0617ac99b5b9a085f041b7c4876051e3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0617ac99b5b9a085f041b7c4876051e3_JaffaCakes118
Size

233KB
MD5

0617ac99b5b9a085f041b7c4876051e3
SHA1

534775d3d6e5968a183dbf7ffb83d00775d76fc6
SHA256

1447a4805049163e80971936e33c88210a1878da3536cdf34694e26292283ade
SHA512

39276126baf7f57eca2f1e4754730aa457f644e811e3b1ede964f037aa55b2f075b6e8ec872cd631ba8c498c8cd41663476e7a2c7f990fd2fa1a0b63f94c1a61
SSDEEP

3072:oq44+GAr0KFV78ioFq9YNvSD/2dP15lCPZ3k/Bw8lx3dQYo6BHO7vhQHSNtPtC9L:r/whCslsRCRKnyYo6pO7pfJtCuLL4D

Score

1^/10

Malware Config

Signatures

Files

0617ac99b5b9a085f041b7c4876051e3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bbc8bcf6750e765a0ede7c8943f21f94

Code Sign

8e:fe:32:23:f4:2f:38:70:e5:b7:22:5e:bb:39:59:5e:61:be:b3:96
Signer

Actual PE Digest

8e:fe:32:23:f4:2f:38:70:e5:b7:22:5e:bb:39:59:5e:61:be:b3:96

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\wQkZkySwsFh\wIsfwrnt\qvvidlyxxnxx\mhiduhMmjtx\RvUqgvf.pdb

Imports

msvcrt

getc
strcpy
clock
_controlfp
qsort
__set_app_type
swscanf
isspace
tolower
wcstombs
isxdigit
__p__fmode
wcstol
isupper
__p__commode
wcsncmp
strncmp
swprintf
isdigit
_amsg_exit
localtime
gmtime
malloc
strtoul
_initterm
fgets
fputc
_ismbblead
getenv
_vsnwprintf
_XcptFilter
isalpha
isalnum
_exit
_cexit
rand
towlower
srand
__setusermatherr
iswctype
floor
putchar
fclose
__getmainargs
strchr
iswdigit
mbstowcs
strerror

comctl32

CreatePropertySheetPageW
PropertySheetA
ImageList_GetIcon
ImageList_Write
CreatePropertySheetPageA
ImageList_Destroy

kernel32

MoveFileExW
GlobalMemoryStatusEx
ConnectNamedPipe
ConvertDefaultLocale
GetStringTypeExW
GlobalSize
VirtualProtect
CreateFileW
MapViewOfFile
IsValidLocale
FileTimeToSystemTime
CreateNamedPipeA
GetWindowsDirectoryA
GetWindowsDirectoryW
GetThreadLocale
GetHandleInformation
GetModuleHandleA
SetHandleInformation
GetUserDefaultLangID
HeapLock
FoldStringW
GetSystemWindowsDirectoryW
SetCommState
CreateThread
lstrcmpA
GetCommTimeouts
SetSystemTimeAdjustment
GetBinaryTypeA
CompareStringW
CreateNamedPipeW
SetErrorMode
GetOEMCP
SetThreadContext
FindNextFileW
lstrcatA
CreateWaitableTimerW
Sleep
GetModuleFileNameA
GetFileInformationByHandle
ReleaseSemaphore
GlobalUnlock
SetEvent
DeleteAtom
HeapAlloc
CreateRemoteThread
GetLocaleInfoA
GetModuleHandleW
LocalUnlock
GetAtomNameW
VerSetConditionMask
SetCommMask
GetTimeFormatA
QueryPerformanceCounter
HeapWalk
CompareStringA

