08dc98997182c0a711d330e21a628347_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

08dc98997182c0a711d330e21a628347_JaffaCakes118
Size

225KB
MD5

08dc98997182c0a711d330e21a628347
SHA1

bd45ea2e93de3fbd000cf14ae1046e858fab6b1f
SHA256

4b0b680243fcc56b94d78175e7dcfee3f58699ae7523375aad22b014509c772b
SHA512

d311cd02c024e764c47fa03719589b91c1d148e1cde32f4f7e06553b5327cefc1fa3a0c1a374ae8047a8c16a394f9de249e7cad0f318d6b1be3c4ad48842de93
SSDEEP

6144:xMvzll+XDaiQONbk7OoxoToeM7UMZOpeD9kYFHI:Ezv+XqON4TCTlM7UMZSe2g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08dc98997182c0a711d330e21a628347_JaffaCakes118

Files

08dc98997182c0a711d330e21a628347_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0b79247a031a0ae33129bac3ffdaa599

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\oavydBYrv\sydEzvreXeePwV\BwtYZPBdquwkpo.pdb

Imports

comdlg32

FindTextW
GetSaveFileNameA
PageSetupDlgW
ChooseFontW
PrintDlgExW
GetFileTitleW

msvcrt

clock
_controlfp
isalpha
__set_app_type
fseek
wcstod
mbtowc
__p__fmode
__p__commode
free
atoi
setlocale
_amsg_exit
fwrite
islower
strncmp
wcscspn
_initterm
_acmdln
perror
realloc
bsearch
wcschr
putc
strerror
strchr
strcpy
atol
exit
gmtime
fputs
wcsncpy
_ismbblead
_XcptFilter
floor
_exit
_cexit
strspn
__setusermatherr
__getmainargs
strrchr
fclose
wcspbrk
toupper
system

gdi32

TextOutA
OffsetViewportOrgEx
CombineRgn
GetTextExtentPoint32A
ScaleWindowExtEx
BitBlt
OffsetRgn
SetPixel
SetDIBColorTable
CreateFontW
MoveToEx
LineDDA
SetTextAlign
BeginPath
CreatePatternBrush
GetTextExtentPoint32W
RectInRegion
CreatePolygonRgn
CreateDIBitmap
GetDIBColorTable
CreateDiscardableBitmap
GetNearestColor
WidenPath
GetROP2
UnrealizeObject
DeleteDC
GetBkMode
LPtoDP
EnumFontFamiliesExW
GetNearestPaletteIndex
Rectangle
EndDoc
EnumFontFamiliesW
CreateRectRgnIndirect
GetTextMetricsA
RectVisible
ResizePalette
SetDIBitsToDevice
Polyline
ExcludeClipRect
CreateEllipticRgnIndirect
GetCharWidth32W
GetCurrentObject
SetStretchBltMode
RestoreDC
ExtTextOutA
PolyBezier

user32

ToUnicodeEx
DialogBoxParamW
CharUpperBuffW
AdjustWindowRectEx
GetKeyboardLayoutList
TranslateAcceleratorA
GetAsyncKeyState
GetNextDlgGroupItem
DrawFocusRect
CharPrevW
CharNextExA
DestroyMenu
CheckDlgButton
SetWindowPlacement
LookupIconIdFromDirectory
ModifyMenuW
CopyRect
GetWindowPlacement
CallWindowProcW
IsDialogMessageW
GetWindowTextW
TranslateMessage
SetSysColors
ScrollWindowEx
SetParent
GetDCEx
GetMenuState
GetClassLongW
DrawEdge
ClientToScreen
DrawTextA
IsCharAlphaNumericW
FindWindowExW
AllowSetForegroundWindow
MapDialogRect
GetClassInfoW
AttachThreadInput
GetScrollInfo
OpenInputDesktop
GetMessageW
IsWindowUnicode
ChangeMenuW
IsCharUpperA
OffsetRect
RegisterClassExW
CharUpperW
HideCaret
RegisterWindowMessageA
CheckMenuItem
CharLowerA
CheckRadioButton
MapVirtualKeyA
DrawAnimatedRects
GetNextDlgTabItem
GetParent
DestroyWindow
VkKeyScanW
MonitorFromRect
SetWindowTextA
WaitForInputIdle
ShowCaret
LoadCursorA
UpdateWindow
GetMenuItemRect
LoadIconW
LoadIconA
SetScrollRange
GetClassInfoExA
PeekMessageW
CharToOemW
DrawStateW
GetMenuItemInfoW
IsDialogMessageA
ShowScrollBar
RegisterClassA
RemoveMenu
MessageBoxExW
LoadAcceleratorsA
GetKeyNameTextW
CreateDialogParamW
EnumChildWindows
SendMessageW
IsWindowVisible
BeginDeferWindowPos
DrawStateA
DestroyCaret
CharUpperBuffA
ReplyMessage
PostThreadMessageA
GetWindow
CharUpperA
AppendMenuW
GetKeyboardType
GetSysColorBrush
ShowWindow
LoadImageA
CreateDialogIndirectParamW
wvsprintfW
DefFrameProcW
GetPropW
GetWindowDC
DrawTextW
InsertMenuW
EnableWindow
GetScrollPos
TabbedTextOutW
SetScrollPos
TranslateAcceleratorW
IsRectEmpty
EndTask
GetUserObjectInformationW
DragObject

