a8ea259167c889b01d474ecea56dc945_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a8ea259167c889b01d474ecea56dc945_JaffaCakes118
Size

910KB
MD5

a8ea259167c889b01d474ecea56dc945
SHA1

c7597bde52094d45b978a4bd6807b04969df102d
SHA256

1970cd087ba6230f44469526b47f404511dcfc0cc4b3e90b306bad752b692ff8
SHA512

43403ca11bd319310efd8a31e8b46783c419769928fdece4308a07e62fee7e00501f4a4aabaef888bc69ea9f862c8e81a4ead415691812959c7bbc0866ebc56c
SSDEEP

12288:2PDqqO6vou2pF1FxzAibFOFu430VXrkivN+XH/GnN4FcBTSRZWSjDJfCyl90mjxY:qO0YF1fbYRofl+XeN4FPRZWSLxlWcO

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Easy Fishing/Easy Fishing.exe
unpack001/Easy Fishing/MDT2DF.DLL

Files

a8ea259167c889b01d474ecea56dc945_JaffaCakes118
.rar
Easy Fishing/Easy Fishing.exe
.exe windows:4 windows x86 arch:x86

994793f090bb4f70e3769f5a9425aa56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GlobalAddAtomA
GetModuleHandleA
GlobalFree
GlobalDeleteAtom
GlobalGetAtomNameA
FreeConsole
GetEnvironmentVariableA
VirtualProtect
VirtualAlloc
GetProcAddress
GetLastError
LoadLibraryA
SetLastError
GetVersionExA
SetThreadPriority
GetCurrentThread
CreateProcessA
GetCommandLineA
GetStartupInfoA
SetEnvironmentVariableA
ReleaseMutex
WaitForSingleObject
CreateMutexA
OpenMutexA
GetCurrentThreadId
CloseHandle
ReadFile
GetFileSize
CreateFileA
VirtualQueryEx
FindClose
FindFirstFileA
FindFirstFileW
GetModuleFileNameW
GetExitCodeProcess
ReadProcessMemory
ContinueDebugEvent
SetThreadContext
GetThreadContext
WaitForDebugEvent
SuspendThread
DebugActiveProcess
ResumeThread
CreateProcessW
GlobalAlloc
GetStartupInfoW
MapViewOfFile
DuplicateHandle
GetCurrentProcess
CreateFileMappingA
VirtualProtectEx
WriteProcessMemory
ExitProcess
CompareStringA
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
CompareStringW
MultiByteToWideChar
SetFilePointer
HeapReAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapFree
HeapAlloc
GetVersion
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
TerminateProcess
GlobalLock
GlobalUnlock
CreateThread
Sleep
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetCurrentProcessId
GetModuleFileNameA
GetCommandLineW
GetShortPathNameA

user32

GetDesktopWindow
MoveWindow
SetPropA
EnumThreadWindows
GetPropA
GetMessageA
BeginPaint
EndPaint
KillTimer
GetAsyncKeyState
GetSystemMetrics
SetTimer
SetWindowTextA
GetDlgItem
CreateDialogIndirectParamA
ShowWindow
UpdateWindow
LoadStringA
LoadStringW
FindWindowA
WaitForInputIdle
DestroyWindow
MessageBoxA
InSendMessage
UnpackDDElParam
FreeDDElParam
DefWindowProcA
LoadCursorA
CreateWindowExA
GetWindowThreadProcessId
SendMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
EnumWindows
PackDDElParam
PostMessageA
IsWindow
RegisterClassA

gdi32

DeleteObject
CreateDCA
SelectPalette
RealizePalette
CreateDIBitmap
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
CreatePalette

Sections

.text
Size: - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 52KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 36KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 200KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Easy Fishing/MDT2DF.DLL
.dll regsvr32 windows:4 windows x86 arch:x86

51f3979618bb1d944816cb7d03135101

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

oleaut32

VariantChangeTypeEx
SafeArrayPutElement
LoadTypeLi
VariantInit
SysAllocStringLen
SysFreeString
SetErrorInfo
SysStringLen
SafeArrayGetUBound
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SafeArrayDestroy
VariantClear
SysAllocString
SysReAllocStringLen
SysAllocStringByteLen
GetErrorInfo

