084f078c90a72b547d5ddf03a395c73d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

084f078c90a72b547d5ddf03a395c73d_JaffaCakes118
Size

149KB
MD5

084f078c90a72b547d5ddf03a395c73d
SHA1

c13b4aac7b239f2821b88b25a8050f777c51ea5e
SHA256

af370ed54fd48692a728c1ed0cdb6b044f4e22e0f5ccdfad890e31a8184f3a85
SHA512

f61f3480f5e1a24f3f9c8ec678a2c832732e97b2c685a01a3800937d6ee5fa5eb7fd23e9560ac848bcc023e01be8c2af66d9c8ffd6d03b12749e6e687c19c03c
SSDEEP

3072:cLFx9xR8zMoJC0qb9hl5J1TDqR6Nf8Z9s0/N8:OFxTmC0qLqM8Hs0V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
084f078c90a72b547d5ddf03a395c73d_JaffaCakes118

Files

084f078c90a72b547d5ddf03a395c73d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

25df8d0a1e5e72f58bb04060ec850420

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\geotcaBtgFmZ\fhTigchzk\xsbhvisFfd\njraxjd.pdb

Imports

comctl32

CreateStatusWindowW
ImageList_GetImageCount
PropertySheetA
InitCommonControlsEx
DestroyPropertySheetPage
ImageList_Destroy

user32

GetWindowTextLengthW
GetWindow
SetSysColors
SetScrollInfo
AdjustWindowRectEx
DeleteMenu
LoadCursorA
MapWindowPoints
GetPropW
CreateAcceleratorTableW
CallWindowProcW
SetCursorPos
GetMessagePos
ArrangeIconicWindows
GetScrollRange
SetDlgItemInt
GetWindowRect
LoadBitmapW
MapVirtualKeyW
AdjustWindowRect
RegisterClassExA
wsprintfW
keybd_event
OemToCharA
GetKeyboardLayoutList
IsCharAlphaW
ShowScrollBar
CreateDialogParamA
AppendMenuW
GetClassInfoW
CopyRect
LoadAcceleratorsW
CloseDesktop
InsertMenuW
SetRect
WaitForInputIdle
OffsetRect
SendNotifyMessageW
CheckMenuRadioItem
GetMonitorInfoW
LoadStringW
SendMessageTimeoutA
SetActiveWindow
CharUpperBuffA
IntersectRect
LoadIconA
RemoveMenu
VkKeyScanW
IsCharLowerA
HiliteMenuItem
ShowWindowAsync
GetDC
IsChild
InflateRect
SystemParametersInfoW
DrawFocusRect
GetUserObjectInformationW
SetWindowLongW
CascadeWindows
GetMenuStringW
InSendMessage
CheckRadioButton
GetTopWindow
ActivateKeyboardLayout
wvsprintfA
GetMessageA
DestroyCursor
GetKeyboardType
SetClassLongW
LoadStringA
InvalidateRgn
CreateCursor
RemovePropW
IsWindow
IsWindowUnicode
IsRectEmpty
GetClassNameW
MapDialogRect
FindWindowW
GetDCEx
EnumWindows
DrawMenuBar
GetWindowLongA
GetMessageW
CharNextExA
SetWindowPos
SetCaretPos
InternalGetWindowText
CreateMenu
EnableWindow
GetWindowTextW
GetForegroundWindow
mouse_event
GetWindowDC
CharPrevA
IsWindowVisible
CharToOemW
DeferWindowPos
RedrawWindow
LoadCursorW
MessageBoxA
EndPaint
AppendMenuA
CheckDlgButton
GetParent
CopyImage
DestroyAcceleratorTable
CreateCaret
IsCharUpperA
GetClientRect
IsDlgButtonChecked
UpdateWindow
FindWindowA
ReplyMessage
DrawStateW
EndDialog
CharLowerA

kernel32

GetLocalTime
InitializeCriticalSection
HeapAlloc
CancelIo
SetThreadLocale
CreateSemaphoreA
DisconnectNamedPipe
GetSystemDirectoryA
WinExec
MoveFileW
LoadLibraryA
GetStartupInfoA
GetThreadContext
GetDateFormatA
GetWindowsDirectoryW
SetHandleCount
ClearCommError
GetCommandLineA
CompareFileTime
FindClose
GetFileAttributesExA
GetFileInformationByHandle
GlobalHandle
CreateFileMappingA
SystemTimeToFileTime
GetHandleInformation
FindFirstFileW
lstrcpyA
lstrcpynA
SetFileAttributesW
GetComputerNameExA
OpenEventW
GetWindowsDirectoryA
GetTempFileNameA
SetTimerQueueTimer
GetTempPathA
UnmapViewOfFile
GetCommModemStatus
IsDBCSLeadByte
GetFileSize
GetStringTypeExW
SuspendThread
GetACP
GlobalCompact
LeaveCriticalSection
LocalReAlloc
lstrlenW
GetProcAddress
OpenFile
GetModuleFileNameW
OpenSemaphoreW

msvcrt

fprintf
fputs
mbtowc
realloc
fgetc
strstr
_controlfp
__set_app_type
rand
exit
isalnum
__p__fmode
iswctype
__p__commode
_amsg_exit
wcstoul
wcscoll
gets
floor
clock
putchar
strtok
_initterm
strrchr
fseek
_ismbblead
_XcptFilter
wcsncpy
_exit
towupper
wcscat
_cexit
wcstok
vsprintf
islower
wcsstr
__setusermatherr
ftell
setvbuf
clearerr
atoi
atol
calloc
strncmp
__getmainargs
tolower
iswalpha

comdlg32

GetOpenFileNameA
CommDlgExtendedError
FindTextW
GetOpenFileNameW
ChooseFontW
GetFileTitleW

Exports

Exports

?GetShiftAltInfo@@YGK_KHE:O

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erts
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wall
Size: 1024B - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.info
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25df8d0a1e5e72f58bb04060ec850420

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

msvcrt

comdlg32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.init Size: 6KB - Virtual size: 5KB

.erts Size: 512B - Virtual size: 86B

.wall Size: 1024B - Virtual size: 126KB

.info Size: 1024B - Virtual size: 704B

.data Size: 3KB - Virtual size: 2KB

.udata Size: 115KB - Virtual size: 115KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.init
Size: 6KB - Virtual size: 5KB

.erts
Size: 512B - Virtual size: 86B

.wall
Size: 1024B - Virtual size: 126KB

.info
Size: 1024B - Virtual size: 704B

.data
Size: 3KB - Virtual size: 2KB

.udata
Size: 115KB - Virtual size: 115KB

.reloc
Size: 1KB - Virtual size: 1KB