fb549a5b8180f1ea64411cb3d7753eb0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb549a5b8180f1ea64411cb3d7753eb0_JaffaCakes118
Size

207KB
MD5

fb549a5b8180f1ea64411cb3d7753eb0
SHA1

a88bb812964da02611f5c743df9bf029d996863d
SHA256

8a6fb789aa136c75e7bcded3878981201b867ed0e414d776275f01eb8ceacb5b
SHA512

67f91430f314f8a2b5d449919edc6a44b0ac0456ecd99592be9b742a70486818e089903c1aef6147841a06862ef04bcdca2ee29f0cf2c07b6f2d9ae0d76003b2
SSDEEP

6144:HHBEs29f+0btKIwsRLqc2Nm46a49F6I4LPD+:HhEX9f+Otx9gNN6f7GLPD+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb549a5b8180f1ea64411cb3d7753eb0_JaffaCakes118

Files

fb549a5b8180f1ea64411cb3d7753eb0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

65333b519b424796d9112da092252a7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\ynmxqypepuJ\iRvlrXTokr\xcaigqrEuCjE\nkihDyfqem.pdb

Imports

msvcrt

fread
_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
isalnum
wcsstr
swscanf
strtoul
_initterm
realloc
_acmdln
calloc
iswprint
exit
strncpy
_ismbblead
strerror
wcstombs
fputs
ftell
iswspace
vsprintf
wcstol
iswalpha
sscanf
wcschr
_XcptFilter
malloc
_exit
_cexit
localtime
towlower
memset
fgetc
atol
isalpha
strpbrk
fwrite
mbtowc
clearerr
__setusermatherr
clock
fclose
__getmainargs
swprintf
wcsncpy
isxdigit
iswctype
gets

comdlg32

GetSaveFileNameA
ChooseFontW
PrintDlgExW
GetOpenFileNameA
PageSetupDlgW

kernel32

TlsSetValue
GetComputerNameW
GlobalGetAtomNameA
OpenEventA
GetLastError
GetUserDefaultLangID
VirtualQuery
CallNamedPipeW
CreateFileW
TryEnterCriticalSection
GetFileSize
GetCommState
CompareStringW
HeapValidate
EscapeCommFunction
SetErrorMode
lstrlenA
EnumSystemLocalesA
CreateDirectoryW
IsBadCodePtr
DeleteCriticalSection
GetFileAttributesA
GetModuleFileNameA
LocalUnlock
GetCommConfig
GetThreadTimes
GetSystemWindowsDirectoryW
EnterCriticalSection
SetCommTimeouts
FindClose
IsValidLanguageGroup
CreateEventW
ConnectNamedPipe
GetComputerNameExW
SetFileApisToOEM
GetTimeFormatW
GetThreadLocale
HeapUnlock
SetFilePointer
GetSystemDefaultUILanguage
GetModuleHandleA
HeapCreate
GlobalAddAtomA
ReleaseSemaphore
SetWaitableTimer
CreateDirectoryA
IsValidLocale
VirtualFree
GetShortPathNameW
GetSystemTimeAdjustment
LocalSize
GetNumberFormatW
GetTempPathA
ClearCommError
DeleteFileW
SuspendThread
GlobalLock
GetCommandLineW
RtlUnwind

