fv
glDeleteTextures
glTexParameteri
glGenTextures
glTexEnvf
glDepthMask
glStencilFunc
glFrontFace
glPolygonMode

glu32

gluPerspective
gluOrtho2D

winmm

mmioDescend
timeSetEvent
timeKillEvent
timeEndPeriod
timeGetDevCaps
timeBeginPeriod
mmioWrite
mmioRead
mmioAscend
timeGetTime
mmioOpenA
mmioClose

kernel32

HeapDestroy
GetEnvironmentVariableA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetOEMCP
GetACP
HeapCreate
IsBadWritePtr
IsValidLocale
GetCPInfo
FatalAppExitA
HeapSize
HeapReAlloc
TlsFree
TlsAlloc
ExitThread
TlsGetValue
TlsSetValue
GetVersion
GetStartupInfoA
GetTickCount
IsBadReadPtr
lstrlenA
GlobalUnlock
GlobalLock
OutputDebugStringA
GetCurrentThreadId
Sleep
Process32Next
Process32First
CreateToolhelp32Snapshot
GetLastError
MoveFileA
GetFileAttributesA
CreateFileA
GetCommandLineA
CloseHandle
ReadFile
GetFileSize
GetPrivateProfileStringA
GetCurrentDirectoryA
DeleteFileA
CopyFileA
SetFileAttributesA
TerminateProcess
OpenProcess
WinExec
FindClose
FindFirstFileA
GetLocalTime
GetModuleFileNameA
SetFilePointer
WriteFile
IsValidCodePage
lstrcmpiA
GetVersionExA
QueryPerformanceCounter
SetProcessAffinityMask
SetThreadPriority
SetPriorityClass
GetProcessAffinityMask
GetThreadPriority
GetPriorityClass
GetCurrentThread
GetCurrentProcess
QueryPerformanceFrequency
FreeLibrary
GetProcAddress
LoadLibraryA
GlobalMemoryStatus
ExitProcess
SetConsoleMode
GetStdHandle
AllocConsole
FreeConsole
SetConsoleTitleA
GetConsoleTitleA
SetLastError
SetConsoleCursorPosition
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
ReadConsoleOutputA
GetCurrentProcessId
GetSystemTime
GetTimeZoneInformation
RaiseException
InterlockedIncrement
InterlockedDecrement
RtlUnwind
GetThreadContext
lstrcpynA
Module32First
Module32Next
lstrcpyA
PeekNamedPipe
CreatePipe
SetStdHandle
DuplicateHandle
GetFileInformationByHandle
HeapAlloc
FindNextFileA
GetProcessHeap
HeapFree
GetTempPathA
GetTempFileNameA
LoadLibraryExA
VirtualFree
VirtualAlloc
VirtualQuery
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
VirtualProtect
GetModuleFileNameW
lstrcmpA
GetComputerNameA
ReleaseMutex
TerminateThread
CreateThread
EnterCriticalSection
LeaveCriticalSection
CreateDirectoryA
lstrcatA
MoveFileExA
OpenMutexA
OpenEventA
WaitForSingleObject
CreateEventA
CreateProcessA
WaitForMultipleObjects
GetExitCodeProcess
ResetEvent
ResumeThread
CreateMutexA
GetModuleHandleA
SetEndOfFile
DeleteCriticalSection
WideCharToMultiByte
SetUnhandledExceptionFilter
InitializeCriticalSection
SetEvent
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetEnvironmentStrings
GetEnvironmentStringsW
FlushFileBuffers
IsBadCodePtr
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetConsoleCtrlHandler
GetLocaleInfoW
CreateFileMappingA
RemoveDirectoryA
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemDirectoryA

user32

IsIconic
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
UpdateWindow
KillTimer
GetKeyboardLayoutNameA
AdjustWindowRect
GetSystemMetrics
SetForegroundWindow
LoadIconA
LoadCursorA
RegisterClassA
BeginPaint
EndPaint
PostQuitMessage
DefWindowProcA
SetCapture
ReleaseCapture
SystemParametersInfoA
ReleaseDC
ChangeDisplaySettingsA
ShowCursor
FindWindowA
SetCursorPos
UnregisterHotKey
RegisterHotKey
GetWindowRect
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetDesktopWindow
IntersectRect
wsprintfA
SetTimer
SetScrollPos
GetScrollPos
IsWindowVisible
GetFocus
SetFocus
CreateWindowExA
ShowWindow
GetDC
SetWindowPos
SetWindowTextA
GetWindowTextA
GetCaretPos
GetWindowLongA
GetAsyncKeyState
SendMessageA
CallWindowProcA
OpenClipboard
GetClipboardData
CloseClipboard
SetWindowLongA
DestroyWindow
SetRect
GetActiveWindow
GetCursorPos
ScreenToClient
GetDoubleClickTime
PtInRect
OffsetRect
MessageBoxA
PostMessageA
GetKeyboardLayout
wvsprintfA
EnumChildWindows
RemoveMenu
DrawMenuBar
GetSystemMenu
GetClassNameA
GetWindowThreadProcessId
EnumDisplaySettingsA

gdi32

SelectObject
CreateCompatibleDC
GetTextExtentPointA
DeleteObject
GetTextExtentPoint32A
SwapBuffers
GetStockObject
SetPixelFormat
ChoosePixelFormat
CreateFontA
CreateDIBSection
DeleteDC
SetTextColor
SetBkColor
TextOutA

advapi32

RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
InitializeSecurityDescriptor
CryptReleaseContext
CryptDestroyKey
CryptEncrypt
CryptImportKey
CryptAcquireContextA
GetUserNameA
RegEnumValueA
CryptDestroyHash
CryptVerifySignatureA
CryptHashData
SetSecurityDescriptorDacl
CryptCreateHash
CryptGetHashParam
CryptDeriveKey
CryptDecrypt

shell32

ShellExecuteA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

ws2_32

recv
WSAGetLastError
WSASend
sendto
send
WSACleanup
htons
inet_addr
gethostbyname
connect
WSAAsyncSelect
setsockopt
socket
shutdown
WSAStartup
closesocket

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wzaudio

wzAudioStop
wzAudioOption
wzAudioCreate
wzAudioGetStreamOffsetRange
wzAudioDestroy
wzAudioPlay

setupapi

SetupDiCreateDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA

wininet

InternetQueryDataAvailable
InternetCloseHandle
InternetOpenA
InternetConnectA
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetReadFile
FtpFindFirstFileA
FtpOpenFileA

urlmon

URLDownloadToFileA

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 208KB - Virtual size: 136.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db4f115cfa6aa2ca1a6ff94e9d55cea1

Headers

File Characteristics

Imports

imm32

dsound

opengl32

glu32

winmm

kernel32

user32

gdi32

advapi32

shell32

ole32

ws2_32

version

wzaudio

setupapi

wininet

urlmon

Sections

.text Size: 4.9MB - Virtual size: 4.9MB

.rdata Size: 204KB - Virtual size: 203KB

.data Size: 208KB - Virtual size: 136.9MB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 4.9MB - Virtual size: 4.9MB

.rdata
Size: 204KB - Virtual size: 203KB

.data
Size: 208KB - Virtual size: 136.9MB

.rsrc
Size: 12KB - Virtual size: 8KB