user32

CharNextExA
CharUpperBuffW
RemoveMenu
OffsetRect
DialogBoxIndirectParamA
SetDlgItemInt
LookupIconIdFromDirectory
IntersectRect
FindWindowA
SetWindowTextW
LoadBitmapW
GetSysColor
SetScrollInfo
DestroyWindow
DrawAnimatedRects
GetScrollRange
SendMessageTimeoutW
DrawFocusRect
SendDlgItemMessageW
InvalidateRgn
SetCursor
GetSubMenu
RegisterClassExA
LoadAcceleratorsA
SetWindowPlacement
DrawFrameControl
DrawEdge
LoadIconA
LoadImageW
GetKeyboardLayoutList
GetWindow
CheckMenuItem
InvertRect
GetWindowTextW
RemovePropW
GetNextDlgTabItem
GetNextDlgGroupItem
BeginDeferWindowPos
AppendMenuW
CloseDesktop
CharUpperA
SendDlgItemMessageA
GetMenu
SendMessageW
MessageBoxW
IsDialogMessageA
GetWindowLongW
GetClassInfoW
TranslateAcceleratorA
GetCursorPos
GetWindowLongA
IsZoomed
CreateWindowExW
CallWindowProcW
OpenDesktopW
GrayStringW
GetIconInfo
IsChild
MapVirtualKeyA
AdjustWindowRectEx
TranslateMessage
HideCaret
PostMessageA
MessageBoxExA
SetMenu
RegisterWindowMessageW
GetClassNameW
WaitForInputIdle
CheckMenuRadioItem
CharLowerW
CreateAcceleratorTableW
GetDlgItemTextW
CreateWindowExA
FindWindowExW
InvalidateRect
TrackPopupMenuEx
DrawIconEx
GetKeyboardLayout
GetWindowTextLengthW
MapDialogRect
SetLastErrorEx
IsCharUpperA
ChangeMenuW
InsertMenuW
IsCharAlphaA
GetUserObjectInformationA
IsWindow
wsprintfW
GetAsyncKeyState
EnumWindows
IsIconic
CheckRadioButton
GetMenuItemCount
ScrollWindowEx
SetWindowPos
CreateCursor
CharNextW
InflateRect
CharNextA
DispatchMessageA
RegisterClassW
wvsprintfW
CopyRect
DrawStateA
ShowCaret
EnumChildWindows
SetParent
GetMenuItemInfoW
PeekMessageA
ClientToScreen
ShowOwnedPopups
GetMenuItemID
EndPaint
GetMessageExtraInfo
CharToOemBuffA
GetSysColorBrush
ArrangeIconicWindows
SetDlgItemTextA
SendMessageTimeoutA
GetMenuCheckMarkDimensions

shlwapi

UrlGetPartW

Exports

Exports

?CreatDlgItemList@@YGKPBDDPAX:O

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cexp
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.regs
Size: 1KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.citab
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.$dbug
Size: 512B - Virtual size: 113B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lime
Size: 512B - Virtual size: 297B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdat
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbc8bcf6750e765a0ede7c8943f21f94

Code Sign

8e:fe:32:23:f4:2f:38:70:e5:b7:22:5e:bb:39:59:5e:61:be:b3:96Signer

Headers

File Characteristics

PDB Paths

Imports

msvcrt

comctl32

kernel32

user32

shlwapi

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 22KB

.cexp Size: 512B - Virtual size: 93B

.regs Size: 1KB - Virtual size: 163KB

.data Size: 2KB - Virtual size: 1KB

.citab Size: 6KB - Virtual size: 5KB

.$dbug Size: 512B - Virtual size: 113B

.lime Size: 512B - Virtual size: 297B

.tdat Size: 512B - Virtual size: 192B

.rsrc Size: 196KB - Virtual size: 195KB

8e:fe:32:23:f4:2f:38:70:e5:b7:22:5e:bb:39:59:5e:61:be:b3:96
Signer

.text
Size: 23KB - Virtual size: 22KB

.cexp
Size: 512B - Virtual size: 93B

.regs
Size: 1KB - Virtual size: 163KB

.data
Size: 2KB - Virtual size: 1KB

.citab
Size: 6KB - Virtual size: 5KB

.$dbug
Size: 512B - Virtual size: 113B

.lime
Size: 512B - Virtual size: 297B

.tdat
Size: 512B - Virtual size: 192B

.rsrc
Size: 196KB - Virtual size: 195KB