fc6e3eec8ff7686e1a335ff488363c38_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc6e3eec8ff7686e1a335ff488363c38_JaffaCakes118
Size

145KB
MD5

fc6e3eec8ff7686e1a335ff488363c38
SHA1

af9d57516f4e88a4d9d2e06fb2efe59eef92895e
SHA256

d9eb59b3bb73a6810a70ea5b621310b36383d5d4c467596097ab8341206d0282
SHA512

ee7c7dc90e7457ae521928b5159a4cdb9e66870613110d1149078a830d3503a11999ad3af1029ac0a99ea59dd0d24db0627b1cd32ae154346a8f5638fcce9908
SSDEEP

3072:X/ELo3MrZqKXP9YX2SzWPrSF1aQDbrfBFBolrymwpXom:NpKfWX2SzW2FgerfB4lr0o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc6e3eec8ff7686e1a335ff488363c38_JaffaCakes118

Files

fc6e3eec8ff7686e1a335ff488363c38_JaffaCakes118
.dll windows:5 windows x86 arch:x86

047c8c879b2c6ccfb4612cbf7b8bfe77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\nsYhhYCzDsoSe\swzqvfpG\iQcxlph.pdb

Imports

user32

GetKeyboardType
keybd_event
GetUpdateRect
SendDlgItemMessageW
RegisterClassExW
AttachThreadInput
ShowWindowAsync
DrawIconEx
CharNextA
SetTimer
DrawStateA
GetWindow
GetWindowTextW
ModifyMenuW
BeginPaint
GetClassNameW
IsWindow
OpenDesktopW
GetIconInfo
SetMenuDefaultItem
GetDCEx
GetWindowTextLengthW
WaitForInputIdle
CharLowerBuffW
IsWindowVisible
CopyImage
GetClipCursor
OemToCharA
wsprintfW
CreateWindowExA
GetMessageExtraInfo
CreateCursor
GetDlgItemTextA
AdjustWindowRectEx
GetForegroundWindow
CreateDialogParamA
ShowCaret
CreateDialogParamW
SendMessageW
CreateMenu
SetDlgItemInt
GetWindowDC
SetMenuItemBitmaps

gdi32

TextOutA
CreateDCW
BitBlt
DeleteObject
RestoreDC
GetDIBits
GetDIBColorTable
CreateFontIndirectW
SelectObject
EndPage
SetViewportExtEx
EndDoc
GetPixel
PtInRegion
GetRgnBox
GetObjectA
CreatePenIndirect
CreateDIBSection

comdlg32

PrintDlgW
GetOpenFileNameW
GetFileTitleW
GetSaveFileNameA

shlwapi

ChrCmpIW
PathRemoveBlanksW
StrToIntA

kernel32

lstrcmpW
SetThreadExecutionState
SuspendThread
WaitForSingleObject
CreateEventA
SetFileAttributesW
GlobalLock
GlobalDeleteAtom
GetWindowsDirectoryW
IsBadStringPtrW
GetProcAddress
GetAtomNameA
TlsGetValue
LocalSize
SetThreadPriority
GlobalGetAtomNameW
RaiseException
GetModuleHandleW
FlushViewOfFile
SetFileAttributesA
GetSystemDirectoryA

msvcrt

_controlfp
strncpy
__set_app_type
__p__fmode
ftell
__p__commode
_amsg_exit
_initterm
wcscat
wcscpy
_acmdln
strrchr
exit
wcstoul
_ismbblead
fputc
mbtowc
strtoul
_XcptFilter
_exit
perror
_cexit
__setusermatherr
__getmainargs
strpbrk
clock

Exports

Exports

?KillWidthEx@@YGHPAM*Z
?OnSectionNew@@YGPAFM*Z
?RemoveData@@YGKJPAIPAJ*Z
?AddFilePathOriginal@@YG_NH*Z
?ValidateNameOld@@YGGHE*Z
?InsertMutexW@@YGXHK*Z
?ClosePointerOriginal@@YGG_NF*Z
?EnumAppNameW@@YGXFK*Z
?LoadProfile@@YGJPAK*Z
?EnumFilePathA@@YGXMPANJ*Z
?EnumScreen@@YGPAXIPAF*Z

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ditxt
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dimp
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbg
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dvr
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dpt
Size: 1024B - Virtual size: 561B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dcode
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbug
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

047c8c879b2c6ccfb4612cbf7b8bfe77

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

comdlg32

shlwapi

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 114KB - Virtual size: 113KB

.ditxt Size: 512B - Virtual size: 484B

.dimp Size: 2KB - Virtual size: 2KB

.dbg Size: 512B - Virtual size: 62B

.dvr Size: 512B - Virtual size: 140B

.dpt Size: 1024B - Virtual size: 561B

.dcode Size: 12KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 129KB

.dbug Size: 512B - Virtual size: 28B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 114KB - Virtual size: 113KB

.ditxt
Size: 512B - Virtual size: 484B

.dimp
Size: 2KB - Virtual size: 2KB

.dbg
Size: 512B - Virtual size: 62B

.dvr
Size: 512B - Virtual size: 140B

.dpt
Size: 1024B - Virtual size: 561B

.dcode
Size: 12KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 129KB

.dbug
Size: 512B - Virtual size: 28B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 2KB - Virtual size: 1KB