02f22e611075330d3d3697ecd389f748_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

02f22e611075330d3d3697ecd389f748_JaffaCakes118
Size

176KB
MD5

02f22e611075330d3d3697ecd389f748
SHA1

583ad611352374907cd9101b4b5e7081413b9995
SHA256

d946489f7c565ce84feeacf14cebc3aacde03a7d7540273480cb79fb69c8f315
SHA512

059507c364f3e589c16dbf86ebcaadcca66271dfd3e565d79141c6cc0a852475e0ed414272584dbb8fe93a87b6920a5abfa662a69104562f1953da0a0ad5b5c5
SSDEEP

3072:iVJkaEb57utoOECd63SQZSB+9eA9NqD+HBl2Lz5Fv+21/lHjTgjS0:cUzdI6fZSBMPNHCv+21RCS0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02f22e611075330d3d3697ecd389f748_JaffaCakes118

Files

02f22e611075330d3d3697ecd389f748_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b8061b83fbaff4da23e9074091696ff9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\TaHtweruvsrr\gAopcqacEeWk\DvndbrN.pdb

Imports

comdlg32

CommDlgExtendedError
ChooseColorW
PrintDlgExW
ChooseFontW

msvcrt

gmtime
iswprint
wcscspn
_controlfp
__set_app_type
getenv
__p__fmode
iswalpha
strcspn
__p__commode
_amsg_exit
iswxdigit
sscanf
_initterm
putchar
perror
wcstol
strncpy
_ismbblead
strpbrk
fflush
strtol
_XcptFilter
wcscoll
realloc
_exit
islower
isalpha
wcscat
fgets
isprint
mbstowcs
getc
_cexit
wcsstr
__setusermatherr
strcpy
printf
calloc
clock
__getmainargs
qsort
atol
wcschr
fwrite
strncmp
toupper

kernel32

FindResourceExW
SetNamedPipeHandleState
lstrcpynA
GetTempFileNameW
FindResourceW
LockFile
GetNumberFormatA
CreateDirectoryA
OpenSemaphoreW
LoadLibraryExA
LockResource
RemoveDirectoryA
OpenFile
IsDBCSLeadByte
GetBinaryTypeW
GetComputerNameExW
DefineDosDeviceW
GetAtomNameW
GetComputerNameExA
SetupComm
TlsFree
CompareStringA
CancelIo
lstrlenA
GlobalHandle
GetModuleFileNameA
SetFileAttributesW
DeleteFileW
SetEvent
CopyFileW
HeapFree
LocalAlloc
GetLocaleInfoW
GetThreadPriority
HeapUnlock
GetSystemDefaultLangID
CreateThread
GetModuleHandleA
SetThreadContext
SetEndOfFile
GlobalAddAtomA
GetSystemDirectoryW
LoadResource
GetVersionExA
GlobalMemoryStatus
SetCommMask
SizeofResource
IsBadCodePtr
Sleep
ReleaseSemaphore
SetLastError
CloseHandle
GetTickCount
UnhandledExceptionFilter
GetComputerNameW

comctl32

ImageList_ReplaceIcon
ImageList_Write
ImageList_GetImageCount
PropertySheetA
ImageList_AddMasked
ImageList_Create

user32

CopyAcceleratorTableW
GetFocus
DestroyAcceleratorTable
GetWindow
FillRect
IntersectRect
IsCharAlphaW
IsWindowVisible
CharLowerA
ShowWindow
MessageBoxExA
GetUserObjectInformationW
CallWindowProcW
GetScrollRange
LoadIconW
CreateWindowExA
CharUpperBuffA
GetMenuItemRect
SendMessageA
LoadStringW
WaitMessage
ReleaseDC
LoadAcceleratorsW
DrawFrameControl
MonitorFromPoint
SetDlgItemTextW
TileWindows
VkKeyScanW
EnumWindows
InvalidateRgn
LoadMenuA
RegisterWindowMessageA
keybd_event
ShowOwnedPopups
EnumChildWindows
GetForegroundWindow
GetWindowRect
TrackPopupMenuEx
SetMenuDefaultItem
DefDlgProcA
LoadStringA
IsMenu
ClipCursor
DrawAnimatedRects
CharToOemW
RegisterWindowMessageW
GetUpdateRgn
UpdateWindow
OpenIcon
DeferWindowPos
SetWindowLongA
wsprintfA
DrawTextExW
ScrollWindowEx
SetCursorPos
SetCursor
SetLastErrorEx
CharLowerBuffW
LoadImageW
DestroyWindow
WaitForInputIdle
wvsprintfA
VkKeyScanA
GetMenuItemInfoW
GetAsyncKeyState
ReplyMessage
CascadeWindows
FrameRect
CreatePopupMenu
SetActiveWindow
CheckRadioButton
FindWindowW
wvsprintfW
SendDlgItemMessageA
GetKeyNameTextW
EndDialog
GetClipCursor
DefFrameProcA
SetScrollInfo
TranslateMessage
ShowCaret
DefWindowProcW
SystemParametersInfoW
DefDlgProcW
GetDlgItemInt
PostQuitMessage
ScrollWindow
SendInput
CharNextExA
WindowFromPoint
ExitWindowsEx
InvertRect
LoadAcceleratorsA
GetMenuItemID
GetSysColorBrush
CreateIconIndirect
GetWindowLongA
RemovePropW
EndPaint
CharPrevA
InsertMenuA
GetDlgItemTextW
KillTimer
ToUnicodeEx
GetKeyboardLayoutList
GetWindowPlacement
DestroyCursor
DispatchMessageA
GetIconInfo
MapWindowPoints
GetCaretPos
DestroyMenu
SendMessageW
CharPrevW
SetRectEmpty
LoadIconA
SetUserObjectInformationW
GetWindowTextW
GetMenuState
IsCharAlphaA
GetUpdateRect
GetMonitorInfoW

Exports

Exports

?RegenerateMainValues@@YGKPBDDPAX:O

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.e_tab
Size: 512B - Virtual size: 125B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.redit
Size: 1KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i_tab
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.site
Size: 1024B - Virtual size: 609B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8061b83fbaff4da23e9074091696ff9

Headers

File Characteristics

PDB Paths

Imports

comdlg32

msvcrt

kernel32

comctl32

user32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 22KB

.e_tab Size: 512B - Virtual size: 125B

.redit Size: 1KB - Virtual size: 183KB

.data Size: 2KB - Virtual size: 1KB

.i_tab Size: 6KB - Virtual size: 5KB

.site Size: 1024B - Virtual size: 609B

.wdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 140KB - Virtual size: 140KB

.text
Size: 22KB - Virtual size: 22KB

.e_tab
Size: 512B - Virtual size: 125B

.redit
Size: 1KB - Virtual size: 183KB

.data
Size: 2KB - Virtual size: 1KB

.i_tab
Size: 6KB - Virtual size: 5KB

.site
Size: 1024B - Virtual size: 609B

.wdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 140KB - Virtual size: 140KB