kernel32

FreeLibrary
TlsGetValue
LeaveCriticalSection
TlsSetValue
EnterCriticalSection
GetCurrentThreadId
TlsFree
DeleteCriticalSection
GetProcessHeap
InitializeCriticalSection
TlsAlloc
InterlockedDecrement
GetSystemDefaultLCID
IsValidLocale
GetUserDefaultLCID
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetVersion
LockResource
LoadResource
GetTickCount
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
HeapReAlloc
HeapAlloc
HeapFree
GetModuleFileNameA
GetStdHandle
WriteFile
HeapDestroy
HeapCreate
GetLastError
SetLastError
FreeResource
GetFileAttributesA
SizeofResource
GetLocaleInfoA
GetStringTypeW
LoadLibraryExA
SearchPathA
GetFullPathNameA
SetCurrentDirectoryW
OutputDebugStringW
lstrlenW
LoadLibraryExW
GetWindowsDirectoryW
SearchPathW
GetSystemDirectoryW
GetModuleFileNameW
GetLocaleInfoW
GetFullPathNameW
GetFileAttributesW
GetCurrentDirectoryW
FormatMessageW
FindResourceW
FindFirstFileW
CreateDirectoryW
CompareStringW
GetVersionExA
WideCharToMultiByte
MultiByteToWideChar
CreateDirectoryA
FindFirstFileA
FindResourceA
FormatMessageA
GetCurrentDirectoryA
VirtualFree
GetSystemDirectoryA
GetWindowsDirectoryA
CompareStringA
lstrlenA
OutputDebugStringA
SetCurrentDirectoryA
MulDiv
InterlockedExchange
InterlockedIncrement
GetCurrentProcessId
IsBadWritePtr
VirtualAlloc
GetSystemInfo
GlobalSize
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
IsDBCSLeadByte
GetEnvironmentVariableW
GetProfileIntA
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeA

advapi32

RegCreateKeyA
RegQueryInfoKeyA
RegSetValueExW
RegSetValueW
RegQueryValueExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyExW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyW
RegCloseKey
RegDeleteKeyA
RegEnumKeyA
RegEnumKeyExA
RegOpenKeyA
RegQueryValueA
RegQueryValueExA
RegSetValueA
RegSetValueExA
RegEnumValueA
RegFlushKey

ole32

StringFromCLSID
WriteClassStg
StgCreateDocfile
WriteClassStm
CreateStreamOnHGlobal
CreateDataAdviseHolder
OleSaveToStream
CoCreateInstance
StringFromGUID2
CreateDataCache
RevokeDragDrop
RegisterDragDrop
CLSIDFromProgID
CLSIDFromString
OleGetIconOfClass
CreateOleAdviseHolder
WriteFmtUserTypeStg
OleSave
ReleaseStgMedium
OleCreateLinkFromData
OleRun
OleGetClipboard
DoDragDrop
CoCreateGuid
OleQueryLinkFromData
ProgIDFromCLSID
CoTaskMemFree
CoTaskMemAlloc
OleIsCurrentClipboard
OleFlushClipboard
CreateItemMoniker
OleCreateStaticFromData
CreateBindCtx
GetRunningObjectTable
IIDFromString
OleSetClipboard
OleCreateFromData
OleQueryCreateFromData
ReadClassStg
ReadClassStm

gdi32

CreateFontIndirectA
CreateICA
UnrealizeObject
SetBrushOrgEx
OffsetRgn
CombineRgn
GetRegionData
CreatePen
BitBlt
GetClipRgn
RectVisible
ExcludeClipRect
SelectClipRgn
CreateHatchBrush
IntersectClipRect
CreateRectRgnIndirect
PlayMetaFile
GetMapMode
SaveDC
LPtoDP
GetWindowOrgEx
SetViewportOrgEx
GetWindowExtEx
SetViewportExtEx
GetObjectType
RestoreDC
CreateMetaFileA
SetMapMode
SetWindowOrgEx
SetWindowExtEx
CloseMetaFile
DeleteMetaFile
GetNearestColor
GetBkColor
SetBkColor
GetCurrentObject
PatBlt
GetClipBox
SetBkMode
SetTextColor
CreateCompatibleBitmap
MoveToEx
LineTo
SetROP2
Rectangle
ExtTextOutW
GetTextMetricsW
GetTextFaceW
GetTextExtentPoint32W
GetObjectW
EnumFontFamiliesW
CreateICW
CreateFontIndirectW
CreateDCW
CreateDCA
DeleteDC
SelectObject
EnumFontFamiliesA
GetObjectA
GetTextExtentPoint32A
GetTextFaceA
GetTextMetricsA
ExtTextOutA
DeleteObject
GetDeviceCaps
CreatePalette
CreatePatternBrush
GetStockObject
CreateSolidBrush
RealizePalette
SelectPalette
GetPaletteEntries
CreateCompatibleDC

