04688e634138bf8253a0aecc34c22a0c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

04688e634138bf8253a0aecc34c22a0c_JaffaCakes118
Size

69KB
MD5

04688e634138bf8253a0aecc34c22a0c
SHA1

423c260cd0e1123d09f6fa10378ea1502dbe306d
SHA256

d79ae53fa98479bbdbeb5e5e8910c8956ba1753b4aaa1164ff9e9e6cb4c52da5
SHA512

b2a71ddb9c02cce16a85253092a65e5307030cfdfc2901010417bcb5fccfd7af5e12e710b81f8d0550f81db8c4c00f8382f4493fea83dd0c7290d3fdcc918b14
SSDEEP

1536:vS82PTq5D1j3LmcYzXqQxTrxC8reIhAranYej9f8amH:vStPT81fUz6CCIWranY7R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04688e634138bf8253a0aecc34c22a0c_JaffaCakes118

Files

04688e634138bf8253a0aecc34c22a0c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

125075530cc86e79905611f16d3b59ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

P:\fsaRcgjrmAW\xllfxiFntNwtr\yFvoqtkj\rXpZFviFcPB.pdb

Imports

user32

RegisterClassExW
MessageBoxExA
ShowWindowAsync
MessageBoxExW
DrawAnimatedRects
DefFrameProcA
CreateAcceleratorTableW
GetDlgItemTextA
SendNotifyMessageW
TranslateMessage
keybd_event
SendMessageA
GetClientRect
LoadAcceleratorsW
IsWindow
GetMenu
CharUpperW
DefDlgProcA
GetDlgItemTextW
LookupIconIdFromDirectory
SystemParametersInfoA
CharPrevA
ActivateKeyboardLayout
GetMonitorInfoW
IsCharAlphaW
SendMessageTimeoutA
ScrollWindow
CharLowerBuffW
DrawFrameControl
SystemParametersInfoW
LockWindowUpdate
CharPrevW
InvertRect
IsWindowVisible
RegisterWindowMessageA
DestroyAcceleratorTable
CharNextW
RegisterClassA
TabbedTextOutW
GetMenuItemInfoW
VkKeyScanW
SetClassLongW
MapDialogRect
ReplyMessage
GetUserObjectInformationW
GetDlgItemInt
GetCursorPos
CascadeWindows
SetCursor
SetUserObjectInformationW
GetActiveWindow
FindWindowA
GetKeyboardLayoutNameW
GetSubMenu
IsCharUpperA
RegisterClassExA
UpdateWindow
EnumThreadWindows
ScrollWindowEx
GetSystemMetrics
GetClassInfoW
CallWindowProcA
PostMessageA
CreateDialogParamW
wvsprintfA
DrawTextExW
SetTimer
PostMessageW
DispatchMessageA
SendMessageW
IsRectEmpty
CheckDlgButton
DrawIconEx
BeginDeferWindowPos
DestroyCaret
CloseDesktop
FillRect
GetDlgCtrlID
InsertMenuItemW
ExitWindowsEx
GetMenuItemCount
CheckRadioButton
DialogBoxIndirectParamA
SetMenuItemBitmaps
WindowFromPoint
ShowOwnedPopups
TranslateAcceleratorW
CharNextA
TranslateAcceleratorA
MapVirtualKeyW
FrameRect
InSendMessageEx
CheckMenuRadioItem
GetFocus
GetForegroundWindow
GrayStringW
GetMenuItemID
DrawStateW
GetUpdateRect
InsertMenuW
MoveWindow
GetWindowLongA
OemToCharA
GetCaretPos
FindWindowExA
LoadStringA
LoadIconA
PostThreadMessageW
RegisterHotKey
ModifyMenuW
RegisterWindowMessageW
MonitorFromPoint
ShowScrollBar
GetClipCursor
CheckMenuItem
IsWindowUnicode
CharToOemA
DrawTextW
InternalGetWindowText
TileWindows
IsDlgButtonChecked
LoadIconW

msvcrt

_controlfp
__set_app_type
strncmp
system
atoi
remove
wcspbrk
wcscpy
__p__fmode
fflush
floor
__p__commode
puts
bsearch
mbtowc
strtol
_amsg_exit
_initterm
wcstol
strcoll
strerror
realloc
iswprint
iswctype
malloc
isdigit
_ismbblead
_XcptFilter
_exit
memset
_cexit
wcsncmp
gets
__setusermatherr
isalnum
iswdigit
mktime
vsprintf
free
atol
strstr
wcsncpy
strchr
swprintf
fprintf
__getmainargs
wcsrchr
srand
towlower
strspn

shlwapi

PathIsUNCA

kernel32

SetErrorMode
SetupComm
GlobalUnlock
CreateWaitableTimerA
SleepEx
GetSystemWindowsDirectoryA
CreateMailslotW
GetOEMCP
SetHandleCount
MapViewOfFile
CreateMutexA
GetModuleFileNameA
GetUserDefaultUILanguage
FreeResource
GetWindowsDirectoryW
AddAtomA
OpenFileMappingA
GetFileAttributesExA
GetThreadPriority
SetFileTime
GlobalMemoryStatus
lstrlenW
SetFileAttributesA
GlobalFlags
GetComputerNameA
HeapWalk
GetVersionExW
lstrcpyA
GlobalHandle
SetUnhandledExceptionFilter
LocalFree
WaitForMultipleObjectsEx
GetCommConfig
IsDBCSLeadByteEx
GetFullPathNameW
GetFileSize
CompareFileTime
HeapFree
lstrlenA
GetCurrentDirectoryW
CreateDirectoryW
SetMailslotInfo
SetCommTimeouts
CreateEventA
FindResourceExA
HeapValidate
SetFilePointer
FindResourceExW
GetNumberFormatA
SetSystemTimeAdjustment
GetStartupInfoW
GetThreadLocale
VerifyVersionInfoW
FormatMessageA
GetComputerNameExW

comdlg32

CommDlgExtendedError
GetSaveFileNameW
GetFileTitleW
FindTextW
ReplaceTextW
GetSaveFileNameA

Exports

Exports

?ForwardControlItem@@YGK_KK:O

Sections

.itext
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ips1
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips2
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.read
Size: 512B - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ips3
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips4
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

125075530cc86e79905611f16d3b59ac

Headers

File Characteristics

PDB Paths

Imports

user32

msvcrt

shlwapi

kernel32

comdlg32

Exports

Exports

Sections

.itext Size: 21KB - Virtual size: 21KB

.ips1 Size: 6KB - Virtual size: 6KB

.ips2 Size: 512B - Virtual size: 88B

.read Size: 512B - Virtual size: 36KB

.ips3 Size: 512B - Virtual size: 192B

.data Size: 3KB - Virtual size: 2KB

.ips4 Size: 10KB - Virtual size: 9KB

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 23KB - Virtual size: 23KB

.reloc Size: 2KB - Virtual size: 1KB

.itext
Size: 21KB - Virtual size: 21KB

.ips1
Size: 6KB - Virtual size: 6KB

.ips2
Size: 512B - Virtual size: 88B

.read
Size: 512B - Virtual size: 36KB

.ips3
Size: 512B - Virtual size: 192B

.data
Size: 3KB - Virtual size: 2KB

.ips4
Size: 10KB - Virtual size: 9KB

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 23KB - Virtual size: 23KB

.reloc
Size: 2KB - Virtual size: 1KB