08b207390f52e45f321899bfb346b868_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

08b207390f52e45f321899bfb346b868_JaffaCakes118
Size

225KB
MD5

08b207390f52e45f321899bfb346b868
SHA1

88298ad8882ec28d875a2bd5b76778741d9d1231
SHA256

ffb159b86fa4220702793e32dbb9874a964a3ff63d975380d760712d66d75556
SHA512

ff8628bd4e985f680578cc7be99fefd216936dba6d79203760f173accca6f73e0193db8a7b3fa53a1cb06eb008280b60592ca9c47c5e0a15c6266370279379d0
SSDEEP

3072:ZYh/WWcgufqoiIpDC5wLmuLTDfk7Onugf017FRhAeiyF1Tj86gSFRFU3YJq:ZYxW5gufbTM2aK3k7ONf0pFzAI1kIBC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08b207390f52e45f321899bfb346b868_JaffaCakes118

Files

08b207390f52e45f321899bfb346b868_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bbb1ece46f6618f1a23f9034d5eaeaa4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\mIgPldv\horckfezv\KomRgIfsZtaOul.pdb

Imports

msvcrt

strspn
atoi
perror
fflush
_controlfp
mbtowc
__set_app_type
wcscspn
__p__fmode
__p__commode
system
_amsg_exit
iswctype
vsprintf
strncmp
printf
atol
_initterm
strstr
ungetc
wcscmp
realloc
strtol
_acmdln
iswspace
exit
localtime
putc
wcsstr
swscanf
fread
clock
_ismbblead
strtok
free
_XcptFilter
wcstol
wcscat
_exit
wcstoul
_cexit
__setusermatherr
wcstombs
fclose
fgetc
__getmainargs

comctl32

ImageList_GetImageCount
ImageList_ReplaceIcon
CreateStatusWindowW
PropertySheetA
ImageList_AddMasked
CreatePropertySheetPageW

kernel32

LCMapStringA
GetProcAddress
MulDiv
InitializeCriticalSection
GetSystemTimeAdjustment
GetUserDefaultUILanguage
HeapCreate
GetCurrentProcess
GetCommProperties
lstrcmpiW
RaiseException
SystemTimeToFileTime
OpenFile
GetTempFileNameA
GetTempPathA
DeleteFileA
SetMailslotInfo
GetComputerNameExA
ConvertDefaultLocale
TransactNamedPipe
EnumResourceNamesW
FreeResource
GetCompressedFileSizeW
GetFileInformationByHandle
IsDBCSLeadByteEx
SetHandleCount
GetSystemDefaultLangID
IsDBCSLeadByte
FileTimeToLocalFileTime
SuspendThread
GetVersion
SetHandleInformation
GetBinaryTypeA
ClearCommBreak
GetShortPathNameA
LocalAlloc
LocalLock
OpenFileMappingA
GlobalGetAtomNameA
GetOverlappedResult
lstrcatW
MapViewOfFile
GetTimeZoneInformation
AddAtomA
GetFileAttributesA
GetExitCodeProcess
GetFullPathNameW
VirtualFree
lstrlenW
GetFileAttributesExW
GetStdHandle
WinExec

user32

TrackPopupMenu
CharToOemBuffA
IsWindowEnabled
PostQuitMessage
GetWindow
DestroyAcceleratorTable
GetKeyNameTextW
OemToCharA
MoveWindow
GetNextDlgGroupItem
LockWindowUpdate
GetNextDlgTabItem
MonitorFromRect
EnableScrollBar
SendInput
TrackPopupMenuEx
AttachThreadInput
CharLowerA
IsZoomed
DrawStateA
AllowSetForegroundWindow
ClipCursor
TranslateAcceleratorA
CharPrevA
InSendMessageEx
GetMenuItemCount
CreateIconFromResource
MapWindowPoints
mouse_event
GetMonitorInfoW
InvalidateRgn
VkKeyScanW
GetDlgCtrlID
SetDlgItemInt
RegisterClassExA
GetDlgItem
SetScrollRange
EqualRect
GetActiveWindow
UpdateWindow
MessageBoxExA
wsprintfW
PostMessageW
CreateDialogParamA
SetFocus
RegisterHotKey
GetScrollInfo
IsRectEmpty
SetWindowPos
SetWindowPlacement
DefWindowProcW
IntersectRect
DrawAnimatedRects
DrawEdge
CreateCursor
RemoveMenu
CopyImage
FindWindowW
GetShellWindow
GetDialogBaseUnits
TabbedTextOutW
PeekMessageA
wsprintfA
DrawMenuBar
GetClientRect
GetAsyncKeyState
ShowOwnedPopups
WindowFromPoint
LoadMenuA
ToUnicodeEx
ChildWindowFromPointEx
InternalGetWindowText
EndDialog
IsIconic
CharUpperBuffW
IsMenu
MessageBoxW
CopyRect
keybd_event
DefDlgProcW
SwapMouseButton
FillRect
InvalidateRect
EndPaint
SetWindowLongW
CharToOemA
GetMenuItemRect
AdjustWindowRect
GetKeyboardLayoutList
SetUserObjectInformationW
KillTimer
InsertMenuA
CreateIconIndirect
GetKeyboardLayoutNameW
RemovePropW
GetMessageTime
LoadImageA
OemToCharBuffA
ScrollWindowEx
GetUpdateRect
BringWindowToTop
GetTopWindow
ShowCursor
SetCaretPos
GetClassInfoExW
GetClipCursor
DefDlgProcA

