04cf8b4e09e2f5fa15eb73af9fb8f7eb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

04cf8b4e09e2f5fa15eb73af9fb8f7eb_JaffaCakes118
Size

216KB
MD5

04cf8b4e09e2f5fa15eb73af9fb8f7eb
SHA1

fcfc52dd1629f94740f7f34d1ca3b6a9f69642f0
SHA256

b35c30095d7bf62fc1180412637018c3e6d58ce79bd979571e87936127530ce9
SHA512

520fd71eeae267d45f21052253ea1d133061d022e40e4df8304eafac2ebc10bb1d611ab73ba00c1af7f176c998b4b57d02ec328d9da42c99e1487341617fddf0
SSDEEP

6144:l8nBc0SqEl2BuWN33q3TC+UDRBoYr+IBZ:AcvQ8W13qu+UDRBuIB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04cf8b4e09e2f5fa15eb73af9fb8f7eb_JaffaCakes118

Files

04cf8b4e09e2f5fa15eb73af9fb8f7eb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e99fee0ecb5a35365a13756d41b39ffc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\MfptGDfxG\sodYhlh\iaRaPlCw.pdb

Imports

gdi32

CreatePatternBrush
SetStretchBltMode
SetViewportOrgEx
GetTextExtentPointW
Escape
GetTextExtentExPointW
Polygon
ExtTextOutW
DeleteObject
CreateDiscardableBitmap
CreateCompatibleDC
GetRgnBox
GetMapMode
SetPixel
EndPage
FillRgn
CreateBitmap
CreateDIBSection
CreatePalette
SetROP2
SetAbortProc
CreatePolygonRgn
ExtTextOutA
SetRectRgn
EndDoc
GetTextFaceW
SetBkMode
StretchBlt
RemoveFontResourceW
PtInRegion
CreateDIBitmap
ExcludeClipRect
GetCharWidth32W
GetObjectW
GetTextAlign

comdlg32

PageSetupDlgW
ChooseColorW
ChooseFontW
GetOpenFileNameA
GetOpenFileNameW

kernel32

GetCurrentThread
GetBinaryTypeA
GetProcAddress
IsDBCSLeadByteEx
EnumResourceNamesW
WaitForSingleObject
GetTickCount
GetCommProperties
FreeResource
CreateMutexA
DisconnectNamedPipe
HeapAlloc
GetNumberFormatA
GetSystemWindowsDirectoryA
SetSystemTime
BuildCommDCBAndTimeoutsW
GlobalMemoryStatusEx
SetupComm
SetErrorMode
FoldStringW
HeapCreate
GetModuleFileNameA
IsValidLocale
CreateFileA
ReleaseSemaphore
EscapeCommFunction
GetOEMCP
MoveFileExW
WriteFile
SetCurrentDirectoryW
EnumResourceTypesA
SleepEx
HeapFree
DuplicateHandle
lstrcpyW
EnumResourceNamesA
LocalUnlock
GetFileType
TlsFree
GetCurrentDirectoryW

comctl32

ImageList_Draw
ImageList_Write
ImageList_LoadImageW
PropertySheetW
ImageList_GetImageCount

user32

CharNextW
GetWindowDC
GetDlgCtrlID
MapVirtualKeyA
GetClassInfoExW
IsCharAlphaW
BringWindowToTop
ChangeMenuW
wsprintfA
DefDlgProcA
RegisterClassA
ReplyMessage
ScrollWindowEx
IsDialogMessageA
GetClassInfoExA
CheckRadioButton
GetMenuCheckMarkDimensions
MapDialogRect
EndPaint
SetForegroundWindow
DialogBoxParamA
SendMessageW
LoadMenuA
CheckMenuItem
IsDialogMessageW
SystemParametersInfoW
ExitWindowsEx
LookupIconIdFromDirectory
SetWindowTextW
OpenDesktopW
OpenInputDesktop
SendDlgItemMessageA
SetDlgItemTextW
ShowScrollBar
TranslateAcceleratorA
BeginDeferWindowPos
TileWindows
HiliteMenuItem
AdjustWindowRect
GetWindow
RemoveMenu
GetUserObjectInformationW
DefFrameProcA
GetWindowTextLengthW
DrawAnimatedRects
DestroyWindow
GetKeyState
ShowCursor
DestroyCursor
SetWindowRgn
DestroyIcon
SetWindowPos
RedrawWindow
GetScrollRange
CallWindowProcW
GetMessageExtraInfo
GetWindowLongA
EqualRect
LoadAcceleratorsA
FindWindowA
InvertRect
CreateWindowExA
GetClientRect
DrawTextW
GetPropW
SetLastErrorEx
EnableMenuItem
CopyAcceleratorTableW
SetDlgItemTextA
CharUpperA
MonitorFromPoint
DialogBoxParamW
DrawIcon
GetClassInfoA
SendMessageTimeoutW
TranslateAcceleratorW
CreateAcceleratorTableW
SetTimer
DialogBoxIndirectParamA
SetPropW
SetMenuItemBitmaps
GetMenuStringA
IsWindowVisible
GetTopWindow
CreateDialogIndirectParamW
GetKeyNameTextW

msvcrt

perror
tolower
_controlfp
fflush
__set_app_type
atoi
__p__fmode
__p__commode
wcstok
realloc
_amsg_exit
gets
_initterm
mbtowc
system
fread
_acmdln
isspace
toupper
strtok
exit
mktime
_ismbblead
_XcptFilter
fputc
strtoul
_exit
_cexit
strspn
__setusermatherr
strtol
sscanf
__getmainargs
strncpy
fclose
islower
rand
wcscoll
wcstombs

Exports

Exports

?WaitForMultipleObjectsIUIUDSiuld@@YGKEPA_WG@Z
?WaitForMultipleObjectsJUDiuDLIJU@@YGKEPA_WG@Z
?WaitForMultipleObjectsUYDyudkjh@@YGKEPA_WG@Z
?WaitForSingleObjectYDEyuhgDU6d@@YGKEPA_WG@Z

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e99fee0ecb5a35365a13756d41b39ffc

Headers

File Characteristics

PDB Paths

Imports

gdi32

comdlg32

kernel32

comctl32

user32

msvcrt

Exports

Exports

Sections

.text Size: 77KB - Virtual size: 77KB

.data Size: 18KB - Virtual size: 18KB

.rdata Size: 2KB - Virtual size: 62KB

.rsrc Size: 115KB - Virtual size: 114KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 77KB - Virtual size: 77KB

.data
Size: 18KB - Virtual size: 18KB

.rdata
Size: 2KB - Virtual size: 62KB

.rsrc
Size: 115KB - Virtual size: 114KB

.reloc
Size: 2KB - Virtual size: 1KB