user32

TranslateAcceleratorW
SystemParametersInfoW
SetWindowTextW
UnregisterClassW
WinHelpW
SetWindowsHookExW
SetPropW
SetDlgItemTextW
SendMessageW
SendDlgItemMessageW
RemovePropW
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
PostMessageW
PeekMessageW
OemToCharW
ModifyMenuW
MessageBoxIndirectW
LoadStringW
LoadMenuW
LoadIconW
LoadCursorW
LoadBitmapW
LoadAcceleratorsW
IsDialogMessageW
InsertMenuW
GetWindowTextLengthW
GetWindowTextW
GetWindowLongW
GetPropW
GetMessageW
GetMenuStringW
GetDlgItemTextW
GetClipboardFormatNameW
GetClassNameW
GetClassInfoW
FindWindowW
DrawTextW
DispatchMessageW
DialogBoxParamW
DialogBoxIndirectParamW
DefWindowProcW
CreateWindowExW
CreateDialogParamW
CreateAcceleratorTableW
CopyAcceleratorTableW
CharUpperW
CharToOemW
CharPrevW
CharNextW
CopyAcceleratorTableA
CallWindowProcW
AppendMenuW
AppendMenuA
CharLowerA
CharUpperA
CharToOemA
CreateWindowExA
DrawTextA
FindWindowA
GetClassInfoA
GetClassNameA
GetClipboardFormatNameA
GetDlgItemTextA
GetMenuStringA
GetPropA
GetWindowTextA
GetWindowTextLengthA
InsertMenuA
LoadStringA
MessageBoxIndirectA
ModifyMenuA
OemToCharA
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
RemovePropA
GetDlgItem
SendMessageA
SetDlgItemTextA
SetPropA
SetWindowTextA
TranslateAcceleratorA
CallWindowProcA
wvsprintfW
wvsprintfA
GetSysColor
GetSystemMetrics
SetTimer
KillTimer
TrackPopupMenu
SetCapture
GetCapture
ReleaseCapture
UnhookWindowsHookEx
CallNextHookEx
EnumWindows
ScreenToClient
RedrawWindow
GetWindowThreadProcessId
IsWindow
DestroyWindow
EndPaint
GetClientRect
BeginPaint
FillRect
WindowFromPoint
ReleaseDC
InvalidateRect
SetWindowPos
GetDC
ValidateRect
PtInRect
GetCursorPos
GetKeyState
InvertRect
DrawFocusRect
InflateRect
DestroyCursor
SetFocus
GetFocus
SetCursor
CreateIconIndirect
GetIconInfo
InvalidateRgn
ScrollWindowEx
IntersectRect
EnableWindow
OffsetRect
ShowWindow
SetWindowRgn
EqualRect
EnumChildWindows
GetUpdateRect
GetWindowDC
ClientToScreen
LockWindowUpdate
GetDCEx
GetDoubleClickTime
GetMessageTime
SetRectEmpty
DestroyAcceleratorTable
IsChild
GetParent
DeleteMenu
GetMessagePos
IsRectEmpty
GetSubMenu
EnableMenuItem
CheckMenuItem
GetMenuItemID
GetMenuItemCount
GetForegroundWindow
GetUpdateRgn
IsWindowVisible
MapWindowPoints
ShowCaret
EndDeferWindowPos
DeferWindowPos
GetWindowRect
BeginDeferWindowPos
ScrollDC
HideCaret
BringWindowToTop
UpdateWindow
ChildWindowFromPointEx
CreateAcceleratorTableA
CreateDialogParamA
DefWindowProcA
DialogBoxIndirectParamA
DialogBoxParamA
DispatchMessageA
GetMessageA
GetWindowLongA
IsDialogMessageA
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
LoadIconA
LoadMenuA
PeekMessageA
WinHelpA
SystemParametersInfoA
SetWindowsHookExA
UnregisterClassA
CharLowerW
SetWindowLongA
PostMessageA
SetWindowLongW
IsIconic
AdjustWindowRect
GetActiveWindow
GetCursor

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllRegisterServerSetup
DllUnregisterServer
FormsCloseParentUnit
FormsOpenParentUnit
FormsSetLCID

Sections

.text
Size: 482KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Easy Fishing/images.jpg
.jpg

Sharing

General

Malware Config

Signatures

Files

994793f090bb4f70e3769f5a9425aa56

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: - Virtual size: 103KB

.data Size: - Virtual size: 3KB

.text1 Size: 192KB - Virtual size: 192KB

.adata Size: 52KB - Virtual size: 64KB

.data1 Size: 36KB - Virtual size: 128KB

.pdata Size: 200KB - Virtual size: 256KB

.rsrc Size: 296KB - Virtual size: 2KB

51f3979618bb1d944816cb7d03135101

Headers

File Characteristics

Imports

oleaut32

kernel32

advapi32

ole32

gdi32

user32

Exports

Exports

Sections

.text Size: 482KB - Virtual size: 481KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 25KB - Virtual size: 26KB

.idata Size: 11KB - Virtual size: 10KB

.rsrc Size: 39KB - Virtual size: 39KB

.reloc Size: 19KB - Virtual size: 18KB

.text
Size: - Virtual size: 103KB

.data
Size: - Virtual size: 3KB

.text1
Size: 192KB - Virtual size: 192KB

.adata
Size: 52KB - Virtual size: 64KB

.data1
Size: 36KB - Virtual size: 128KB

.pdata
Size: 200KB - Virtual size: 256KB

.rsrc
Size: 296KB - Virtual size: 2KB

.text
Size: 482KB - Virtual size: 481KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 25KB - Virtual size: 26KB

.idata
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 39KB - Virtual size: 39KB

.reloc
Size: 19KB - Virtual size: 18KB