JaffaCakes118_25e09d5ac7f4f13568c870770ff62caa

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_25e09d5ac7f4f13568c870770ff62caa
Size

11.7MB
MD5

25e09d5ac7f4f13568c870770ff62caa
SHA1

d084597445117fe9af6767b7b7242cb3be0b60d1
SHA256

7fc9fcf358367e1fead315b4da8ace24ba3a9ec085284746592699fead48b26a
SHA512

14eb3d144fb5f05aa3850d5fe7ad5cd82e9b759bc0df9e8ed3d528a9e3b07bd971c9e6a0c616449c0e9e817790e06b9c967c20b3914d2b67d63760763ed648d4
SSDEEP

196608:ZbHBKEydX7uwSkyQAcDzb5MsDaEhSUxhhHfe+pKfCe9iLbzO/YuLhifVvmHS8e43:ZfDDsBfHfppBvO/vhifVvi2k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_25e09d5ac7f4f13568c870770ff62caa

Files

JaffaCakes118_25e09d5ac7f4f13568c870770ff62caa
.exe windows:6 windows x86 arch:x86

a8f030453fedf782a048bf37501c1645

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges
CloseServiceHandle
ControlService
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
LookupPrivilegeValueW
OpenProcessToken
OpenSCManagerW
OpenServiceW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW

comctl32

CreateUpDownControl
ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_Draw
ImageList_EndDrag
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetDragCursorImage
InitCommonControls

comdlg32

ChooseFontW
CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertOpenSystemStoreA

gdi32

Arc
BitBlt
CloseEnhMetaFile
CombineRgn
CopyEnhMetaFileW
CreateBitmap
CreateBitmapIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateDIBitmap
CreateEnhMetaFileW
CreateFontIndirectW
CreateHatchBrush
CreateICW
CreatePalette
CreatePatternBrush
CreatePen
CreatePolygonRgn
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
Ellipse
EnumFontFamiliesExW
EqualRgn
ExcludeClipRect
ExtCreatePen
ExtCreateRegion
ExtFloodFill
ExtSelectClipRgn
ExtTextOutW
GdiFlush
GetBkColor
GetCharABCWidthsW
GetClipBox
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileHeader
GetEnhMetaFileW
GetMetaFileBitsEx
GetNearestPaletteIndex
GetObjectType
GetObjectW
GetOutlineTextMetricsW
GetPaletteEntries
GetPixel
GetRegionData
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentExPointW
GetTextExtentPoint32W
GetTextMetricsW
GetWinMetaFileBits
LineTo
MaskBlt
MoveToEx
OffsetRgn
PatBlt
Pie
PlayEnhMetaFile
PolyPolygon
Polygon
Polyline
PtInRegion
RealizePalette
RectInRegion
Rectangle
RoundRect
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetMapMode
SetMetaFileBitsEx
SetPixel
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx
StretchBlt
StretchDIBits

kernel32

AreFileApisANSI
CloseHandle
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateMutexW
CreatePipe
CreateProcessW
CreateSemaphoreW
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
DuplicateHandle
EnterCriticalSection
EnumResourceNamesW
ExitProcess
ExpandEnvironmentStringsW
FillConsoleOutputCharacterW
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FindResourceW
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeConsole
FreeLibrary
GetACP
GetCPInfo
GetCommandLineW
GetComputerNameW
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFinalPathNameByHandleW
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocaleInfoW
GetLogicalDriveStringsW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProfileStringW
GetShortPathNameW
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathA
GetTempPathW
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExA
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalSize
GlobalUnlock
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
HeapValidate
InitializeCriticalSection
InterlockedCompareExchange
IsBadReadPtr
IsBadStringPtrA
IsDBCSLeadByteEx
IsValidCodePage
IsValidLocale
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LoadResource
LocalFree
LockFile
LockFileEx
LockResource
MapViewOfFile
MoveFileExW
MulDiv
MultiByteToWideChar
OpenProcess
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
ReadConsoleOutputCharacterA
ReadFile
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryW
ResumeThread
SetConsoleCursorPosition
SetCurrentDirectoryW
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetFileTime
SetLastError
SetNamedPipeHandleState
SetThreadExecutionState
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnlockFile
UnlockFileEx
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoW
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile

mpr

WNetGetConnectionW

msvcrt

__dllonexit
__doserrno
__getmainargs
__initenv
__lconv_init
__mb_cur_max
__pioinfo
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_beginthreadex
_cexit
_chdrive
_close
_commit
_endthreadex
_environ
_errno
_exit
_fdopen
_filelengthi64
_fileno
_fmode
_fstat64
_fstati64
_get_osfhandle
_getcwd
_getdrive
_initterm
_iob
_lock
_lseeki64
_onexit
_open
_open_osfhandle
_putws
_setjmp3
_snwprintf
_stati64
_vsnprintf
time
mktime
localtime
gmtime
ctime
calloc
clearerr
clock
exit
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fopen
fprintf
fputc
fputs
fputwc
fputws
fread
free
frexp
fseek
fsetpos
ftell
fwprintf
fwrite
getc
getenv
getwc
isalnum
isalpha
isspace
iswalnum
iswalpha
iswctype
iswdigit
iswprint
iswspace
isxdigit
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
putc
puts
putwc
qsort
raise
rand
realloc
remove
setlocale
setvbuf
signal
sprintf
srand
sscanf
strcat
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtol
strtoul
strxfrm
_strdup
_stricmp
_strnicmp
_telli64
_unlock
_waccess
_wchmod
_wcsdup
_wfopen
_wgetenv
_wmkdir
_wopen
_wperror
_wputenv
_wremove
_wrename
_write
_wrmdir
_wtoi
abort
atan2
atof
atoi
swscanf
time
tolower
toupper
towlower
towupper
ungetc
ungetwc
vfprintf
vswprintf
wcschr
wcscmp
wcscoll
wcscpy
wcsftime
wcslen
wcsncmp
wcsncpy
wcspbrk
wcsspn
wcsstr
wcstod
wcstol
wcstoul
wcsxfrm
bsearch
longjmp
_timezone
_write
_tzset
_read
_getpid
_fileno
_fdopen
_close

