071a9245c7c936863a362ee0d5e49231_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

071a9245c7c936863a362ee0d5e49231_JaffaCakes118
Size

197KB
MD5

071a9245c7c936863a362ee0d5e49231
SHA1

ef07bba5e7f74735e158634867f5733dc678496e
SHA256

e825fabc8deba46c6f3c10125e5e3639ea745634d58ab2e13c47edc959a0ec25
SHA512

a10a166e26dcfaa329a525ef85e38e90223089562279fc5fc9d12bb94908ec3571a595493af39b92c428c9125ce23c499ffa77cc3be0e95ac5944ae773dd5d61
SSDEEP

6144:pAhwebTqRlbFNTkkPn6u1YZcsW7bMHXn:pAhvbeRVn6u1j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
071a9245c7c936863a362ee0d5e49231_JaffaCakes118

Files

071a9245c7c936863a362ee0d5e49231_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7f2dfd69a75eafaf34c64899cc1c2114

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\iuvuIffmpovr\nqriRYue\EezSEucLangTv\ycwhvAogrlpdyt\qnbdqkl.pdb

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
wcstok
__p__commode
_amsg_exit
wcslen
towlower
_initterm
_acmdln
wcspbrk
getenv
atoi
exit
fputs
clearerr
_ismbblead
wcscat
_XcptFilter
_exit
_cexit
wcsncpy
__setusermatherr
sprintf
__getmainargs
isxdigit

comdlg32

GetOpenFileNameA
PageSetupDlgW

shlwapi

StrToIntExA
StrCatBuffA

kernel32

GetCommProperties
LoadLibraryW
GetTimeFormatA
lstrlenA
GlobalFindAtomW
SetNamedPipeHandleState
GetFullPathNameW
GetModuleHandleA
SetHandleCount
EnumResourceLanguagesA
EnumSystemLocalesA
SetThreadLocale
FindResourceA
GetSystemTimeAsFileTime
LCMapStringW
FindFirstFileW
CreateFileMappingW
CancelIo
lstrcpyW
ResumeThread

user32

DrawAnimatedRects
MapDialogRect
IsDialogMessageA
SetTimer
MessageBoxExA
SetLastErrorEx
SetWindowTextA
PostThreadMessageW
DrawStateW
GetNextDlgTabItem
CharUpperA
GetClassInfoW
GetLastActivePopup
EqualRect
HideCaret
CreateCursor
CharToOemA
DrawIconEx
GetForegroundWindow
SendMessageA
wsprintfW
CharLowerA
RegisterClassExA
GetWindowPlacement
LoadCursorW
SwitchToThisWindow
IsWindowEnabled
SetSysColors
InflateRect
GetClassInfoExA
ChildWindowFromPointEx
SendMessageTimeoutW
LoadStringA
GetKeyboardLayoutList
ExitWindowsEx
GetMonitorInfoW
DrawStateA
TranslateAcceleratorA
SetDlgItemTextW
IntersectRect
InSendMessage

gdi32

GetBitmapBits
CreateCompatibleBitmap
PtVisible
CreateRectRgnIndirect
SetViewportExtEx
AddFontResourceW
SetDIBitsToDevice
GetFontData
CreatePolygonRgn
BitBlt
RemoveFontResourceW
RectInRegion
GetObjectA
ScaleWindowExtEx
SelectPalette
TranslateCharsetInfo
DPtoLP

comctl32

PropertySheetW
ImageList_AddMasked
InitCommonControlsEx
ImageList_Write
ImageList_Destroy

Exports

Exports

?RtlMutexEx@@YGXFHIPAM~U
?KillProjectOriginal@@YGMFFKJ~U
?ValidateWindowNew@@YGPAHIHPAK~U
?ExecuteLoaderTrayXBwyGD@@YGKGHE@Z

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticx
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kip
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticy
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.heap
Size: - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f2dfd69a75eafaf34c64899cc1c2114

Headers

File Characteristics

PDB Paths

Imports

msvcrt

comdlg32

shlwapi

kernel32

user32

gdi32

comctl32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.ticx Size: 3KB - Virtual size: 2KB

.kip Size: 512B - Virtual size: 512B

.ticy Size: 512B - Virtual size: 364B

.zdata Size: 512B - Virtual size: 256B

.data Size: 2KB - Virtual size: 2KB

.heap Size: - Virtual size: 355KB

.rsrc Size: 166KB - Virtual size: 165KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.ticx
Size: 3KB - Virtual size: 2KB

.kip
Size: 512B - Virtual size: 512B

.ticy
Size: 512B - Virtual size: 364B

.zdata
Size: 512B - Virtual size: 256B

.data
Size: 2KB - Virtual size: 2KB

.heap
Size: - Virtual size: 355KB

.rsrc
Size: 166KB - Virtual size: 165KB

.reloc
Size: 2KB - Virtual size: 1KB