07cc57d1caba04461eec6b46918b224c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07cc57d1caba04461eec6b46918b224c_JaffaCakes118
Size

141KB
MD5

07cc57d1caba04461eec6b46918b224c
SHA1

f72934100073989182a171f62eb359f14c1d29e7
SHA256

6a43a142ee04b016f445dc76d13d9dabb88fe1a448d53034e44d46280a87be91
SHA512

8953be3f85b0162fb7bc402f2a497354e15d7c5adf2753a91a4e48bfe04af951d752ed64567c3c11de5428fe15288c9f8c2c057a5967e9d464b0fe54f4f069a4
SSDEEP

3072:As2c1rP5eptOoWiDahkZwiGmKm83Ngt1Nu+1/1eUj:BRejpdZwZAtTF1eY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07cc57d1caba04461eec6b46918b224c_JaffaCakes118

Files

07cc57d1caba04461eec6b46918b224c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d754c17ca305f4bc223520a45d7dc0c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

P:\jiGtgImGNd\umAJdKqMdwybhh\RWvukQqBY\oqjyeCVkde\KsppexvrnRIlt.pdb

Imports

comdlg32

PageSetupDlgW
PrintDlgExW
ChooseColorW
GetFileTitleW
ChooseFontW
PrintDlgW

kernel32

SetMailslotInfo
DeleteAtom
GetAtomNameW
SetPriorityClass
FindResourceExW
CreateFileA
HeapLock
lstrlenA
GetModuleHandleA
SetThreadAffinityMask
FindResourceW
CreateEventW
FoldStringW
OpenFileMappingW
ConnectNamedPipe
WaitForMultipleObjectsEx
GlobalAddAtomA
GetTickCount
RegisterWaitForSingleObject
SetCurrentDirectoryA
GetSystemDefaultLangID
FindFirstFileW
FreeLibrary
EnumSystemLocalesA
CreateRemoteThread
GetModuleFileNameA
lstrcatW
HeapSize
IsBadWritePtr
LoadLibraryExW
GlobalAddAtomW
GetACP
MoveFileA
LoadLibraryExA
LoadResource
OpenEventA
SetThreadExecutionState
GetCommandLineA
lstrcpynA
FindNextFileA
SearchPathA
GetTimeFormatA
LCMapStringA
GlobalLock
DefineDosDeviceW
GetCurrentThread
HeapValidate
IsBadReadPtr
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
UnhandledExceptionFilter
ReleaseSemaphore
CompareStringA
lstrcmpiA
CompareFileTime
AddAtomW
GetLongPathNameW

user32

GetDoubleClickTime
GetActiveWindow
DefWindowProcA
DrawIcon
GetMenuItemCount
ShowWindowAsync
LoadImageA
GetDlgItemInt
IsDlgButtonChecked
ExitWindowsEx
wvsprintfA
ModifyMenuW
ArrangeIconicWindows
CharNextExA
IsChild
ValidateRect
CheckMenuItem
TileWindows
DrawTextExW
CheckRadioButton
GetForegroundWindow
SetTimer
LoadCursorA
DragObject
DrawStateW
CallWindowProcA
InvalidateRgn
OpenDesktopW
UpdateWindow
SetSysColors
LoadBitmapA
InvalidateRect
OpenInputDesktop
IsCharAlphaA
SetWindowTextA
GetKeyNameTextW
FindWindowExA
DrawTextA
MapWindowPoints
MessageBoxExW
GetDlgItem
SetMenuItemBitmaps
GetKeyboardLayoutList
GetClassLongA
GetShellWindow
CreateMenu
IsCharAlphaNumericW
KillTimer
GetMenuStringA
VkKeyScanA
ActivateKeyboardLayout
CheckDlgButton
CharLowerA
GetMonitorInfoW
CreateIconFromResource
PostMessageA
DestroyWindow
CopyAcceleratorTableW
EnableWindow
EnumChildWindows
GetWindowLongA
ShowOwnedPopups
LookupIconIdFromDirectory
IsIconic
GetClientRect
GrayStringW
HideCaret
SetScrollInfo
ScrollWindowEx
TabbedTextOutW
GetMenuCheckMarkDimensions
ReleaseDC
IntersectRect
FindWindowA
GetClassInfoExA
IsCharLowerA
GetSubMenu
DrawAnimatedRects
DestroyAcceleratorTable
EnumWindows
EndDialog
GetWindowTextW
FrameRect
DefWindowProcW
RegisterClassExA
MapDialogRect
GetClassInfoExW
SetClassLongW
GetDCEx
BeginDeferWindowPos
SetForegroundWindow
GetWindowTextLengthW
CharNextW
MapVirtualKeyA
CreateAcceleratorTableW
IsDialogMessageW
ToUnicodeEx
GetPropW
GetClassLongW
EnumThreadWindows
AdjustWindowRect
wvsprintfW
TranslateAcceleratorA
SetDlgItemTextW
GetClipCursor
DefFrameProcW
GetScrollRange
VkKeyScanW
keybd_event
SendDlgItemMessageW
SetWindowTextW
GetScrollInfo
GetMessageExtraInfo
CharPrevW
EndPaint
TrackPopupMenuEx
SendInput
InsertMenuW
GetClassInfoA
SetCursor
GetNextDlgGroupItem
CreatePopupMenu
SendMessageA
AppendMenuA

msvcrt

isdigit
wcscspn
_controlfp
wcscat
__set_app_type
system
clock
__p__fmode
__p__commode
isalpha
wcsrchr
wcsstr
vswprintf
mbstowcs
wcscoll
gmtime
isalnum
_amsg_exit
localtime
rand
putchar
wcstol
strchr
setvbuf
sprintf
_initterm
_ismbblead
tolower
mbtowc
printf
isspace
swscanf
bsearch
fflush
_XcptFilter
_exit
sscanf
_cexit
fgetc
realloc
setlocale
strcspn
__setusermatherr
ftell
wcscpy
__getmainargs
wcstok

Exports

Exports

?RegenerateMainValues@@YGKPBDDPAX:O

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.emnar
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fire
Size: 1KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imper
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wchar
Size: 1024B - Virtual size: 738B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d754c17ca305f4bc223520a45d7dc0c9

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 22KB

.emnar Size: 512B - Virtual size: 126B

.fire Size: 1KB - Virtual size: 123KB

.data Size: 2KB - Virtual size: 1KB

.imper Size: 6KB - Virtual size: 5KB

.wchar Size: 1024B - Virtual size: 738B

.wdata Size: 1024B - Virtual size: 704B

.rsrc Size: 105KB - Virtual size: 105KB

.text
Size: 22KB - Virtual size: 22KB

.emnar
Size: 512B - Virtual size: 126B

.fire
Size: 1KB - Virtual size: 123KB

.data
Size: 2KB - Virtual size: 1KB

.imper
Size: 6KB - Virtual size: 5KB

.wchar
Size: 1024B - Virtual size: 738B

.wdata
Size: 1024B - Virtual size: 704B

.rsrc
Size: 105KB - Virtual size: 105KB