netapi32

NetApiBufferFree
NetShareEnum

normaliz

IdnToAscii

ole32

CoCreateInstance
CoFreeUnusedLibraries
CoLockObjectExternal
CoTaskMemAlloc
CoTaskMemFree
DoDragDrop
OleFlushClipboard
OleGetClipboard
OleInitialize
OleIsCurrentClipboard
OleSetClipboard
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop

oleaut32

SysAllocString
SysFreeString
SysReAllocString
SysStringLen

powrprof

SetSuspendState

shell32

DragAcceptFiles
DragFinish
DragQueryFileW
DragQueryPoint
ExtractIconExW
ExtractIconW
SHBrowseForFolderW
SHFileOperationW
SHGetFileInfoW
SHGetFolderPathW
SHGetIconOverlayIndexW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW

user32

AdjustWindowRectEx
AppendMenuW
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcW
ChangeDisplaySettingsW
CheckMenuItem
CheckMenuRadioItem
ChildWindowFromPoint
ChildWindowFromPointEx
ClientToScreen
CloseClipboard
CopyRect
CreateAcceleratorTableW
CreateDialogIndirectParamW
CreateDialogParamW
CreateIconIndirect
CreateMenu
CreatePopupMenu
CreateWindowExW
DdeClientTransaction
DdeConnect
DdeCreateDataHandle
DdeCreateStringHandleW
DdeDisconnect
DdeFreeDataHandle
DdeFreeStringHandle
DdeGetData
DdeGetLastError
DdeInitializeW
DdeNameService
DdePostAdvise
DdeQueryStringW
DdeUninitialize
DefWindowProcW
DeferWindowPos
DestroyAcceleratorTable
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIconEx
DrawMenuBar
DrawStateW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndDialog
EndMenu
EndPaint
EnumClipboardFormats
EnumDisplaySettingsW
EnumThreadWindows
EnumWindows
ExitWindowsEx
FillRect
FindWindowExW
FlashWindow
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoW
GetClassNameW
GetClientRect
GetClipboardData
GetClipboardFormatNameW
GetCursorPos
GetDC
GetDesktopWindow
GetDialogBaseUnits
GetDlgItem
GetDoubleClickTime
GetFocus
GetIconInfo
GetKeyState
GetKeyboardState
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMessagePos
GetMessageTime
GetMessageW
GetParent
GetScrollInfo
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetUpdateRgn
GetWindow
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InflateRect
InsertMenuItemW
InsertMenuW
InvalidateRect
IsClipboardFormatAvailable
IsDialogMessageW
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsW
LoadBitmapW
LoadCursorFromFileW
LoadCursorW
LoadIconW
LoadImageW
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxW
ModifyMenuW
MoveWindow
MsgWaitForMultipleObjects
OffsetRect
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterHotKey
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
ScreenToClient
ScrollWindow
SendMessageW
SetCapture
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetMenu
SetMenuItemInfoW
SetParent
SetRect
SetRectEmpty
SetScrollInfo
SetTimer
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowCaret
ShowCursor
ShowWindow
SystemParametersInfoW
ToUnicode
TrackPopupMenu
TranslateAcceleratorW
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassW
UnregisterHotKey
UpdateWindow
ValidateRect
ValidateRgn
VkKeyScanW
WaitForInputIdle
WindowFromPoint
keybd_event

winmm

PlaySoundW

ws2_32

WSACleanup
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSASetEvent
WSASetLastError
WSAStartup
WSAWaitForMultipleEvents
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
getnameinfo
getpeername
getsockname
ioctlsocket
listen
ntohs
recv
select
send
setsockopt
socket

wsock32

__WSAFDIsSet
gethostbyaddr
gethostbyname
getservbyname
getsockopt
htonl
htons
inet_addr
ntohl
recvfrom
sendto
shutdown

Sections

.text
Size: 10.4MB - Virtual size: 10.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 227KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a8f030453fedf782a048bf37501c1645

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

crypt32

gdi32

kernel32

mpr

msvcrt

netapi32

normaliz

ole32

oleaut32

powrprof

shell32

user32

winmm

ws2_32

wsock32

Sections

.text Size: 10.4MB - Virtual size: 10.4MB

.data Size: 39KB - Virtual size: 38KB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.bss Size: - Virtual size: 227KB

.idata Size: 22KB - Virtual size: 21KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 59KB - Virtual size: 59KB

.text
Size: 10.4MB - Virtual size: 10.4MB

.data
Size: 39KB - Virtual size: 38KB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.bss
Size: - Virtual size: 227KB

.idata
Size: 22KB - Virtual size: 21KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 59KB - Virtual size: 59KB