037bce470300b2b3c93ad6edd92aa277_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

037bce470300b2b3c93ad6edd92aa277_JaffaCakes118
Size

175KB
MD5

037bce470300b2b3c93ad6edd92aa277
SHA1

50d1920a3006c51108d90a4e583638bdb1c17ac5
SHA256

cd91ff36df560fb018b5582e15bf6e98484e4e2fa0dd0e801ca670d6b5fdfeb5
SHA512

38d2d541d20b75585546652efc4a60fd184990b7349cd0413c4bdb4d781df73c0db30ded664ca6c8d329c297832c38df863f25be36c0eca7588c3dc35dc6a033
SSDEEP

3072:sAYAFfvwCbBLziVsbFtnKIrCGdfCGnCILVRlENe7bE3ZKRWeGCjSvK4B5z9S8:sTARJbBLtbFtKNGBCGCIPlNWebjSy4PN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
037bce470300b2b3c93ad6edd92aa277_JaffaCakes118

Files

037bce470300b2b3c93ad6edd92aa277_JaffaCakes118
.exe windows:5 windows x86 arch:x86

607629eaf0487508de3898259127321a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\iOasaqu\unhkjqe\hxaRkyn\iuwIqxrYjfb.pdb

Imports

shlwapi

StrToIntW

user32

RegisterWindowMessageA
GetKeyboardLayout
EndPaint
RegisterClassW
MapVirtualKeyA
InsertMenuW
LoadStringW
LoadMenuW
SetFocus
CreateWindowExA
InSendMessage
WindowFromPoint
CreateWindowExW
RedrawWindow
GetParent
EnumThreadWindows
SendInput
LoadIconA
DestroyMenu
ReleaseDC
DestroyCursor
CreateIconIndirect
IsWindowUnicode
FindWindowExW
wvsprintfA
BeginDeferWindowPos
EnableMenuItem
GetClassInfoA
SetWindowLongW
ReplyMessage
SendMessageW
MessageBoxA
IsDlgButtonChecked
SetClassLongW
GetWindowRect
SetWindowPos
MessageBoxExA
DialogBoxIndirectParamW
GetNextDlgGroupItem
DestroyAcceleratorTable
GetDCEx
ScrollWindow
GetSystemMetrics
ShowWindowAsync
IsCharLowerA
SetScrollPos
GetWindowTextA
DialogBoxParamW
MonitorFromPoint
DrawIconEx
FindWindowA
GetSystemMenu
ClientToScreen
CharLowerW
GetClassInfoW
VkKeyScanW
CheckRadioButton
CharUpperBuffW
GetClassLongA
DrawTextA
IsCharAlphaW
GetAsyncKeyState
keybd_event
DefFrameProcW
CharNextW
GetDoubleClickTime
wsprintfA
MoveWindow
GetMenuItemCount
DrawTextW
ShowWindow
GetMessageTime
GetKeyboardLayoutList
SetMenuDefaultItem
CopyImage
ShowScrollBar
IsMenu
LoadImageW
DestroyWindow
GetDlgItemInt
CreateDialogParamA
MapVirtualKeyExW
RegisterClassA
GetActiveWindow
GetWindowDC
PostMessageW
EqualRect
GetMessageA
TileWindows
LoadImageA
GetWindowTextLengthW
SystemParametersInfoW
SetParent
AppendMenuW
GetWindowPlacement
InSendMessageEx
GetMenu
DrawStateW
CharUpperBuffA
PeekMessageA
TranslateAcceleratorA
SetDlgItemTextA
CharUpperW
GetMenuCheckMarkDimensions
GetClientRect
PostMessageA
DrawEdge
GetMessagePos
OemToCharBuffA
CharLowerBuffW
SetSysColors
RegisterHotKey
GetWindowLongA
AttachThreadInput
IsIconic
InsertMenuA
SendMessageTimeoutA
TranslateMessage
DefFrameProcA
RemovePropW
DestroyIcon

msvcrt

fwrite
wcscoll
_controlfp
realloc
wcstol
time
toupper
strncpy
__set_app_type
__p__fmode
__p__commode
_amsg_exit
wcspbrk
putchar
sprintf
malloc
rand
putc
localtime
_initterm
isalpha
iswdigit
qsort
wcsrchr
wcstod
strcoll
clearerr
_ismbblead
towlower
fseek
swprintf
iswprint
iswxdigit
_XcptFilter
_exit
iswspace
_cexit
iswalpha
__setusermatherr
atoi
strtok
isdigit
wcsncmp
isupper
getc
__getmainargs
setvbuf

kernel32

LoadLibraryA
SetNamedPipeHandleState
DeleteCriticalSection
FindResourceA
EnterCriticalSection
lstrlenA
MoveFileA
SizeofResource
OpenEventA
SetLastError
CreateDirectoryW
HeapAlloc
GetFileTime
GetTempPathA
GetThreadContext
GetCompressedFileSizeW
CreateDirectoryA
GetModuleHandleA
SearchPathW
CreateWaitableTimerW
FindResourceW
TlsGetValue
IsDBCSLeadByte
HeapSize
SetMailslotInfo
FindFirstFileA
GetShortPathNameA
LockFile
LocalSize
CreateSemaphoreA
CreateFileW
SetCommMask
SetThreadContext
CreateFileMappingW
GetLocalTime
FileTimeToLocalFileTime
PulseEvent
VirtualFree
lstrcpyW
QueryPerformanceCounter
GetFileAttributesExA
SetPriorityClass
GetCurrentThread
CreateNamedPipeA
GlobalAddAtomW
CreatePipe
LockResource
TryEnterCriticalSection
SuspendThread
GlobalAlloc
GetLastError
GetCurrentThreadId
HeapFree
LCMapStringW
LocalFree
SetFilePointer

Exports

Exports

?GetShiftAltInfo@@YGK_KHE:O

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bit
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.insec
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.inmin
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wall
Size: 512B - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

607629eaf0487508de3898259127321a

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.bit Size: 1KB - Virtual size: 1KB

.insec Size: 6KB - Virtual size: 5KB

.inmin Size: 512B - Virtual size: 86B

.wall Size: 512B - Virtual size: 258KB

.zdata Size: 12KB - Virtual size: 12KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 142KB - Virtual size: 141KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 7KB

.bit
Size: 1KB - Virtual size: 1KB

.insec
Size: 6KB - Virtual size: 5KB

.inmin
Size: 512B - Virtual size: 86B

.wall
Size: 512B - Virtual size: 258KB

.zdata
Size: 12KB - Virtual size: 12KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 142KB - Virtual size: 141KB

.reloc
Size: 1KB - Virtual size: 1KB