JaffaCakes118_67dc9aa92104128ebf504256a8030920

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_67dc9aa92104128ebf504256a8030920
Size

556KB
MD5

67dc9aa92104128ebf504256a8030920
SHA1

3fdd3be687dd325d85123c69e5266288e16895cf
SHA256

aac629c32fc4b8e0958654b11fed1b5ecc555f7ae1a9f16d08e09b96b4250cc0
SHA512

458fe6c7290ec46ea641927a4cc6aa4458ed914b43200227e20f95fe3dc91c4ad744590cd6e7250e92e3313da1e920d62fdc0684c528fd4a986134a6c4766a38
SSDEEP

6144:WmuKPcDfVTrEFzfxtgNyDIQKzo+itaJkH2PSb14ACyZ5ntmNnOvR5FgmiMGkI:CVTsbgNslWLitaJkHLN6HR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_67dc9aa92104128ebf504256a8030920

Files

JaffaCakes118_67dc9aa92104128ebf504256a8030920
.exe windows:4 windows x86 arch:x86

ba966e84d4982d8f633bf89f8edfa9ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

htons
connect
ntohl
getpeername
closesocket
sendto
htonl
recv
send
getservbyport
WSAStartup
WSACleanup
setsockopt
ioctlsocket
gethostbyname
socket
bind
ntohs
getsockname
WSACancelAsyncRequest
WSAAsyncGetHostByAddr
WSAGetLastError

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

FindFirstFileA
GetVolumeInformationA
GetStringTypeExA
GetThreadLocale
FindClose
HeapFree
HeapReAlloc
HeapAlloc
SetEndOfFile
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
RtlUnwind
HeapSize
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetTimeZoneInformation
GetSystemTime
WriteFile
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalAlloc
LocalFree
GetModuleFileNameA
GetFileAttributesA
MulDiv
lstrlenA
GlobalAlloc
GetLastError
GlobalFree
CreateFileA
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
CloseHandle
GetProfileStringA
GetTickCount
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
SetErrorMode
GetCurrentDirectoryA
GetFullPathNameA
GetCPInfo
FindResourceExA
GetOEMCP
LocalReAlloc
GetProcessVersion
TlsGetValue
TlsFree
TlsSetValue
GlobalReAlloc
TlsAlloc
GlobalHandle
DeleteCriticalSection
WritePrivateProfileStringA
SizeofResource
GlobalFlags
SuspendThread
GetPrivateProfileStringA
GetPrivateProfileIntA
SetEvent
SetThreadPriority
ResumeThread
lstrcmpA
GetCurrentThread
lstrcpynA
CreateEventA
ReleaseMutex
CreateMutexA
InterlockedDecrement
InterlockedIncrement
lstrcatA
FreeLibrary
GetVersion
lstrcmpiA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
GlobalUnlock
lstrcpyA
GlobalLock
LoadResource
LockResource
FindResourceA
LeaveCriticalSection
LoadLibraryA
EnterCriticalSection
SetHandleCount
WideCharToMultiByte
InitializeCriticalSection
MultiByteToWideChar
GetVersionExA
SetLastError
GetProcAddress
CreateProcessA
CreateThread
GetModuleHandleA
WaitForSingleObject
Sleep
GetStdHandle
FormatMessageA
GetFileType
GetACP
TerminateProcess
ExitThread

user32

SetFocus
PeekMessageA
MapWindowPoints
SendDlgItemMessageA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
GetAsyncKeyState
MapDialogRect
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyMenu
PostQuitMessage
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
SetRectEmpty
IsZoomed
FindWindowA
PtInRect
GetSysColorBrush
LoadStringA
DeleteMenu
ReleaseCapture
WindowFromPoint
SetRect
CharUpperA
GetDCEx
LockWindowUpdate
SetCapture
SetParent
EqualRect
CopyRect
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
GetFocus
DispatchMessageA
IsChild
GetCapture
WinHelpA
RegisterClassA
TrackPopupMenu
ScreenToClient
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
wsprintfA
KillTimer
GetMenuItemCount
GetMenuItemID
IsWindowVisible
GetMenu
EnableMenuItem
PostMessageA
UpdateWindow
InflateRect
GetSystemMenu
GetMenuStringA
InsertMenuA
IsWindow
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetWindowRect
GetClassNameA
RedrawWindow
LoadCursorA
SetCursor
IsIconic
GetSystemMetrics
DrawIcon
MessageBoxA
GetParent
TranslateAcceleratorA
LoadAcceleratorsA
DestroyIcon
LoadMenuA
GetSubMenu
GetKeyState
EnableScrollBar
GetDC
ReleaseDC
LoadBitmapA
SetTimer
AdjustWindowRectEx
GetTopWindow
SetScrollPos
SetWindowPlacement
OffsetRect
GetSysColor
GetClassInfoA
GetClientRect
InvalidateRect
EnableWindow
DestroyCursor
GetDesktopWindow
SendMessageA
CreateCursor
SetClassLongA
LoadIconA
IsWindowEnabled
GetWindowLongA
GetDlgCtrlID
CharNextA
IsWindowUnicode
GetWindowThreadProcessId
MessageBeep
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
UnregisterClassA
DrawFrameControl
DrawFocusRect

gdi32

GetTextExtentPointA
CreateDIBitmap
Rectangle
CreateFontIndirectA
BitBlt
GetMapMode
StretchBlt
CreateBitmap
DPtoLP
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectA
SetTextColor
SetBkColor
GetClipBox
DeleteDC
CreateRectRgnIndirect
RestoreDC
SelectObject
SaveDC
SetBkMode
GetStockObject
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
IntersectClipRect
SelectClipRgn
GetTextExtentPoint32A
DeleteObject
CreateRectRgn
CreatePen
CreatePatternBrush
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
CombineRgn
LPtoDP
SetRectRgn
EnumFontFamiliesExA
PatBlt
GetTextMetricsA
GetDeviceCaps
CreateSolidBrush

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteA
ExtractIconExA

comctl32

DestroyPropertySheetPage
ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_ReplaceIcon
InitCommonControlsEx
ord17
PropertySheetA
ImageList_Destroy

Sections

.text
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 1004KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ba966e84d4982d8f633bf89f8edfa9ee

Headers

File Characteristics

Imports

wsock32

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 300KB - Virtual size: 299KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 60KB - Virtual size: 1004KB

.tls Size: 4KB - Virtual size: 264B

.rsrc Size: 60KB - Virtual size: 57KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 300KB - Virtual size: 299KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 60KB - Virtual size: 1004KB

.tls
Size: 4KB - Virtual size: 264B

.rsrc
Size: 60KB - Virtual size: 57KB

.rmnet
Size: 60KB - Virtual size: 60KB