user32

CopyImage
IsCharLowerA
ShowCaret
ShowCursor
CharUpperA
IsCharAlphaW
AppendMenuW
GetParent
FindWindowA
SetMenuItemInfoW
InternalGetWindowText
GetActiveWindow
OemToCharA
MapVirtualKeyA
CreateMenu
IsDlgButtonChecked
InsertMenuItemW
SetMenuItemBitmaps
RemovePropW
CharPrevA
EnumChildWindows
SetWindowRgn
InvertRect
SetWindowTextW
LoadStringW
ClientToScreen
SetScrollInfo
DestroyCursor
LoadMenuA
MessageBoxExA
ScrollWindowEx
SetScrollPos
GetClassLongW
CopyRect
AdjustWindowRect
PostQuitMessage
GetKeyState
GetWindowLongW
LoadMenuW
CheckMenuRadioItem
DrawFocusRect
MonitorFromRect
DrawTextExW
InvalidateRect
DeferWindowPos
GetWindowRect
ReplyMessage
TabbedTextOutW
GetWindowTextW
DrawIcon
GetMenuItemID
SetUserObjectInformationW
AdjustWindowRectEx
SetMenuDefaultItem
GetSystemMenu
DrawTextW
GetMonitorInfoW
SendInput
WaitMessage
EnumWindows
LoadStringA
DrawTextA
CopyAcceleratorTableW
SendMessageA
TrackPopupMenu
ToUnicodeEx
SystemParametersInfoW
CharLowerA
ShowScrollBar
MoveWindow
GetDialogBaseUnits
GetMessageTime
LoadImageA
EnableWindow
RedrawWindow
GetClipCursor
CharLowerBuffW
GetNextDlgTabItem
CreateCaret
GetKeyboardLayoutNameW
DestroyWindow
CreateAcceleratorTableW
InsertMenuA
SetPropW
ModifyMenuW
SetWindowPlacement
DefWindowProcA
GetCaretPos
GetWindowPlacement
SetCursorPos
FrameRect
GetUserObjectInformationW
ExitWindowsEx
MapDialogRect
GetSysColorBrush
CreateWindowExW
SetRect
LoadImageW
ArrangeIconicWindows
GetFocus
CharNextExA
GetDesktopWindow
LoadCursorA
InvalidateRgn
FillRect
GetMenuStringA
GetScrollRange
GetAsyncKeyState
InSendMessage
GetSystemMetrics
GetKeyboardLayoutList
WindowFromPoint
ScreenToClient
wsprintfW
GetClientRect
PtInRect
DefDlgProcA
DragObject
CharUpperBuffW
EndTask
FindWindowW
ChildWindowFromPoint
InSendMessageEx
EndDialog
IsWindowVisible

gdi32

TextOutW
WidenPath
CreateBitmap
GetTextAlign
ExtTextOutA
CreatePenIndirect
GetObjectW
GetBkMode
GetStockObject
PathToRegion
DPtoLP
TranslateCharsetInfo
StartDocW
SetDIBitsToDevice
CreateCompatibleBitmap
SaveDC
SetAbortProc
GetDIBits
StretchBlt
RectInRegion
OffsetRgn
SetMapMode
CreateFontW
EndPath
GetCharWidth32W
Ellipse
EnumFontsW
SetStretchBltMode
MoveToEx
GetClipBox
GetNearestColor
GetObjectA
CreateFontA
SetViewportOrgEx
StartPage
RestoreDC
SetLayout
BitBlt
GetSystemPaletteEntries
GetFontData
SetTextColor
Polyline
GetTextExtentPoint32W
SelectClipRgn
UnrealizeObject
CreatePatternBrush
EndDoc
GetTextMetricsW
ExcludeClipRect
GetDeviceCaps

comctl32

PropertySheetA
CreateToolbarEx
ImageList_SetIconSize
DestroyPropertySheetPage
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_GetIconSize

Exports

Exports

?DecrementObjectA@@IJXKDG@X
?CrtDateTimeA@@IJPAKJ@X
?RemoveFileW@@IJDPA_NPAEIH@X
?HideProviderExA@@IJPAXPAJ_N@X

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.import
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cfg1
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pcode
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cfg2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cfg3
Size: 512B - Virtual size: 465B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65333b519b424796d9112da092252a7d

Headers

File Characteristics

PDB Paths

Imports

msvcrt

comdlg32

kernel32

user32

gdi32

comctl32

Exports

Exports

Sections

.text Size: 126KB - Virtual size: 126KB

.import Size: 1KB - Virtual size: 1KB

.rdata Size: 6KB - Virtual size: 6KB

.cfg1 Size: 512B - Virtual size: 44B

.pcode Size: 13KB - Virtual size: 12KB

.cfg2 Size: 512B - Virtual size: 44B

.cfg3 Size: 512B - Virtual size: 465B

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 53KB - Virtual size: 52KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 126KB - Virtual size: 126KB

.import
Size: 1KB - Virtual size: 1KB

.rdata
Size: 6KB - Virtual size: 6KB

.cfg1
Size: 512B - Virtual size: 44B

.pcode
Size: 13KB - Virtual size: 12KB

.cfg2
Size: 512B - Virtual size: 44B

.cfg3
Size: 512B - Virtual size: 465B

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 53KB - Virtual size: 52KB

.reloc
Size: 2KB - Virtual size: 2KB