05b91bae61265ba958d08e32f8c297c6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

05b91bae61265ba958d08e32f8c297c6_JaffaCakes118
Size

91KB
MD5

05b91bae61265ba958d08e32f8c297c6
SHA1

e586d52d9c8cf69ee4cf81065a43529fca9d2527
SHA256

9f55f4c8ffee82c805f6c932d1caa1aa699fa2a8fa97bab25973b493b4728db7
SHA512

bd0f5ed8a03aea921fb42083e1b713ad16e1b13eb7dfb1c15e9ae4e807264bc7ac6d46d713926ae53f5268155f1675ce7ada15cc2b8ffa65604876020b6b9f44
SSDEEP

1536:CKpGmZV2YsjWo2MEbHdxa/fRYLzlbWNZSEGdsYeJUMZBriBrq4/TqPbebpH:nR2BWo2pb9SY/9WNZHGu5JfbWBrq4/Tr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05b91bae61265ba958d08e32f8c297c6_JaffaCakes118

Files

05b91bae61265ba958d08e32f8c297c6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ff6c109f778e36137660f6c3fe849ee9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\jbdplmrgp\cPENZjpjqW\JiyhhEdcqjtWeg\YywmpYVdaPw.pdb

Imports

comctl32

CreateToolbarEx
CreatePropertySheetPageW
CreateStatusWindowW
ImageList_GetImageCount
ImageList_Destroy
ImageList_LoadImageW

kernel32

HeapAlloc
GetCurrentDirectoryW
lstrcpynA
FindResourceExA
GetDateFormatA
CompareStringA
FileTimeToLocalFileTime
GetTickCount
DeleteFileW
LocalAlloc
EscapeCommFunction
FindFirstChangeNotificationW
IsValidLocale
SetFileApisToOEM
GetUserDefaultLCID
SetMailslotInfo
SetThreadAffinityMask
SearchPathA
IsBadCodePtr
HeapWalk
CreateWaitableTimerA
GetFileTime
FlushFileBuffers
GetModuleFileNameW
CreateRemoteThread
CreateNamedPipeW
LocalLock
GlobalMemoryStatus
GetTimeFormatA
GetComputerNameW
GlobalFindAtomW
GetLongPathNameW
CreateSemaphoreA
FreeLibrary
GetOverlappedResult
GetCommandLineW
MoveFileExW
FormatMessageA
SetEvent
LoadLibraryA
RemoveDirectoryA
SetFileAttributesA
IsDBCSLeadByte
GetStartupInfoW
ClearCommBreak
SleepEx
CreateFileMappingW
FindResourceW
WinExec
SuspendThread
GetFileSize
WriteFile
GetFileInformationByHandle
RaiseException
GetTimeZoneInformation

user32

GetWindow
LoadBitmapA
VkKeyScanW
DeleteMenu
ClientToScreen
DestroyWindow
SetRect
InSendMessage
InternalGetWindowText
GetIconInfo
GetClassInfoExW
CreateIconFromResource
CascadeWindows
GetClassNameW
SetDlgItemTextW
GetWindowRect
IsDialogMessageW
ReplyMessage
GetKeyNameTextW
IsMenu
CharPrevA
SystemParametersInfoA
SendDlgItemMessageA
EnumChildWindows
FrameRect
OemToCharA
BringWindowToTop
wsprintfA
ShowOwnedPopups
CharNextExA
GetMenuState
GetClassInfoW
IsWindowEnabled
DialogBoxParamW
IsDialogMessageA
DispatchMessageA
GetUpdateRect
ToUnicodeEx
ShowWindow
InvertRect
IsWindow
GetMessageTime
GetNextDlgGroupItem
GetScrollInfo
GetAsyncKeyState
DestroyCursor
ScreenToClient
DrawFocusRect
LoadIconA
GetDlgItem
CharLowerBuffW
GetClipCursor
LookupIconIdFromDirectory
SetDlgItemTextA
OpenIcon
GetWindowTextA
SetWindowLongA
SetRectEmpty
InvalidateRect
SetCursor
GetCursorPos
RegisterClassW
CreateMenu
CopyRect
GetForegroundWindow
TrackPopupMenu
ExitWindowsEx
CheckMenuItem
TranslateMessage
CharUpperA
GetMessageA
LoadStringA
KillTimer
AdjustWindowRectEx
RegisterWindowMessageW
GetSysColor
AdjustWindowRect
GetParent
GetCaretPos
SendMessageW
LoadBitmapW
EnumThreadWindows
ShowCaret
CheckDlgButton
GetClassLongW
InflateRect
MapVirtualKeyExW
DefFrameProcW
CharUpperBuffW
CharPrevW
FindWindowExA
SetFocus
GetScrollRange
GetMenuStringW
DestroyAcceleratorTable
GetWindowLongA
GetMessageExtraInfo
LoadImageW
CharToOemBuffA
SetWindowTextA
GetNextDlgTabItem
EndPaint
CreateCursor
mouse_event
GetMenu
MessageBoxExW
IsWindowUnicode
CreateWindowExW
MessageBoxW
OpenDesktopW
BeginPaint
HideCaret
RemovePropW
ChildWindowFromPointEx
IsRectEmpty
GetWindowTextLengthW
DestroyMenu
IsCharAlphaA
DefDlgProcW

msvcrt

system
strtoul
_controlfp
__set_app_type
qsort
tolower
iswdigit
isdigit
putc
__p__fmode
__p__commode
_amsg_exit
towupper
isprint
iswalpha
islower
atoi
_initterm
_ismbblead
strrchr
towlower
ungetc
iswxdigit
remove
_XcptFilter
isalpha
wcscpy
strpbrk
ftell
malloc
printf
strcpy
_exit
calloc
_cexit
isxdigit
__setusermatherr
__getmainargs
wcsncpy
sscanf
fprintf
putchar
isspace
fseek
perror
strerror
rand

Exports

Exports

?ExtractOptions@@YGK_KHE[D

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.div
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff6c109f778e36137660f6c3fe849ee9

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.idata Size: 6KB - Virtual size: 5KB

.edata Size: 512B - Virtual size: 182B

.div Size: 512B - Virtual size: 128B

.data Size: 2KB - Virtual size: 99KB

.rsrc Size: 122KB - Virtual size: 122KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.idata
Size: 6KB - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 182B

.div
Size: 512B - Virtual size: 128B

.data
Size: 2KB - Virtual size: 99KB

.rsrc
Size: 122KB - Virtual size: 122KB

.reloc
Size: 1KB - Virtual size: 1KB