gdi32

CreateCompatibleBitmap
SetAbortProc
SaveDC
SetWindowOrgEx
EndPage
GetPaletteEntries
CreateFontIndirectA
CreateEllipticRgnIndirect
StartDocW
GetNearestColor
SetRectRgn
Escape
OffsetViewportOrgEx
BeginPath
EnumFontsW
GetTextMetricsA
GetTextExtentExPointW
SetPixel
SetPaletteEntries
SetStretchBltMode
RectVisible
IntersectClipRect
GetTextFaceW
GetFontData
StartPage
GetTextColor
CreateFontIndirectW
CreateBrushIndirect
GetTextCharsetInfo
SetBkColor
CreateRectRgn
GetTextExtentPointA
WidenPath
RoundRect
EndPath
GetObjectA
GetCurrentObject
OffsetRgn
SetDIBits
ScaleViewportExtEx
SetMapMode
LineDDA
Ellipse
ExtTextOutA

comdlg32

GetFileTitleW
PrintDlgW
ChooseColorW
FindTextW

Exports

Exports

?CallClassNew@@YGPAJM&U
?ModifyVersion@@YGPAX_NFPAMPAE&U
?FreeListItemExW@@YGPAIE&U
?CallPointOriginal@@YGPAXIPAKM&U
?CommandLine@@YGDHE&U
?GetConfig@@YGPAIPAH&U
?IsMessageEx@@YGDPAKPANPADPAI&U
?ConfigA@@YGME&U
?IsValidVersionOriginal@@YGHDPAIH_N&U
?KillMemoryExW@@YGPAGGKJD&U
?FileOriginal@@YGPAMIGG&U
?AddTextEx@@YGPAHPADMPAHG&U
?CrtListItemExW@@YGFFKHK&U
?KillNameOriginal@@YGXGFPAI&U
?IsTask@@YGPAXPAE&U
?FormatAppNameA@@YGJKKPAKM&U
?FindFunctionExW@@YGH_NHH&U
?PutDateExA@@YGXEPAE&U
?IsValidCommandLineNew@@YGXGMJ&U
?ProcessExA@@YGKPAF&U
?EnumFullNameA@@YGPAXPAE&U
?RtlComponentEx@@YGJIKPAG&U
?ShowFileOld@@YGXJPAEHH&U
?IsProcessW@@YGIH&U
?CloseComponentExA@@YGGHPAGF&U
?FormatHeight@@YGPAMPA_NG&U
?PutDialogEx@@YGNHPADFPAK&U
?ModifyFullNameA@@YGDPAGJIN&U
?PutVersionNew@@YGFPAM&U
?HideString@@YGMPAE_NG&U
?CloseHeightExW@@YGIPAE&U
?SetMutantA@@YGJIG&U
?DeleteFolderOriginal@@YGKPADIPAJPAH&U
?InvalidateProjectEx@@YG_NHKPAMPAJ&U

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imp
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.exp
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.byte1
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.byte0
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbb1ece46f6618f1a23f9034d5eaeaa4

Headers

File Characteristics

PDB Paths

Imports

msvcrt

comctl32

kernel32

user32

gdi32

comdlg32

Exports

Exports

Sections

.text Size: 94KB - Virtual size: 93KB

.imp Size: 1KB - Virtual size: 1KB

.exp Size: 1KB - Virtual size: 1KB

.byte1 Size: 512B - Virtual size: 32B

.code Size: 512B - Virtual size: 32B

.byte0 Size: 512B - Virtual size: 44B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 48KB

.rsrc Size: 104KB - Virtual size: 103KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 94KB - Virtual size: 93KB

.imp
Size: 1KB - Virtual size: 1KB

.exp
Size: 1KB - Virtual size: 1KB

.byte1
Size: 512B - Virtual size: 32B

.code
Size: 512B - Virtual size: 32B

.byte0
Size: 512B - Virtual size: 44B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 48KB

.rsrc
Size: 104KB - Virtual size: 103KB

.reloc
Size: 2KB - Virtual size: 2KB