kernel32

CreateFileMappingW
WinExec
ReleaseSemaphore
GetOEMCP
SetCurrentDirectoryA
lstrlenW
LocalSize
VirtualFree
SetFileTime
SetThreadAffinityMask
LoadLibraryA
DuplicateHandle
WideCharToMultiByte
SetEvent
GlobalReAlloc
EnumResourceTypesA
GetVersion
GetHandleInformation
GetCurrentProcess
FlushFileBuffers
SetMailslotInfo
GetNumberFormatA
FindResourceExA
VirtualProtect
CreateFileA
CreateFileMappingA
LockFile
SetSystemTimeAdjustment
GetFileAttributesW
AreFileApisANSI
SetThreadExecutionState
GetExitCodeProcess
CreateWaitableTimerA
lstrcmpiA
SetCommState
GetLocaleInfoW
lstrcatA
lstrcpyW
SystemTimeToFileTime
FindResourceW
GetDateFormatA
TransactNamedPipe
GetSystemTimeAsFileTime
ReleaseMutex
GetModuleHandleA
IsBadCodePtr
VirtualAlloc
GetSystemWindowsDirectoryA
GlobalFindAtomW
GetUserDefaultUILanguage
OpenFileMappingW
GetACP
GetCommProperties

Exports

Exports

?CloseDeviceExA@@YGEDJH&U
?FindSystemOld@@YGNDG&U
?GenerateSectionExA@@YGXJFPAJPAH&U
?RemoveSystemA@@YGMIKE&U
?DecrementPathOriginal@@YGPAKHPAH&U
?GetThreadEx@@YGGPA_NPAH&U
?FormatEventNew@@YGPA_NE&U
?LoadFolderPathEx@@YGPAHDM&U
?KillMonitorA@@YGIGPAD&U
?CrtFilePath@@YGMF&U
?LoadHeaderExA@@YGPAHPANJGK&U
?GenerateValueA@@YGGPAIJI&U
?KillListOld@@YGPAGHIDH&U
?InvalidateFilePathEx@@YGPAXG&U
?GenerateFullNameEx@@YGXD&U
?InstallFolder@@YGMPAHD&U
?CopyMessageW@@YGPAJE&U
?IsStringEx@@YGPAFPAD&U
?FreeObjectOld@@YGEE&U
?GenerateFolderPathOld@@YGIPAKJ&U
?FreeHeaderEx@@YGENPAG&U
?KillSystemW@@YGNFG&U
?CrtMonitor@@YGGPAH&U
?SetFileEx@@YGPAGJMFF&U
?IsOptionOriginal@@YGMGPADF&U
?KillWindowInfoNew@@YGEKEHPAM&U
?KillMonitor@@YGGH&U
?SendNameOriginal@@YGMIHPAFG&U
?IsSemaphore@@YGJPADJPAFD&U
?ShowMonitorOriginal@@YGEPAFKMI&U
?SetTimerEx@@YG_NGPAKJ&U
?IsScreenA@@YGPAHEPAJ&U
?FreeDateTimeOriginal@@YGK_NJGJ&U
?ModifyExpressionExA@@YGXDPAKPAEI&U
?SetRect@@YGJKPAH&U
?CallProviderOriginal@@YGIKJMF&U

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imp
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.exp
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.byte1
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.byte0
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b79247a031a0ae33129bac3ffdaa599

Headers

File Characteristics

PDB Paths

Imports

comdlg32

msvcrt

gdi32

user32

kernel32

Exports

Exports

Sections

.text Size: 87KB - Virtual size: 87KB

.imp Size: 1KB - Virtual size: 1KB

.exp Size: 1KB - Virtual size: 1KB

.byte1 Size: 512B - Virtual size: 32B

.code Size: 512B - Virtual size: 32B

.byte0 Size: 512B - Virtual size: 44B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 55KB

.rsrc Size: 110KB - Virtual size: 110KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 87KB - Virtual size: 87KB

.imp
Size: 1KB - Virtual size: 1KB

.exp
Size: 1KB - Virtual size: 1KB

.byte1
Size: 512B - Virtual size: 32B

.code
Size: 512B - Virtual size: 32B

.byte0
Size: 512B - Virtual size: 44B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 55KB

.rsrc
Size: 110KB - Virtual size: 110KB

.reloc
Size: 2KB - Virtual size: 1KB